I'm the only sysadmin for a small company with about 15 employees, and I've been asked to consider moving away from EntraID to explore self-hosted open-source identity solutions like Keycloak, Authentik, or Zitadel. Our company policy leans towards using open-source software hosted on third-party cloud services, which I actually appreciate. However, we heavily rely on Microsoft products like Office, Teams, and SharePoint, and currently, we utilize EntraID's Single Sign-On (SSO) as much as we can. Some alternatives to EntraID offer interesting features such as reverse proxy integration and SSH/Unix account management, but these aren't crucial for our size. I'm beginning to doubt the wisdom of abandoning EntraID given our dependency on Microsoft tools. Should I advise my boss to stick with Microsoft instead?
5 Answers
Let's be honest—if you're already dependent on Microsoft, ditching EntraID is a hassle waiting to happen. You’ll have to manage everything yourself, and self-hosting isn't always the breeze it sounds like. You're better off maximizing the tools you're already using.
If you're still relying on Microsoft Office 365 and similar tools, moving away from EntraID doesn't seem worth it. EntraID is pretty well-supported and offers a lot for free as part of your Microsoft subscription. Switching to another IAM would only complicate your setup and add maintenance burdens for you as the sole sysadmin. Why add stress when what you have is already working well?
Right! It doesn't make sense to disrupt the workflow just for the sake of using open source. Your plate is full enough.
If your workplace isn't needing extra security measures beyond what Microsoft offers, keeping EntraID is simpler and more efficient. Moving to a self-hosted solution means additional responsibilities like updating servers and managing security. With just one sysadmin, that sounds daunting. Maybe there's a middle ground where you can explore integrations without a total switch?
Exactly! Plus, someone's gotta handle support issues when they arise. It might just be way too much work.
I completely agree—unless there’s a compelling reason to switch, it’s probably best to stay with what you have.
As much as I love open-source tools, if you're in the Microsoft ecosystem with Windows and O365, switching now could lead to more issues. It's often easier and cheaper to stay the course. If this were a fresh setup, going for an open-source solution might have worked, but since you guys are already embedded in Microsoft's environment, why rock the boat?
Exactly, it's like trying to replace your reliable car with a project car—just unnecessary hassle.
Yes! I'd focus on maintaining what works, especially for such a small team.
If your users are using Microsoft tools, staying with EntraID would save time and resources. You can still explore open source in a controlled, gradual manner rather than jumping ship. There's also potential for integration without full migration, like federating Authentik with EntraID for specific needs.
This sounds like a smart strategy! Keeping the door open for possibilities while maintaining stability.
Good point! You could keep things balanced while exploring options without a full switch.
Totally agree! The support and resources provided by EntraID would be tough to match if you switch.