Skip to main content
TrustRadius
Microsoft Entra ID

Microsoft Entra ID
Formerly Microsoft Azure Active Directory

Overview

What is Microsoft Entra ID?

Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and…

Read more
Recent Reviews
Read all reviews

How Microsoft Entra ID Differs From Its Competitors

Deployment

At the company I work at now, our identity is managed exclusively in the cloud. We have all user management and VMs hosted through Microsoft, not internally. We utilize the full Microsoft cloud suite for SSO, user management, and VM deployment.
Continue reading

Multi-App Security

Yes, we utilize Entra ID to secure non-Microsoft applications. This is done by eliminating additional password requirements for the end users and having them use Microsoft's SSO system which reduces password forgetting and additional weak passwords for vendors that may not have as strict password …
Continue reading

End User Experience

During the deployment of Entra ID we noticed that end users are much more receptive to the application SSO portal than originally thought. They enjoy portal that allows usage of all relevant applications with one username and password. Productivity has been up for IT staff and end users as …
Continue reading

Deployment

We have both an onsite server running the cloud provisioning agent and cloud identities. Our onsite server syncs with the Entra ID to provide single sign on for Microsoft services. This allows us to use a single password for signing in to on premise resources as well as cloud resources such as …
Continue reading

End User Experience

There have been some changes since they moved from Azure AD. There are inconsistencies in the interface from what we were originally familiar with in Azure AD. Microsoft has changed the location of several items and we have been overall disappointed with the transition and functionality of Entra …
Continue reading

Deployment

We currently have both on-prem identities that are synced to the cloud as well as cloud-only identities. We have local AD and also use a local Identity Management system.
Continue reading

Multi-App Security

Yes. Using SAML for SSO, we've tried to bring as many apps as we can onto the platform for IDP. Leaves me as admin with fewer places I have to go to add or remove users as they come and go. Most places have been fairly easy to set up and connect, documentation is mostly good, and product …
Continue reading

End User Experience

Easier to change user passwords, was a hassle when we had only physical servers and they could only change a password if connected to the VPN. Multifactor authentication is native and doesn't require any 3rd party apps to run. Can centrally deploy and manage software on user devices, making …
Continue reading

Deployment

We have a hybrid environment to support some legacy enterprise applications. Our goal is to move 100% to azure as soon as possible, once the legacy apps are replaced.

We have all of our user identities and some security groups synced to the cloud from an "on-prem" (azure VM) domain controller. …
Continue reading

Multi-App Security

We use AzureAD/Microsoft Entra ID SSO for every app and service which supports Azure or SAML. Security is top of mind for our board and a goal of mine has been to do away with multiple credentials for our users.
We have too many connected SaaS apps to list but a few are Salesforce, ADP, Concur, …
Continue reading

End User Experience

Since enabling Microsoft Entra ID with passwordless phone sign-on and PIN or biometric for endpoints, users now forget their passwords often. Not a big deal since they can change it using self service password reset but something to keep in mind.

For my purposes this is part of our logon design. …
Continue reading

Deployment

We used to use it on-prem but migrated to the cloud 7 years ago and it was absolutely worth it. For a short time were a hybrid environment but I don’t recommend that. The migration was a bit challenging but I expect that to be better now. In my opinion, using a good partner to help with the …
Continue reading

Multi-App Security

We use Microsoft Entra ID to secure access to a few third party systems/apps using SSO. The user experience is very good but the setup process can be a challenge. It’s a little tedious and depending on how good the third party documentation and support is will make a huge difference.
Egencia, …
Continue reading

End User Experience

Our staff and users have become far more secure and confident using our system. We have had far fewer issues with access problems and password issues. Setting up MFA for users could be a bit better but given what it does the process is well worth the slight hassle it is for users the one time they …
Continue reading

Deployment

We are still using a local Active Directory domain for on-prem logins(we haven't moved to Entra-joined for that just yet) and Entra for cloud identity management. Entra also ties into our Microsoft 365 license so that users can access Microsoft 365 apps. Entra is a great identity provider, and we …
Continue reading

End User Experience

The end-user experience seems to be much better than before. We now have a true single sign-on environment where the end-user always knows what to expect. Previously some of our web apps would use just a username/password as a login and some would be a full email/password login. The logins could …
Continue reading

Deployment

We use Active Directory for our underlying identity and integrate Entra ID into that. We have on-prem data centers as well as public cloud configurations using these technologies to underpin our identity.
Continue reading

Multi-App Security

We use Entra ID as our primary means of integrating our identity with many products, both legacy on-prem as well as other cloud SaaS solutions. This allows SSO and Multifactor abilities to monitor and protect.
Cloud products like Workday and Salesforce work well with Entra ID as well as on-prem …
Continue reading

Deployment

We have identities both on Prem and as well as on cloud. Now we are moving all the identities to cloud as this saves us a lot of cost and manpower to manage the tenant.
We are moving all the resources in a phased manner to avoid any issues. The deployment is pretty easy as we have support from …
Continue reading

Deployment

We have a hybrid deployment. We have been migrating everything we can to the cloud, but are not completely off prem yet. Some of our holdups are shared mailboxes and SharePoint migrations.
Continue reading

