Try our new research platform with insights from 80,000+ expert users

One Identity Active Roles vs One Identity Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 6, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

One Identity Active Roles
Ranking in User Provisioning Software
5th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
19
Ranking in other categories
Active Directory Management (4th)
One Identity Manager
Ranking in User Provisioning Software
2nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
108
Ranking in other categories
Identity Management (IM) (3rd)
 

Mindshare comparison

As of January 2025, in the User Provisioning Software category, the mindshare of One Identity Active Roles is 6.3%, up from 6.0% compared to the previous year. The mindshare of One Identity Manager is 18.9%, up from 16.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
User Provisioning Software
 

Featured Reviews

JosephChandrasekaram - PeerSpot reviewer
Single interface and workflows simplify AD and Azure AD management efficiency and security
The most valuable features include * auditing * dynamic grouping * creating dynamic groups based on AD attributes. Also, as part of the cloud identity, meaning expanding identity to the cloud, it gives me a single workflow to expand on-prem. I can create a user in the cloud and give them access to resources through a single workflow. And for regulatory, auditing, and security requirements, it's critical that the solution enables Zero Trust security with hybrid AD fine delegation and role-based access control.
Dnyandev Garad - PeerSpot reviewer
Offers a user-friendly experience with an intuitive interface and makes customization a breeze
With centralized user management, data is effortlessly pulled from various systems like SOAR and HR, simplifying user creation and data maintenance. This allows for easy user editing, role assignment based on HR attributes or department affiliation, and streamlined account allocation based on review levels, departments, or the entire organizational structure. Our Access Control in One Identity Manager is 99 percent automated saving us nearly 100 percent of our time. One Identity Manager simplifies SAP administration by providing a centralized view of even logically disconnected SAP accounts. It offers a flexible helpdesk approach. We can either leverage its built-in model or create our own UI accessible to specific teams based on their applications. This ensures each team sees only relevant tickets for their area, streamlining access management for disconnected applications. One Identity Manager can connect SAP accounts to employee identities under governance. One Identity Manager simplifies Identity Governance and Administration for SAP, a complex system to manage in this regard. It empowers us to effectively manage SAP profiles, roles, and groups, ensuring their proper assignment to corresponding SAP accounts. The solution delivers SAP-specialized workflows and business logic. One Identity Manager integrates with its Privilege Access Management solution to provide more granular control. This means we can define different account types within One Identity Manager, such as normal, admin, and privileged accounts. By assigning privileged access only to designated accounts, we can restrict access and permissions and enhance overall security control. One Identity Manager offers a user-friendly experience with an intuitive interface. It even provides a webshop for end users, allowing them to easily request new roles or accounts in various systems with a simple two-click process. Having the right resources makes customization a breeze. While understanding customer needs and translating them into technical specifications requires some processing upfront, One Identity's suite of tools simplifies the actual back-end work. From drag-and-drop interfaces for workflows and reports to scripting and C# coding supported by existing SDKs, customization options cater to all users. This dynamic application provisioning solution uses business roles to map our company's organizational structure. In other words, access to applications is determined solely by our assigned role within the company hierarchy. This role-based approach ensures users only receive the permissions they need based on their specific function, preventing unnecessary access. One Identity Manager streamlines our cloud governance by providing a centralized platform to manage user access permissions across all connected cloud applications. This eliminates the need for individual provisioning for each app, ensuring efficient authorization control. We have significantly improved our compliance posture with One Identity Manager. Previously, auditors identified numerous findings during manual audits, requiring extensive time and resources to address. With One Identity Manager, we've automated the onboarding, offboarding, and joiner processes, achieving a 95 percent closure rate on audit points. This centralized solution streamlines the auditor experience, allowing them to efficiently obtain information from the IAM team, saving both the organization and auditors valuable time. We have minimized inconsistencies in how our governance policies are applied across test, development, and production environments. One Identity Manager helps us create a privileged governance stance to close the security gap between privileged users and standard users by managing those accounts separately. This segregation prevents unauthorized access, as standard accounts cannot hold privileged rights and vice versa. This clear separation helps to close the security gap between these user types. One Identity Manager streamlines our procurement and licensing processes, allowing our initially large operations team to focus on more strategic tasks. By automating license management for connected applications like SAP and Azure Active Directory, the solution eliminates the risk of human error – forgotten access removals for unused licenses are a thing of the past. Now, licenses are automatically assigned and reclaimed based on user activity, ensuring efficient resource allocation. This means new hires receive immediate access, and vacated licenses become readily available, freeing the operations team from manual license management headaches. One Identity Manager streamlines application access decisions by automating the provisioning and de-provisioning of user access based on HR data. This eliminates manual intervention and delays for both HR and department personnel. When an employee changes departments, their access permissions are automatically updated in the identity management system, granting them the necessary tools to perform their new duties immediately. It also streamlines the automation of identity and access controls, making it easier to implement a zero-trust security model where every user and device is verified before granting access. While our audit processes were once cumbersome, requiring auditors to chase down reports from individual SAP administrators, everything is now centralized. One Identity Manager stores all application and database information in a single location, streamlining reconciliation efforts.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Active Roles improved the management of users, groups, and AD objects in the organization."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"The solution is stable."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"It gives the best user experience, enabling us an overview of all user entitlements."
"The tool is like a big Lego in which you can use the parts that make sense for your organization."
"One Identity Manager is user-friendly and easy to customize. One Identity's business roles enable me to map company structures for dynamic application provisioning, which is fairly important."
"The product helps minimize gaps in governance coverage."
"This solution is quite flexible. We have a lot of customization since we have our own business processes."
"The solution is a typical, conventional IGA but the tool itself offers many options for customization."
"In terms of what I found most valuable in One Identity Manager, it's the only product where the workflow and the catalog can be configured on roles or by business people. You don't need to know the technology at all to configure that, so this is the product's biggest advantage as well as its strongest feature. One Identity Manager is also business-oriented and IAM administrator-oriented."
"It's a huge toolkit, and you can do a lot of stuff with it. You can extend nearly everything, so if you want to build something that may not have been though of by the vendor. Compared with other distributors who design their products to certain specification, you can put in your own processes, because not all companies function the same. You can write what you want, and the process should be like that."
 

