We're managing over 1,000 computers and users, a mix of remote and on-site, and we're looking to implement a Single Sign-On (SSO) solution to tackle issues like password reuse and frequent password resets. We've explored options like MiniOrange and ManageEngine because they have a lot of integrations. Before we dive into evaluations, are there any specific quirks or things we should be aware of? Also, if you're implementing an SSO solution, what integrations do you think are the most important?
6 Answers
Be clear about your requirements upfront—budget, resources, and your support needs. Each SSO solution has its focus—some prioritize security, while others might lean towards integration ease. Having a solid plan will help you avoid potential pitfalls.
It really depends on whether you're dealing with on-premises or SaaS applications. For Windows environments, Active Directory or Entra works well. But if you're adopting multiple cloud services, Okta is a good choice. Just keep in mind, beyond just password management, establishing solid password policies and self-service options is essential for an effective SSO setup.
Have you considered what system currently manages your identities? If you're using Entra, it has SSO capabilities built right in. I find it easy to manage since a lot of third-party services integrate smoothly with it. You won't have any servers to deal with, and it's secure. Plus, even if I have to step away, my coworkers can handle things without a hitch. It offers way more than just SSO.
I agree! It seems silly to spend money on another SSO when Entra does the job, though sometimes people try to overcomplicate by syncing it with a third-party tool.
Okta is a solid choice if you need to automate things heavily in the future. Just weigh your options based on your specific use cases.
If your environment is heavily reliant on Microsoft, I'd recommend sticking with Entra, especially if you're in the M365 space. Otherwise, consider Okta if you have a broader range of users who might not all be on Entra. Okta is flashier and offers more options but keep in mind it can be more costly.
Exactly! I've used both and Entra is ultimately the go-to for Microsoft environments.
Entra has great features for password management, including checking password leaks and enabling write-back functionality. Plus, it's already included in what you're paying for if you're in the Microsoft ecosystem, which is a significant advantage. Okta is also good, but it's on the pricier side.
But remember, there have been outages—twice in October alone—so it's not infallible.