Multi-App Security

We do use Microsoft Entra ID to secure various applications when possible. This is our preferred setup.
We have a few software vendors that allow us to setup SSO with SAML for authentication into their applications. We also have some internal applications (manage engine being one) that also use …
Continue reading

End User Experience

The user experience has been great. There were a few growing pains during the implementation, but now everyone enjoys using it and the benefits overshadow the initial headaches.
Continue reading

Deployment

We are a holdings company that has approximately 30 companies under our umbrella. Some of our companies are using an on-prem (hybrid) domain and some are cloud-only. The intent is to move all of our companies to cloud-only in the near future, but in the meantime Entra provides us the flexibility …
Continue reading

Multi-App Security

Yes, we currently have implemented Meraki sign-ins into Entra ID. This enables us to leverage security groups to grant access to the administration portal for the Meraki devices. This application shows up when a user logs into their M365 dashboard (after the app has been assigned to them). They …
Continue reading

End User Experience

As with any change that gets implemented, end users will typically have an adjustment period. I believe that inherently people don't like change, so adoption of new products/processes can cause confusion or frustrations. Overall, we had some initial grumblings about changes to the sign-in process, …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Multi-Factor Authentication (85)
    9.1
    91%
  • ID Management Single-Sign On (SSO) (85)
    9.0
    90%
  • ID-Management Access Control (84)
    8.8
    88%
  • Password Management (81)
    8.2
    82%

Reviewer Pros & Cons

View all pros & cons
Verified User
General Manager in Information Technology
Automotive Company, 1001-5000 employees
Verified User
Consultant in Information Technology
Information Technology & Services Company, 51-200 employees
Return to navigation

Pricing

View all pricing

Premium P1

$6.00

Cloud
per user/per month

Premium P2

$9.00

Cloud
per user/per month

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.microsoft.com/en…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

AD FS to Microsoft Entra | How to migrate cloud apps

YouTube

Microsoft Entra ID Beginner's Tutorial (Azure Active Directory)

YouTube

Introducing Microsoft Entra

YouTube
Return to navigation

Features

Identity Management

Identity management software manages information about the identity of software users and controls access to corporate resources

8.6
Avg 8.1
Return to navigation

Product Details

What is Microsoft Entra ID?

Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

Microsoft Entra ID safeguards organizations with a cloud identity and access management solution that connects employees, customers, and partners to their apps, devices, and data. Features include:

  • Secure adaptive access: Protects access to resources and data using strong authentication and risk-based adaptive access policies without compromising user experience.
  • Seamless user experiences: Provides an easy sign-in experience across a multicloud environment to keep users productive, reduce time managing passwords, and increase productivity.
  • Unified identity management: Manages identities and access to all applications in a central location, whether they’re in the cloud or on-premises, to improve visibility and control.


What is Microsoft Entra ID?
What is Conditional Access in Microsoft Entra ID?
What is Microsoft Entra ID Protection?


Microsoft Entra ID Features

Identity Management Features

  • Supported: ID-Management Access Control
  • Supported: ID Management Single-Sign On (SSO)
  • Supported: Multi-Factor Authentication
  • Supported: Password Management
  • Supported: Account Provisioning and De-provisioning
  • Supported: ID Management Workflow Automation
  • Supported: ID Risk Management

Microsoft Entra ID Video

Authentication fundamentals: The basics | Azure Active Directory

Microsoft Entra ID Competitors

Microsoft Entra ID Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Microsoft Entra ID Downloadables

Frequently Asked Questions

Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

JumpCloud are common alternatives for Microsoft Entra ID.

Reviewers rate Multi-Factor Authentication highest, with a score of 9.1.

The most common users of Microsoft Entra ID are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(376)

Attribute Ratings

Reviews

(1-25 of 31)
Companies can't remove reviews or game the system. Here's why
December 04, 2023

Microsoft Entra ID for business

Verified User
Consultant in Information Technology
Computer Networking Company, 11-50 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Microsoft Entra ID (formerly Azure) is a great product that we utilize for deploying VMs, integrating SSO within applications, managing users, groups, and inboxes, and more. While the online software is not always intuitive for administrators to use (the UI changes frequently) and the name change caused a great amount of confusion, the product is solid, mature, and most of all does the job in all the categories mentioned above.
Pros and Cons
  • User and group management
  • VM management and deployment
  • SSO integration app store
  • UI development
  • Communication regarding name change
Likelihood to Recommend
Microsoft Entra ID is well suited for most organizations who want a cloud based AD solution that allows administrators to manage users, spin up VMs, and integrate their internal applications with SSO. The software may not be well suited for businesses that use other softwares to do any of the tasks mentioned above, as they may not get their full money's worth.
November 17, 2023

