• Home
  • Microsoft Entra ID vs. One Identity Active Roles

Microsoft Entra ID vs One Identity Active Roles comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Entra ID

Read 190 Microsoft Entra ID reviews
16,301 views|11,657 comparisons
94% willing to recommend
One Identity Logo

One Identity Active Roles

Read 17 One Identity Active Roles reviews
1,783 views|742 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Microsoft Entra ID vs. One Identity Active Roles
March 2020
Executive Summary

We performed a comparison between Microsoft Entra ID and One Identity Active Roles based on real PeerSpot user reviews.

Find out in this report how the two Single Sign-On (SSO) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Entra ID vs. One Identity Active Roles Report (Updated: March 2020).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
Dumebi Chukwuemeka
Provides a single pane of glass, improves our security posture, and saves us time
Microsoft Entra ID offers a single pane of glass for managing user access. This unified interface provides essential notifications and guidance if... Read more →
SameerPalav
Enables zero trust security with hybrid AD find delegation and role-based access control
The solution enables us to create a user in the cloud and give them access to resources through a single workflow which is important to all our... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Azure Active Directory provides us with identity-based authentication, which secures access at the user level and also integrates with conditional access policies and multi-factor authentication helping to increase the identity security for that person. So, the hacking and leaking of passwords is a secondary problem because you will not authenticate a person with one factor. There is a second factor of authentication available to increase the security premise for your company.""Being able to easily authenticate yourself on the MSA app is valuable. It is easy to use. Rather than receiving a code in an SMS, you can just verify that it is you. You don't have to punch in any password or any six-digit code. That's the feature that I like the most.""Privileged Identity Management and Privileged Identity Management make controlling access considerably easier and ensure that authorized access is achieved.""We can centralize and manage everything much more effectively with this tool.""The most valuable feature of Azure AD is its ability to connect with services outside of Microsoft, although documentation is necessary to properly implement these connections.""The most beneficial feature would be the effectiveness of having a hybrid set-up.""Azure Active Directory provides access to resources in a very secure manner. We can detect which user is logging in to access resources on the cloud. It gives us a comprehensive audit trace in terms of from where a user signed in and whether a sign-in is a risky sign-in or a normal sign-in. So, there is a lot of security around the access to resources, which helps us in realizing that a particular sign-in is not a normal sign-in. If a sign-in is not normal, Azure Active Directory automatically blocks it for us and sends us an email, and unless we allow that user, he or she won't be able to log in. So, the User Identity Protection feature is the most liked feature for me in Azure Active Directory.""The solution allows users to authenticate from home, and the Office 360 integration is advantageous."

More Microsoft Entra ID Pros →

"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see.""Having a tool to manage all changes to AD from a single pane of glass is awesome.""The solution is stable.""In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well.""It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool.""It gives us attribute-level control and the AD management features work very well.""The provisioning and deprovisioning saves a lot of time and skips a lot of errors.""Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."

More One Identity Active Roles Pros →

Cons
"Reading documentation could be simplified. Technical support could also be faster.""I rate Microsoft support five out of 10. It's just okay.""The main issue is that because Active Directory is in the cloud, it will inevitably be dependent on internet connectivity.""When we add some user groups, at times they will not be properly configured. Also, sometimes Azure AD is not aware of the group policy, like the control, device functions, and settings, in detail. For example, you cannot configure these settings through mobile devices. It doesn't provide the flexibility to do that. The other challenge is that a third-party application may provide access without authorization.""We would like to see more system updates.""The security policy of Azure Active Directory should be based on a matrix so that we can easily visualize which users have access to what.""If any service is down, it can affect a whole region. We would need to wait on a ticket and get word from Microsoft to understand the issues. If it takes longer to resolve the issue on Microsoft's side, all we can do is wait for them to fix it.""I believe it can also be integrated into other Microsoft products, as well as more integrations with other solutions."

More Microsoft Entra ID Cons →

"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there.""When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow.""The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint.""The solution needs an attestation process that includes certification and recertification attestation.""I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget.""For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript.""There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them.""For the AAD management feature, it needs to improve the objects that we can manage and the security."

More One Identity Active Roles Cons →

Pricing and Cost Advice
  • "The licensing cost is a bit prohibitive."
  • "The licensing is really not clear unless you are a premium client."
  • "Licensing is easy."
  • "It is a really nice tool and we have a license for the more complex model."
  • "It is not too expensive."
  • "It's really affordable."
  • "I do not have experience with pricing."
  • "Licensing fees are paid on a monthly basis and the cost depends on the number of users."

