Re: I beg to differ ;)
Yes, FIM requires "some help". I have, in fact, worked with it. It's a bitch the first time you do it. Not so much the second time. It is absolutely one of those things where your everyday sysadmin isn't going to make it work, but a capable expert can.
What's more important is that FIM is not required for Azure AD to work. It is used mostly to tie in third-party non-cloud applications.
The problem with all the other identity services out there is that they lack support. Some have sen uptake here and there, but it's nowhere near as universal as Active Directory. Microsoft is seeing explosive growth of AAD, and the latest version really does address (most of) the problems that the previous iterations had.
Also, if you're going to come on here and attempt to wave around Gartner as some indication of what's going on in the world, I will call you a fool. Gartner is an indication of what everyone was doing eighteen months ago. It has no bearing on what's going on today, unless you are hyper-conservative in your product selection.
Azure AD is, for all intents and purposes, newly minted as a viable product. Despite this, it is seeing massive uptake, especially from enterprises. This is because it is as close to a push-button extension of their own on-premises AD setups as possible. It is about eleventy billion times easier to use than FIM and it's predecessor - AD itself - is so widely distributed that it is the de facto standard for corporate identity across the planet.
Nobody - not even Centrify - can seriously challenge Microsoft here.
Now if you want to dispute the above, you go right ahead. But the instant you attempt to say things like I'm somehow writing what Microsoft wants me to write you're proving yourself to be nothing more than someone with an axe to grind (or a product to sell?)
My posting history on this site - as a commenter and an author - will prove that there is no love lost between myself and Microsoft. I am one of Microsoft's loudest and most vocal critics. I have managed to get myself put on the "do not communicate with under any circumstances" list at Microsoft.
To put it bluntly, Microsoft and I are emphatically not friends.
You won't catch me using Azure Active Directory. Not because the technology is bad, but because it's limited (at the moment) to the American Public Cloud. I'm no NSA sock puppet, and I won't hand my customers over to them.
But that quirk of mine doesn't extend to the whole rest of the world. Globally, while there is a great deal of resistance to adoption of the American Public Cloud, there is also a great deal of acceptance. We're split, and those that are doing the embracing are funneling hundreds of billions every year into it. That's more than enough for Microsoft to establish dominance and force us to use it through sheer inevitability.
The hell of it is...it's a good product. Azure Active Directory as it exists today is actually worth a look, from a purely technical standpoint. If it existed for regional service providers without any tie back to Big Mamma Azure's NSA cloud, I'd be all over it like white on rice for every network I run.
So, hey, hate all you want, mate. But you'll still end up being wrong. Microsoft have this one in the bag. I'm not happy about that, but they do.