Entra ID review

JS
Joseph Shaffer
Operations Manager
4TS Computers (Information Technology & Services, 1-10 employees)
Score 3 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Microsoft Entra for Hybrid cloud functionality. Our local domain syncs with Microsoft services for email and applications
Pros and Cons
  • Syncing accounts
  • Provisioning account
  • Providing a hybrid envionment
  • The interface could be better.
  • Reporting is not very reliable and leaves off important information
  • Consistency is lacking as Microsoft has changed Azure and Entra multiple times.
Likelihood to Recommend
It functions for hybrid environments in syncing to Microsoft 365 for email, onedrive, etc but we have a good amount of issues since they have moved over from Azure and it seems different components are constantly changing and require a fair amount of work to keep everything up to date.
October 20, 2023

General review of Azure Entra ID during ongoing cloud adoption

Verified User
Engineer in Information Technology
Retail Company, 10,001+ employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Microsoft Entra ID to provide authentication & authorization to our end users for all cloud solutions that are used within the company. It provides easy single sign-on capabilities to a lot of enterprise applications.
Pros and Cons
  • Authentication & Authorization
  • Integration with cloud solutions
  • Useful security standards around password complexity, etc...
  • Fairly expensive
  • Limited reporting
Likelihood to Recommend
Microsoft Entra ID provides easy management for users & groups in the cloud. We still use local Active Directory and are slowly integrating more and more with the cloud.
Currently we mainly integrate cloud solutions/applications with Microsoft Entra ID, while keeping our locally developped apps integrated with on-prem solutions.
September 26, 2023

Entra ID a simple overview

John Robinson | TrustRadius Reviewer
John Robinson
Network Administrator
Children's Defense Fund (Non-profit Organization Management, 51-200 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Probably the best known tool for Active Directory management. Integrates with just about any other online software that needs an ID provider (as it's so well known). Not always the easiest to set up or use at times, but the support documentation is good and online community is very large. Useful for managing security, and identity of staff and guest users to our systems.
Pros and Cons
  • User management
  • Role Management
  • Multi factor authentication
  • They could stop changing things so often, hard to find things if you don't use them frequently.
  • Occasional outages are annoying, and the alerts not terribly helpful sometimes. they tell you when something is down, but don't always notify when its back up.
  • Things are deprecated fairly often, so don't get too invested in one way of doing things, you may have to change how things work in the future.
Likelihood to Recommend
Good if you're all in on the Microsoft online environment, MS365 or using Azure services. Integrates very well with those.
Not so much if you're just using it as an IDP for other services. It does try to take over somethings (like MX and DNS records) that you may want to keep having managed/hosted at 3rd parties.
September 23, 2023

Microsoft Entra ID for security and user comfort

Mike Paron | TrustRadius Reviewer
Mike Paron
Manager, Business Applications and Support
AVIXA (Non-profit Organization Management, 51-200 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We have been using Microsoft 365 (formerly Office 365) for more than five years. We have used Microsoft 365 Identity Protection (now known as Microsoft Entra ID) for three years.

In my org we use Microsoft Entra ID for security and ease of access for our users. First, we deployed self-service password reset to all of our users, which required they enter some additional information like personal contact info. This required some training on our part to let everyone know what was happening. Then, multi factor authentication and the Microsoft Authenticator provide protection. Once we had deployed MFA and had 100% adoption, we introduced phone sign-on so users did not need to use passwords when signing in.

We have also implemented conditional access to require MFA for all apps, and to block access if certain thresholds are met for failed sign-ins or unusual activity.
Pros and Cons
  • Identity security
  • Ease of access
  • User risk management
  • Conditional access
  • Changes are not often clearly communicated unless you know where to look and have the correct email subscriptions.
  • High learning curve.
Likelihood to Recommend
If an organization is using Microsoft 365 and has the IDP license, there is no reason not to use Microsoft Entra ID. If your org uses 365 and does not have the IDP license, I recommend upgrading your licenses if your budget allows.
September 21, 2023

Amazing identity management and security

Verified User
Director in Information Technology
Think Tanks Company, 51-200 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We need to manage many discreet groups of people and their access to systems and licensing base on multiple criteria. We have staff who are various kinds of employees as well as volunteers. In addition to our staff/volunteers we also have associates that are involved but do not need the full spectrum of Microsoft 365 services. Additionally we have an intranet and hundreds of teams that need access permissions based on identity. A tool like Microsoft Entra ID is essential to managing this successfully.
Pros and Cons
  • Assign users into groups dynamically based on user profile details.
  • Secure authentication using easy app based MFA.
  • User authentication intelligence that identifies unusual behavior and flags of blocks suspicious login attempts.
  • Manage permissions for sensitive internal resources like the internet or project teams.
  • Automatically assign licenses based on user properties or group membership
  • Nesting of group membership does not allow email to be delivered to group members.
  • User profile properties are somewhat rigid, creating custom attributes could be much easier and more functional.
  • There are so many features navigation is somewhat challenging to remember if you are not a daily user.
Likelihood to Recommend
If you have many users and need to separate them into groups with access that changes based on their role or status, I think dynamic groups handles this brilliantly.

Creating a secure environment where identify and access are highly secure and authenticated is very easy to manage and user.

It also allows for various levels of administrative access. You can give certain people access to user administration without having to give them access to other administrative functions.

In my experience, there really isn’t a size or scope of company that could not benefit from Microsoft Entra ID.
September 20, 2023

Excellent cloud identity provider!