    • More Microsoft Entra ID Pricing and Cost Advice →

  • "The licensing model is a simple user-based model, not that much complicated."
  • "The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
  • "The pricing is on the higher end."
  • "It's fairly priced."
  • "It's expensive."

    • More One Identity Active Roles Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Single Sign-On (SSO) solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    How does Duo Security compare with Microsoft Authenticator?
    Top Answer:We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier Duo Security is easy to configure and… more »
    What do you like most about Azure Active Directory?
    Top Answer:It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
    Read all 102 answers   →
    What is your experience regarding pricing and costs for Azure Active Dire...
    Top Answer:It is worth the money.
    Read all 84 answers   →
    What do you like most about One Identity Active Roles?
    Top Answer:The solution is stable.
    Read all 13 answers   →
    What is your experience regarding pricing and costs for One Identity Acti...
    Top Answer:The solution is fairly priced. That said, I have nothing to compare it to.
    Read all 6 answers   →
    What needs improvement with One Identity Active Roles?
    Top Answer:The solution has not enabled us to reduce password reset times. It has not automated provisioning. The group attestation could be improved. It was a feature that was available in version 5. You can… more »
    Read all 13 answers   →
    Ranking
    1st
    out of 52 in Single Sign-On (SSO)
    Views
    16,301
    Comparisons
    11,657
    Reviews
    90
    Average Words per Review
    878
    Rating
    8.7
    5th
    out of 24 in User Provisioning Software
    Views
    1,783
    Comparisons
    742
    Reviews
    5
    Average Words per Review
    673
    Rating
    8.0
    Comparisons
    Also Known As
    Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
    Quest Active Roles
    Learn More
    Microsoft
    One Identity
    Interactive Demo
    Microsoft
    Watch a demo
    One Identity
    Demo Not Available
    Overview

    Microsoft Entra ID, previously known as Azure AD (Active Directory), is Microsoft's cloud-based identity and access management (IAM) solution. Designed to help organizations of all sizes manage user identities and create an intelligent security perimeter around their cloud and on-premise resources. Microsoft Entra ID or Azure AD is integral to the Microsoft 365 and Azure ecosystems. It provides a robust set of capabilities to manage users and groups and secure access to applications in a centralized, streamlined manner.

    Microsoft Entra ID (Azure AD) is a login system, morphing into a sophisticated identity and access management (IAM) solution for the modern, hybrid workplace. Imagine a single vault for all your digital keys – that's the essence of Entra ID's identity management. It acts as a central repository for user identities, encompassing usernames, passwords, and even additional attributes like department or employee role.

    These capabilities enabled simplified administration using a unified platform for adding, modifying, and deleting user accounts. Users no longer need to remember login credentials for a plethora of applications. Entra ID streamlines access by using the same identity across various cloud services and on-premises resources (if integrated). Centralized identity management allows for stricter enforcement of security policies and password complexity requirements across the organization.

    Authentication sits at the heart of the solution, ensuring only authorized users gain access to sensitive resources. It employs a multi-pronged approach:

    • Password Authentication: The traditional method of username and password is still supported, but Entra ID encourages stronger authentication methods.
    • Multi-Factor Authentication (MFA): Adding an extra layer of security, MFA requires users to verify their identity beyond just a password – through a code sent to their phone, fingerprint recognition, or a security key.
    • Single Sign-On (SSO): This user-friendly feature eliminates the need to enter credentials repeatedly. Users sign in once to Entra ID and gain seamless access to all authorized applications, boosting productivity.
    • Conditional Access Policies: Providing granular control over how and when users can access resources. Based on conditions like user role, location, device state, and the application being accessed, Conditional Access policies help ensure that only the right people under the right conditions can access sensitive resources.
    • Seamless Integration: Seamless integration with thousands of SaaS applications, Microsoft 365, and on-premises applications via Application Proxy or third-party identity bridges.
    • Advanced Security Reports and Alerts: Sophisticated security monitoring, reporting tools, and automated alerts. These features enable to identify potential security issues, such as atypical behavior or attempted identity attacks, allowing for swift remediation actions.

    For organizations with on-premises infrastructure, Microsoft Entra ID (Azure AD) offers hybrid identity options. This allows for a smooth integration between on-premises Active Directory and Entra ID, providing a consistent identity for users across both environments. It enables organizations to leverage their existing investments in on-premises infrastructure while taking advantage of cloud scalability and flexibility.

