We performed a comparison between Microsoft Entra ID and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Single Sign-On (SSO) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the factor identification. I find that it is natural integration, and it is just a natural step. I do not need to do anything else."
"It's very easy to run and it's part of their ecosystem and I don't think it's going anywhere anytime soon."
"The user management groups are valuable. It is a pretty basic product, but user management, in general, is valuable with the ability to differentiate between business lines and add different policies, group-based management, and dynamic user groups."
"A use case that we did for an end user in a manufacturing organization: We used WVD with biometric authentication because 1,500 processes need to happen in a process. The user didn't want to use a login using their credentials. They wanted to use fingerprinting or tap their ID. That is where we integrated with the authentication. Now, they can process in a couple of hours, and they run those 1,500 processes every day. This changed their login process, which improved the manufacturing process. This helped a lot for their high deployment."
"The most valuable features of Azure ID are the single sign-on and OpenID Connect authentication."
"The valuable features I use daily are enterprise application, conditional access, identity governance, password monitoring, and a password reset."
"Single sign-on is the reason we use AD."
"It helps with privacy control of identity data. It makes security very easy."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"The solution is stable."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"It gives us attribute-level control and the AD management features work very well."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Microsoft's technical support has shortcomings where improvements are required."
"The support could be better. Lately, they sort of dropped off a bit in terms of quality."
"Microsoft Entra ID should improve workload identities. It should set conditional access."
"An area where there is room for improvement is the ease of use of the dashboards."
"Everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization."
"I would like to see a better delegation of access. For instance, we want to allow different groups within the company to manage different elements of Azure AD, but I need more granularity in delegating access."
"Compared to what we can do on-prem, Azure AD lacks a feature for multiple hierarchical groups. For example, Group A is part of group B. Group B is part of group C. Then, if I put someone into group A, which is part of already B, they get access to any system that group B has access to, and that provisioning is automatically there."
"The B2B Federation functionality is not perfect and could be improved. It is not on the same level that we could have if it were being used on-premises. It offers a different experience, which is a bit complicated and has some additional drawbacks."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The solution needs an attestation process that includes certification and recertification attestation."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"Most of the time it just works."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"The ability to send logs to a SIEM would be very beneficial."
Microsoft Entra ID is ranked 1st in Single Sign-On (SSO) with 190 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Microsoft Entra ID is rated 8.6, while One Identity Active Roles is rated 8.6. The top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo, whereas One Identity Active Roles is most compared with ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ, Softerra Adaxes and NetIQ Directory and Resource Administrator. See our Microsoft Entra ID vs. One Identity Active Roles report.
We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.