We performed a comparison between One Identity Active Roles and One Identity Safeguard based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"It gives us attribute-level control and the AD management features work very well."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"One of the most important things is that it is very easy to use and install. It is also agentless, so all of the operations happen more smoothly than any other product."
"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."
"The whole product solves the privileged access management challenge for our company. We have a secure tunnel, a secure session manager, and automatic logging of sessions, which is good for forensic purposes. We have a rich level of logs and can trace what happened on which machine and see who did what."
"The initial setup is very easy."
"The transparent mode for privileged sessions is a very good solution."
"We don't need to use VPN for remote access."
"The solution's most valuable features are the efficiency and the quality of the recording."
"All the features are promising, but we love the reporting feature because we can get each and every report. That's a major compliance requirement. Its reporting is really amazing, and it has made life a lot easier."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"Most of the time it just works."
"The way you can search groups could be better."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The GUI has room for improvement because it is confusing and cumbersome."
"Cost-wise, it is a little bit expensive, which makes it difficult to get management approval. Its price should be reduced."
"We have feature requests and would like to see the turnaround times on those features to be faster."
"I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated."
"The main thing that needs improvement is the slowness. Apart from that, the change password check-in feature also needs improvement because it is not working perfectly accurately."
"There is a lack of documentation and many problems with the plugins."
"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated."
"I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal."
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. One Identity Active Roles is rated 8.6, while One Identity Safeguard is rated 8.2. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access and Fudo PAM.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.