BD
Brandon Dieterich
Systems And Network Administrator
Southwestern University (Education Management, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We have migrated all of our systems to Entra ID for SSO. It provides a single point of sign-on for users while also providing multifactor authentication for security. Users are now able to reset their own passwords(previously, they would have to call the help desk), and we have better insight into where users are signing in from and also which accounts are being attacked by unknown third parties.
Pros and Cons
  • Single Sign On.
  • Security (Multifactor authentication).
  • User management.
  • The Entra ID interface has numerous options. It is sometimes easy to get lost looking for something.
  • The recent name change from Azure has confused some of our users, thinking they were logging into the wrong portal. This generated numerous calls to our help desk.
  • MS will change the locations of things inside their interface at will. Sometimes, they notify you beforehand, and others do not.
Likelihood to Recommend
Entra ID is well-suited for medium to large environments that are already users of Microsoft products. From that aspect, it's fairly simple to get set up and start using. I feel it's less useful to smaller businesses or businesses that are not already using MS products. Entra seems like it would be overkill for a small company of 20-30 users or those that don't have the budget for Entra. SSO can be done for cheaper via other identity management softwares.
September 13, 2023

Microsoft Entra ID Review

Verified User
Supervisor in Information Technology
Information Technology & Services Company, 5001-10,000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Incident response, vulnerability management, as in configuration assessment, hardening and threat hunting.
Pros and Cons
  • Logging when there's enough storage. So recent logging, there's good conditional access policies. And I mean SSO MFAs pretty decent, so good I guess particularly well. And then on the SSO side, integration with apps and whatnot out there on the web does it very well. Obviously it's Microsoft
  • There's a lot of stuff that's kind of cobbled together. It's hard to find dashboards, it's hard to find configuration settings because they're not always in the same spot or they're renamed, the look and feel of reports, analysis tools, configurations can vary wildly from area to area. So there's a lot of cohesion that needs to be done for it to really be better.
Likelihood to Recommend
So obviously being Microsoft, the integrations are great. So if we're deploying a new app using Microsoft's authentication or even integrating that into some of the stuff we already have to just better control the identity flow is great. I like that. Can't really beat that for Microsoft areas where it could be better. And we touched on that before, but it's a lot of the hack together, bits of the UI configurations, there's a lot of stuff that's easy to miss. For instance, something as simple as in Azure AD or Entra ID, setting up security defaults for the tenant isn't kind of a weird place. It's in a different place and it also doesn't tell you what it does. So it's in a different place than per-user access. Totally different place than conditional access. So got to bring those all together.
September 12, 2023

Microsoft Entra ID is a great identity solution.

Verified User
Administrator in Information Technology
Computer Software Company, 5001-10,000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I help administer the identity use cases for Microsoft Entra ID. We use it as our primary identity in a hybrid configuration with our on-prem Active Directory. This also provides the base for our Office 365 products.
Pros and Cons
  • Foundation for O365.
  • Mechanism for modern authentication (SSO, SAML, OAuth, OIDC).
  • Feature-rich with controls like Conditional Access to enforce MFA and other access restrictions to company applications.
  • I would like to see more low-code automation options.
  • Default options need to be set more restrictive to prevent accidentally relaxed security settings.
  • I would like to see more streamlined configuration pages. Many similar or related settings are scattered across different pages.
Likelihood to Recommend
If you are using Active Directory as your primary identity and want a way to enhance it for modern or cloud identity scenarios then this is a great product to interface to that. Also if you are interested in Office 365 products it becomes the most obvious choice since it is very integrated. If you are not interested in O365, then paying for the additional licensing to get all of the Entra ID features may not make as much sense for you.
August 31, 2023

Microsoft Entra ID Review

Verified User
Team Lead in Information Technology
Biotechnology Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Microsoft Entra ID to manage Users, groups and resources in our organisation. We have been using Azure AD for a longer time and now because of the name change its Microsoft Entra ID. The Microsoft Entra ID is a great way to manage all your resources in a particular tenant. This is easily accessible from any device using 2 FA
Pros and Cons
  • Managing Users
  • Managing groups
  • Setting up multi factor Authentication
  • Setting up B2B cross tenant
  • None
Likelihood to Recommend
Microsoft Entra ID is very useful when you have to manage a huge resources consisting of Users, groups etc Microsoft Entra ID is useful in setting up cross tenant collaboration with other tenants. Using Microsoft Entra ID managing Users is easier thn before as the Entra ID can be linked with ILM as well for User management
August 30, 2023

One identity (aka Microsoft Entra ID)

Verified User
Manager in Information Technology
Health, Wellness and Fitness Company, 10,001+ employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Microsoft Entra ID for our users when accessing company applications and services and it allows seamless SSO authentication. We've also incorporated authentication with several Software as a Service (SaaS) applications, providing a centralized approach to identity management. We have also implemented multi-factor authentication using Microsoft Entra ID.
Pros and Cons
  • Multi-factor authentication integration
  • Active Directory federation services works very well with on-prem AD
  • Integrated very well with other Microsoft tools (Office 365, Outlook, SharePoint, etc.)
  • Organization of the homepage/portal seems to change a lot
  • Security reporting could be setup to be more intuitive
  • The application proxy setup can be easier to setup and understand
Likelihood to Recommend
Setting up MFA has been one of the best things we implemented throughout our organization, and it used with numerous applications.
We also use the federation services a tremendous amount to synchronize with our on-prem environment.