Cons

"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"It's a fairly stable product but not perfectly reliable."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The policy and role management features are a bit hard to scale. The whole model for who can do what and how to set it up is not so well-governed for a larger organization. The demos are always shown for a 100 or a 1000 people, but when it is a large number, it is quite difficult to maintain."
"The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation."
"Visually, I would like it to be more user-friendly."
"I would like One Identity Manager to offer an easier way for users to learn to use their new features."
"The support model has room for improvement, especially when compared to competitors like Omada and SailPoint, which offer a more extensive global presence and support network."
"It is a large solution where you need to learn how to work in a certain way for it to provide the best benefit."
"Because their company is so focused on just their tool and related technology, they can't support you much. At times, it becomes frustrating. While you are paying a little less than your competitors, you expect some support, compliance, or expertise from the company. If a certain load balancer is unable to handle your tool, you should know what load balancer would be perfect or what configuration you should use."
"One key area for improvement is implementing continuous integration and deployment."
 

Pricing and Cost Advice

"The pricing for Active Roles is expensive but not as expensive as other solutions like Okta."
"The licensing model is a simple user-based model, not that much complicated."
"The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
"It's expensive."
"It's fairly priced."
"The pricing is on the higher end."
"I rate One Identity seven out of 10 for affordability. It's reasonably priced."
"Prices in Turkey are high due to inflation, a challenge we've heard about from our customers."
"It's costlier that some other products, and there is nothing that fits every solution."
"You get a lot of bang for your buck with One Identity. It has many features that are included in the standard IGA license. Most people who are considering buying One Identity don't understand how much power is behind it in engines."
"One Identity Manager is fairly priced."
"We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support."
"We pay yearly and per active user. One of the reasons that we chose One Identity Manager is because of the pricing. It is reasonable and affordable compared to other products which we considered before choosing this solution for the company."
"One Identity is cost-efficient from a licensing perspective. However, one drawback is that it's expensive on the hardware side for the customer to set up. One Identity's professional services team recommends various components. They lose some of the cost advantage because the hardware is expensive and requires maintenance."
report
Use our free recommendation engine to learn which User Provisioning Software solutions are best for your needs.
831,481 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Healthcare Company
9%
Government
9%
Computer Software Company
18%
Financial Services Firm
14%
Government
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for One Identity Active Roles?
The pricing for Active Roles is expensive but not as expensive as other solutions like Okta.
What needs improvement with One Identity Active Roles?
Active Roles can fix many little problems that have never been resolved and have lingered for years, continuing to annoy people. For example, you can't search by object GUIDs. The manual says you c...
What do you like most about One Identity Manager?
The One Identity birthright process has helped generate user accounts more accurately and quickly.
What is your experience regarding pricing and costs for One Identity Manager?
Investing in One Identity Manager is necessary for regulatory compliance. Although it might not directly bring in business, it prevents issues like tool compliance. The pricing is reasonable compar...
What needs improvement with One Identity Manager?
The support model has room for improvement, especially when compared to competitors like Omada and SailPoint, which offer a more extensive global presence and support network.
 

Also Known As

Quest Active Roles
Quest One Identity Manager, Dell One Identity Manager
 

Overview

 

Sample Customers

City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
Texas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies
Find out what your peers are saying about One Identity Active Roles vs. One Identity Manager and other solutions. Updated: January 2025.
831,481 professionals have used our research since 2012.