We performed a comparison between NetIQ Identity Governance and One Identity Active Roles based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SailPoint, One Identity and others in Identity Management (IM)."We don't have to go in and do a lot of the work that we did before. It may have saved us somewhere in the range of 10 to 30 percent of the time we spent on provisioning access."
"The most valuable aspect of the product is that it is Microsoft-based and it supports all Microsoft technology."
"Omada's user interface is elegant and easy to work with. I like Omada's ability to automatically generate accounts for new hires and allow them access to all required systems by established policies. Around 80 percent of workers can start working immediately on their first day without requesting further access."
"The benefits of Omada Identity include a holistic way of viewing access, the ability to give people access, and automation."
"I'm not using Omada, but the interface is easy to use and gives you a solid overview of your identities."
"The best feature in Omada Identity is that it enables us to implement standardized employee life cycle processes so that we don't have to create them ourselves. We can then use the standard workflows. The breadth and scope of the solution’s IGA features also fulfill our requirements."
"The most valuable feature is the automatic provisioning and reconciliation of things like the Active Directory groups and memberships."
"Its best feature is definitely the process design. It is quite easy and straightforward to design a process."
"All three functionalities, access certification, the configuration of duties, and role mining - especially role mining - are very advanced compared with the competition."
"NetIQ Identity Governance has improved the security of my company."
"This solution has been around for a long time. It has had lots of successful deployments and releases."
"I like the queries and find the catalog to be comparatively powerful."
"I really like the separation of the duties. It is the most ambitious model in the server because you have to create all the different rules, especially business rules. You have to check with the client and set different policies and rules, and then, you to have refine them. You will notice what is bad in the company and where the real problem is."
"You can run reports and verify the access each user has. There is a process that runs automatically for access review. It sends an email to the manager and provides a task for the manager to review the users and access. The manager can approve or reject, and then it goes to the application owner for further review. This feature is especially important in large customer environments, as manual review can be challenging."
"We’re very satisfied with technical support. Usually we get people with the right knowledge who understand the solution very well."
"When doing a review you can either make manual or automatic fulfillment to immediately apply the manager's decision to the system, like removing or adding new permissions to the user account."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"Secure access is the most valuable feature."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"In our organization, all the data is event-driven, which means that if an attribute is changed in the source system, it can be updated within a few seconds in all end-user systems. There is room for improvement in Omada regarding that. Omada is still batch-based for some processes, so sometimes it can take an hour or even four hours before the execution is run and the update is sent."
"I would like more training. As someone who is new to this world, I don't feel that the courses Omada provides are good enough. They should also improve the documentation. It is difficult to learn how to use the solution by yourself"
"The user interface could be improved. The interface between Omada and the user is mainly text-based."
"It is not possible to customize reports on Omada Identity."
"We are trying to use Omada's standards and to adapt our processes. But we have had some trouble with the bad documentation. This is something that they could improve on. It has not been possible for us to analyze some of the problems so far, based on the documentation. We always need consultants. The documentation should include some implementation hints and some guidelines for implementing the processes."
"When the re-certification process is launched that makes Omada very slow. There are performance issues in the current version."
"The solution should be made more agile for customers to own or configure."
"The comprehensiveness of Omada's out-of-the-box connectors for the applications we use could be better. We are getting a new HR system called Cornerstone for which they do not have an out-of-the-box connector, so we have to take the REST connector and play around with it."
"The product could use more advanced features related to Identity Intelligence."
"The initial setup has room for improvement."
"Technical support is horrible."
"We need more connectors to cloud applications like AWS."
"NetIQ Identity Governance is not flexible. Sometimes, filtering information to provide users with options, such as selecting the application to which they want to request access, can be challenging. It needs to improve application integration as well."
"The solution should provide more connectors in future releases. The solution also should offer more monitoring."
"They haven't really evolved the product to the cloud, so they don't have a cloud solution."
"With NetIQ, you have to install two or more products. It would be better if we could install one product and have one server and one dashboard."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"Most of the time it just works."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"The way you can search groups could be better."
NetIQ Identity Governance is ranked 22nd in Identity Management (IM) with 9 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. NetIQ Identity Governance is rated 8.0, while One Identity Active Roles is rated 8.6. The top reviewer of NetIQ Identity Governance writes "Helps to run reports and verify user access but improvement is needed in integration ". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". NetIQ Identity Governance is most compared with SailPoint IdentityIQ, OpenText Identity and Access Management and One Identity Manager, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Softerra Adaxes.
We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.