Some of the application proxy setups don't work very well with some of our internal applications and information to help troubleshoot is difficult to find.
August 30, 2023

Azure Active Directory = Microsoft Entra ID

Verified User
Analyst in Information Technology
Information Technology and Services Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We currently use Microsoft Entra ID (Azure Active Directory) for several of our companies, some are hybrid and some are Entra only. Entra provides us with a trusted and proven directory solution that works well with our other suites (such as M365) since they are all Microsoft products. With Entra, we have the flexibility to support our existing configurations (on-prem AD) while also providing support for our newest configurations (Cloud-only).
Pros and Cons
  • Microsoft Entra integrates and functions very well with other applications/tools since it was developed by Microsoft.
  • Entra provides us the abilities to implement conditional access policies to require additional verifications (or lack thereof if needed) before granting access to a resource.
  • The ability to implement passwordless logins via Windows Hello or Authenticator sign-ins is extremely useful as companies transition to Zero Trust
  • Sometimes navigation in Entra ID can be challenging because (due to all the features) options are often buried deep in the site. This can slow up technicians until they get familiar with exactly what section they need to navigate to in order to perform a specific function/task.
  • To further expand on the above statement, Microsoft has a history of moving and/or renaming functions and products so it can be a challenge to find features at times.
  • Due to the sheer amount of features that Entra ID offers, it has a very steep learning curve to fully understand everything it can do....and how to use/configure each function.
Likelihood to Recommend
If you are working with any Windows-based hardware, Microsoft Entra ID is almost a must-have for the management of your end users. It provides a well-organized and powerful directory and access control solution. Unless you have an extremely small organization with fewer than 10-15 users, Entra ID is a no-brainer when it comes to managing user accounts and access. It is one of the most widely used platforms and builds on years (decades) of lessons learned on what works and what doesn't.
January 11, 2023

Microsoft Azure Active Directory

Verified User
Engineer in Information Technology
Construction Company, 501-1000 employees
Score 8 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
Microsoft Azure Active Directory is used to control access to our apps and app resources. Management of Microsoft licenses (Office, OS, ..), setup of MFA authentication and a lot more
Pros and Cons
  • SSO integration
  • Device management
  • User management
  • MFA setup
  • Affordable security plans
Likelihood to Recommend
Microsoft Azure Active Directory is well suited for cloud applications with SSO functionality, devicemanagement, license management, user & group management. Microsoft Azure Active Directory not well suited for on premise use.
May 01, 2022

A review from a user who was using Microsoft Active directory from 2003.

Verified User
Consultant in Information Technology
Computer & Network Security Company, 11-50 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
An active directory is like the number one must-have software that any organization should have if they are using windows based operating system. With windows operating system, Azure active directory is "the" go to software that any organization should invest in. Azure active directory comes from their original on premise active directory software so the program has years of experience on the field. I started using windows active directory back in 2003 and when azure active directory service came on it was a no brainer decision to migrate from on-premise solution to cloud. The product primarily address user authentication, file sharing, Document management (Share point) Office tools access like MS suite etc. We cannot work without an active directory in this day and age where hybrid and remote work is the preferred solution. The software also tightly integrates with almost all business ERP solutions like SAP, Oracle MS Sql etc. So you don’t need to maintain a third party tool for access control to these software’s. They also work with your exchange services so that it makes our onboarding of new users a breeze.
Pros and Cons
  • integrates with third-party authentication tools like OKTA and ping. This brings MFA functionality to your organization. The integration is quite simple to do.
  • This can be used to control access to your networking devices like your on-premise routers and switches if needed.
  • The access control policies are very vast. So you can set each department in your organization to each access control policy and their access to resources will be controlled.
  • Documentation - Microsoft really needs to work on their documentation when it comes to doing more complicated tasks like working with API. The official documentation often gets us confused as to how to do certain tasks. We sometimes ended up spending hours trying to figure out how certain tasks are completed.
  • No jammed down version - This is the go-to tool if you are invested in a lot of cloud-based solutions and if you have a lot of resources that need authentication. But for smaller organizations, Microsoft needs to bring packages with smaller features for SMBs with lower rates so that SMBs can come on board.
Likelihood to Recommend
If you are opening a shop and you need software to get the ball rolling compared to Google. Microsoft is the go-to vendor in my opinion. You can get your active directory services, mail, and collaboration tools like teams and offices from one vendor. Anyone with minimal knowledge of IT can actually configure all of these services to get you up to speed. The product is very versatile so in the future if you would like to have cloud servers and services this product have you covered. As your organization grows you can easily integrate the best MFA solutions with Azure AD to keep your organization safe. This is not the product that you should invest in if your organization does not have that many windows devices. For instance, if your company owns Macs other than products like MS Office, Share Point, etc you don't need to get Azure active directory.
April 28, 2022