    In conclusion, Microsoft Entra ID (Azure AD) is a comprehensive IAM solution that addresses the complex challenges of managing and securing identities in a cloud-centric world. Its blend of ease of use, security, and integration capabilities makes it an essential component of modern IT infrastructure, supporting both operational efficiency and strategic business objectives.

    Additional links:

        One Identity Active Roles is a highly regarded solution for Active Directory (AD) security and account management. One Identity Active Roles will enhance group, account, and directory management while eradicating the need for manual processes. The end result is a significant increase in the overall speed, efficiency, and security of the organization.

        Using One Identity Active Roles, users can:

        • Easily increase and strengthen native attributes of Active Directory (AD) and Azure AD.

        • Quickly unify and automate group and account management while protecting and securing critical administrative access.

        • Free up valuable resources to concentrate on other IT tasks, fully confident that your user permissions, critical data, and privileged access are safe and secure.

        Managing accounts in AD and Azure AD can be tremendously challenging; continually keeping these important systems safe and secure presents an even greater challenge. Traditional tools can be inefficient, error-prone, and very disjointed. In today’s robust marketplace, organizations are finding it somewhat difficult to keep pace with the constant access changes in a hybrid AD ecosystem. Additionally, there are significant security issues to consider (government compliance, employee status/access changes, and other confidential business requirements). And, of course, there is a requirement to properly manage Active Directory and Azure Active Directory access in addition to managing all the other numerous SaaS and non-Windows applications that organizations use today.

        Users can easily automate all of these tedious, mundane administrative tasks, keeping their systems safe and error-free. Active Roles ensures users can perform their job responsibilities more effectively, more efficiently, and with minimal manual intervention. Active Roles was created with a flexible design, so organizations can easily scale to meet your organizational needs, today, tomorrow, and in the foreseeable future.

        Reviews from Real Users

        A PeerSpot user who is a Network Analyst at a government tells us, “It has eliminated admin tasks that were bogging down our IT department. Before we started using Active Roles, if one of our frontline staff members deleted a user or group, it could take several hours to try to reverse that mistake. Whereas now, the most our frontline staff can do is a deprovision, which just disables everything in the background, but it's still there. We can go in and have it back the way it was two minutes later. Instead of it taking two hours, it only takes two minutes.

        Becky P., Sr Business Analyst at George Washington University, shares, “In addition, with the use of workflows and the scheduled tasks, we were able to automate and centrally manage a number of the processes as well as utilize them to work around other product limitations. Those include, but are not limited to syncing larger groups, which have 50,000 plus members, to Azure AD. We sync up to Azure AD using ARS. If we had not already had ARS in place, it would have been impossible for us to have done so in the time period we did it in. We did it in under six months. ARS probably saves us at least two weeks out of every month. It's reduced our workload by 50 percent, easily.”

        Sample Customers
        Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
        City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
        Top Industries
        REVIEWERS
        Financial Services Firm14%
        Computer Software Company14%
        Non Profit5%
        Manufacturing Company5%
        VISITORS READING REVIEWS
        Educational Organization26%
        Computer Software Company12%
        Financial Services Firm9%
        Government6%
        REVIEWERS
        Aerospace/Defense Firm18%
        Financial Services Firm18%
        Consumer Goods Company9%
        Manufacturing Company9%
        VISITORS READING REVIEWS
        Computer Software Company17%
        Financial Services Firm11%
        Government9%
        Healthcare Company8%
        Company Size
        REVIEWERS
        Small Business33%
        Midsize Enterprise14%
        Large Enterprise53%
        VISITORS READING REVIEWS
        Small Business18%
        Midsize Enterprise34%
        Large Enterprise48%
        REVIEWERS
        Small Business28%
        Midsize Enterprise6%
        Large Enterprise67%
        VISITORS READING REVIEWS
        Small Business22%
        Midsize Enterprise10%
        Large Enterprise68%
        Buyer's Guide
        Microsoft Entra ID vs. One Identity Active Roles
        March 2020
        Free Report: Microsoft Entra ID vs. One Identity Active Roles
        Find out what your peers are saying about Microsoft Entra ID vs. One Identity Active Roles and other solutions. Updated: March 2020.
        DOWNLOAD NOW
        767,847 professionals have used our research since 2012.

        Microsoft Entra ID is ranked 1st in Single Sign-On (SSO) with 190 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Microsoft Entra ID is rated 8.6, while One Identity Active Roles is rated 8.6. The top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo, whereas One Identity Active Roles is most compared with ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager, Softerra Adaxes and NetIQ Directory and Resource Administrator. See our Microsoft Entra ID vs. One Identity Active Roles report.

        We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.