Microsoft Azure Active Directory

Verified User
Executive in Information Technology
Non-profit Organization Management Company, 10,001+ employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Microsoft Azure Active Directory is the key component of our identity, authentication, and authorization strategy. It is fully integrated with our HR platform for onboarding and separation and enables Single-sign-on, muti-factor-authentication, and a host of other basic and advanced identity-related services. Using all that Microsoft has to offer in this space simplifies our environment and makes additional third-party products specifically targeting identity management unnecessary.
Pros and Cons
  • Basic user management with full metadata
  • Single Sign On
  • Multi factor authentication
  • Some of the most desirable advanced features are seemingly only available in bundles
  • licensing is confusing
  • The speed of evolution has made this a good suite of services, but it is exhausting to keep up with the rate of change.
Likelihood to Recommend
Any organization with a Windows or Office footprint should at least consider Microsoft Azure Active Directory as the source of truth for user information, and the key component of their identity strategy. For organizations less reliant on Microsoft there may be better alternatives.
November 11, 2021

The simplicity of management using Microsoft Azure Active Directory

YA
Yvette Ardoin
NOC
CPSB (Education Management, 1001-5000 employees)
Score 8 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We purchased the Office 365 A5 suite about three years ago. We use Microsoft Azure Active Directory across our entire district for 30,000+ users. This is what we use to help manage our users.
Pros and Cons
  • We departmentalize our users by schools
  • We departmentatize our users by departments
  • We use this to keep up with what rights we allow specific users
  • We have been active directory users for many years and do appreciate the ease of functionality
  • We use FinPlus as our financial system to manage our employees but we have to manually move employees in AD
Likelihood to Recommend
Giving or taking away rights by user is very easy to do through Microsoft Azure Active Directory, especially when a specific user needs access to something they would not normally need. Access is very easy to give and take away through AD. It can be clunky sometimes when working with groups in these same scenarios.
August 16, 2021

Medium Maturity product that needs to evolve

Verified User
Director in Information Technology
Semiconductors Company, 10,001+ employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Across the whole organization - globally in US, Asia and Europe
Pros and Cons
  • SSO authentication for multiple applications
  • Data access policies
  • Built in replication and redundancy across Domain Controllers
  • MFA capabilities can be further improved
  • License costs are high
  • Implementation time is long with limited integrator expertise available
  • Support from Microsoft technical team
Likelihood to Recommend
SSO Authentication and Access rights management - Enterprises with a predominant MS Landscape should invest in MS Active Directory. Others have to be cautious as many tools available in the market that are stronger. Adaptive authentication is an improvement area. Organizations requiring strong MFA capabilities should be cautious and consider further exploring the platform before committing or investing.
A self-service portal for end-users is an important improvement. An enterprise that requires self-service capabilities to be cautious
July 21, 2021

Microsoft Azure Active Directory Review

OC
Oliver Cabrejo
Computer and Information Systems Manager
Norbec (Construction, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Our Microsoft Azure Active Directory helps us manage all of our users including their metadata. It is used across all of our organization, helping us manage and maintain our departments employees and machines. Essentially, we use it as a central management tool that connects all our software and tools with our users and machines database.
Pros and Cons
  • Managing users
  • Managing machines
  • Security groups
  • Customization (user defined fields)
  • A better UI
  • Better online integration
Likelihood to Recommend
I can’t find any other tools that could replace Microsoft Azure Active Directory in my organization. They
way AD is built, it’s simple and allows us to accomplish what we need in a very simple and efficient way.
Managing users and machines are simply way easier with Microsoft Azure Active Directory.
July 15, 2021

Works well if you're already committed to Microsoft

Gordon Lo | TrustRadius Reviewer
Gordon Lo
Digital Solutions Architect
Dynacare (Hospital & Health Care, 1001-5000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
[Microsoft] Azure Active Directory is currently used to replicate our on premise Active Directory. We use this across the organization to enable single sign-on to other Microsoft services including office 365, and our home grown web applications.
Pros and Cons
  • Easy management of groups and user assignments
  • Integration with web applications using oauth
  • Easily extends existing on premise AD
  • The UI can be cumbersome to use - bulk edits for instance are best handled using powershell.
  • Documentation can be hard to find when integrating AD into web apps
  • Some settings in AD can be confusing with no obvious explanation - for instance, setting up custom scopes for an application is confusing.
Likelihood to Recommend
Microsoft Azure Active Directory is the gold standard for user management in the industry. It's one of the things that Microsoft does very well as far as adding a fully featured user management capability into one place. It supports oauth for web applications and is easily integrated into custom .net web apps. It also easily manages all the users and hooks directly into other Microsoft services.
May 08, 2021

Easily manage enterprise applications with Azure AD

Verified User
Engineer in Engineering
Information Services Company, 501-1000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Azure Active Directory is being used across the entire organization. Azure AD allows us to manage access/permissions for various applications, resources, etc.
Pros and Cons
  • UI - The user interface for configuring items within Azure AD is great.
  • CLI - Interacting with the Azure CLI for Azure AD is the same great well documented experience as other interactions with the Azure CLI. Functionality is solid, documentation is great to explain different use cases with the CLI, and overall the ease of use is fantastic.
  • Configuration Documentation: There's evidently been changes to Azure AD improving the platform but in making these changes it's incredibly difficult to find solid step by step instructions to implement Azure AD for given SaaS apps for example. This isn't necessarily Microsoft's fault, as documentation drift happens everywhere, but even within Microsoft's own documentation there are discrepancies. It makes setting up AAD on an application potentially more difficult than it needs to be.
  • Multi Account Difficulties: If you have multiple accounts tied to AAD (like a school account and a work account for example) it's incredibly difficult to sign in on both. Heaven help you if you forget to open a private browsing tab to sign in to the different account. You'll spend a non-zero amount of time trying to sign back in to your other account.
Likelihood to Recommend
The entire experience of using a full suite of Azure products has been a great one. Everything is well integrated. CLI access is feature full and often times well documented. Additionally, leveraging azure in other areas means pretty seamless integration experiences across the board. Overall, very pleased with the AAD experience.
May 07, 2021

Tight integration, simple management and a feature-rich experience is what AzureAD promises and delivers

Verified User
Manager in Information Technology
Information Technology & Services Company, 201-500 employees
Score 10 out of 10
Vetted Review
ResellerIncentivized
Use Cases and Deployment Scope
We are service provider and an ISV, we build and customize software and deliver IT Solutions to our customers, we needed an identity and access management solution that is widely compatible with our application infrastructure as well as allows us to integrate content across tenants, we also wanted a unified and simplified IAM experience for our internal users, our customers and contractors.

AzureAD was definately the optimial option, it allowed us to unify our IT administration experience through tightly integrated capabilities, and simplified synchronization of objects from On-Premises Active Directory, additionally, most of our online services for internal users are on Microsoft 365, in such scenarios, AzureAD is absolutly the best choice for our organization.

It scaled nicely as the company grows, and offers RBAC, Conditional Access and Privileged Identity Management, it also supports most of the common authentication scenarios and protocols that we require in our business, we are very much satisfied with how AzureAD works and it is definately a reliable and flexible IAM solution.
Pros and Cons
  • Conditional Access in AzureAD is great and works very well
  • Integration with Intune, Microsoft 365 and other Microsoft Cloud Services is unmatching
  • Simple user management from the Portal
  • Sign-ins behavioral monitoring and user risk detection is a top security need
  • Many features are added every now and then and its relatively easy to enable them organization-wide
  • The Multi-Factor Authentication Portal still uses the old Azure Interface that is over 7 years old, it's exceedingly difficult to manage MFA enablement for substantial number of users
  • Some limitations in the portal such as user retrieval is limited, making selecting multiple objects difficult
  • The AzureAD Sync client is particularly useful but requires advanced technical skills to troubleshoot if anything goes wrong
  • Certain security features which I believe are considered essential are only part of the Premium 2 license, such as Risk Detection and Investigation, Microsoft should try to make Plans more tailored into other features (For example limit on objects, app registration, branding, and make security features an essential part of any AzureAD Plan.
Likelihood to Recommend
AzureAD is a very reliable and quick to setup service, If you have:
  1. Active Directory as your on-premises domain service
  2. Plan to use a cloud-based productivity service such as Microsoft 365
  3. Have any Azure-resources
  4. Use Microsoft Teams
  5. Need to have a familiar interface with familiar tools and extensive documentation
  6. Want to reduce the number of IAM Solutions you are using
Then AzureAD is definately your choice, it supports all the above and is very flexible and relatively simple to get up to speed quickly

However, if you plan to use cloud services from other providers such as Google, then you might consider other options or preferrably use Google Cloud Directory for that matter, AzureAD is tailored for businesses who have capitialized many of their IT Investments in the Microsoft Ecosystem and therefore, serves them the most.
April 30, 2021

Microsoft Azure AD integration with Business Central

Ron van Elteren | TrustRadius Reviewer
Ron van Elteren
Technical Consultant
Schouw Informatisering / Aptean (Computer Software, 1001-5000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Our organization uses Azure AD for verification across all platforms. But not only that, I also implement ERP software based on Microsoft Dynamics 365 Business Central and integrate it with Azure AD for customers. The Azure administrator of the customers create an app registration, which I then use in Business Central for integration. That way the users of our customers can use their Office 365 credentials to access Business Central. For the app registration to work well, I have to work with the customers system administrator. The app registration has to be set up thoroughly for it to work well with Business Central.
Pros and Cons
  • The integration with other Microsoft products
  • Multi-factor authentication
  • Conditional access
  • Simplify complexity - Azure AD is rich of features, but that also makes it very complex
  • Management
Likelihood to Recommend
Microsoft's Azure Active Directory works flawless with other Microsoft products, which of course is logical. Because I work the most with Microsoft's 365 Business Central, I really like the way BC integrates with Azure AD for verification of the BC users. For users it is also convenient, as they only have to remember 1 set of credentials.
April 16, 2021

Azure AD Review for Medium Enterprise

Verified User
Project Manager in Product Management
Biotechnology Company, 201-500 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Azure Active Directory is being used in conjunction with our SharePoint 360 environment to manage users from multiple functional areas of our company. We use it store user information as well as their access levels. Any changes to the settings in Azure Active Directory reflects the user's permission levels across multiple platforms on our network.
Pros and Cons
  • Enhanced our end-user experience.
  • Secure access for users.
  • Integration with other Microsoft products.
  • Users require some training.
  • The UI can be more intuitive.
  • The UI can use modern layout.
Likelihood to Recommend
Our company is extremely satisfied with using Azure Active Directory to store and give multiple access levels to all users by the use of Active Directory. We love that since it's a Microsoft product, it can be easily integrated with other Microsoft products like SharePoint without the use of 3rd party connectors for integration. We have an enterprise account with Microsoft, so the price point for hundreds of AD users is also low.
April 07, 2021

You will be hard pressed to find a better cloud identity provider than Microsoft Azure Active Directory

CR
Caleb Reinhardt
CIO (Chief Information Officer)
Calloway Co School District (Primary/Secondary Education, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use M365 within our school district, and as such, Microsoft Azure Active Directory is our cloud identity provider for all our user accounts (faculty, staff, and students). Ultimately, we are a hybrid Microsoft Azure Active Directory environment, with an on-prem Active Directory that syncs to local objects to Azure. This synchronization helps address the need for cloud-based access to resources that would otherwise be unavailable if we were solely working from an on-prem Microsoft Azure Active Directory environment. We have considered moving all our users and devices to being 100% cloud based; however, the current Microsoft Azure Active Directory infrastructure we are a part of (multi-domain forest) is not currently suited to support that transition at this time.
Pros and Cons
  • Conditional Access -- this is one of the biggest tools that any admin needs when it comes to securing when, where, and how users are accessing information. Especially if the information contains sensitive data types.
  • Multi-factor Authentication -- we have all our employees configured for MFA. This is incredibly easy to configure with Azure, as well as defining when MFA should be used through Conditional Access.
  • Audit Logs -- being able to track and identify a user's activity is pretty critical, especially when in incident response mode.
  • Complexity --Microsoft Azure Active Directory isn't exactly for the faint of heart.
  • Management -- some bulk management tasks need to be run through PowerShell...if you don't know PowerShell (and you should) then this could be problematic.
  • Needs assessment -- the licensing structure for Azure AD might be difficult to understand given the breadth of features available. For example, Azure Active Directory P1 will differ from Azure Active Directory P2, but what does that mean and is it applicable to your organization? Is it necessary to have P2 over P1 to accomplish your business goals?
Likelihood to Recommend
I think that Microsoft Azure Active Directory is going to be applicable to any organization that needs a cloud identity solution and they have more than a handful of employees and users. Licensing could be problematic to figure out, and bundling the Microsoft Azure Active Directory license with an M365 subscription is probably the route to take. However, I would not recommend this product to an organization with an IT administrator who is not strong technically. In this case, it might be better managed by an MSP.

The reality is that Microsoft Azure Active Directory is one part of a suite of products and it is sometimes hard to look at it without understanding how it interacts with the other tools in the suite. If we take this into consideration, then Microsoft Azure Active Directory is the backbone for providing a cloud-based user identity and security solution that will be applicable under any circumstance.
March 24, 2021

Microsoft Azure Active Directory is a sure solution

HARDIK CHUDASAMA | TrustRadius Reviewer
HARDIK CHUDASAMA
Software Developer
Tata Consultancy Services (Health, Wellness and Fitness, 10,001+ employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We are working with a health care client to handle their CRM software in the cloud. Our company is using Microsoft Azure Active Directory for the database workload and also for their third-party API with client data transitions (so it is being used by only the Database management department for now).

We are using Microsoft Azure Active Directory for basic operations:
  • Single sign-on, enabling access to apps from anywhere
  • Conditional access and multi-factor authentication to help protect and govern access over the users
  • Integrating identities with other apps and authenticating for the work system
Pros and Cons
  • Single identity platform to engage with internal and external users more securely
  • Identity governance can free up IT resources by automating periodic supervisory reviews
  • Integrates seamlessly with third-party MFA and MDM providers
  • User interface can be improved; can be more user friendly
  • It is not flexible or customizable for specific needs. It only manages Microsoft accounts in the same domain.
  • Lower intrinsic value for customers not already invested in other Microsoft cloud services
Likelihood to Recommend
Microsoft has always kept the Azure Active Directory at the front side of their identity management suite. It makes the most sense to use Microsoft Azure Active Directory if you are already a Microsoft Azure customer.

Some specific scenarios where Microsoft Azure AD will be well suited are
  • If your organization has users who are geographically dispersed and you want to implement a centralized security and access system for them.
  • If the client or organization is heavily invested in Microsoft eco-system for other needs, Microsoft Azure Active Directory is the way to go
Scenarios where Azure Active Directory is less appropriate are
  • If the organization is not invested in the Microsoft ecosystem.
  • If you want an intuitive implementation process.
  • If you have fewer than 50 users.
Return to navigation