We performed a comparison between One Identity Active Roles and SAP Identity Management based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It gives us attribute-level control and the AD management features work very well."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The setup process is straightforward."
"What I like about SAP Identity Management is that it's stable for experienced users and suitable for access management, not just for SAP accounts, but for Active Directory, including file sharing and process sharing."
"Rather than implement a basic SSO, this solution assisted us with setting up two-factor authentication."
"What I found most valuable in SAP Identity Management is process automation. The solution also gives transparency about what is happening and why which I find beneficial. Another feature I found valuable in SAP Identity Management is integration. It has very good integration."
"The most valuable feature is the user experience for managing information."
"It provides basic automatic user administration and role provisioning to save time."
"What's most valuable in SAP Identity Management is that it's easily an out-of-the-box solution for connectivity with SAP applications. We do not have to do any customizations, and this makes the solution very compatible with most SAP applications. SAP Identity Management is also very user-friendly."
"The tool's most valuable features are its access control and approval of access requests. The self-service password reset feature is efficient. Role management capabilities streamline user access by assigning and revoking roles."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"The solution needs an attestation process that includes certification and recertification attestation."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"SAP Identity Management can improve risk analysis and authority checks."
"One of the areas for improvement in the solution is its user interface which needs to be up-to-date and fancier, in particular, have better visualization in terms of the tabs and buttons. The user interface of SAP Identity Management should be improved based on the latest trends."
"It needs to have the SSO for the HANA modules that SAP is releasing."
"The pricing could be better."
"I have encountered issues with the host authentication feature."
"A lack of startup connectors to different systems, and could have better connectors for SAP IDM."
"What needs improvement in SAP Identity Management is its compatibility with third-party applications. We'd like to get connectors or plugin settings to make it easier to manage other applications, whether SAP or non SAP applications. As SAP Identity Management is not compatible with non SAP applications, some of the clients are looking for other IDM applications such as SalePoint and Saviynt, so this is an issue we've observed in the solution."
"Research and marketing need to be improved."
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while SAP Identity Management is ranked 6th in User Provisioning Software with 13 reviews. One Identity Active Roles is rated 8.6, while SAP Identity Management is rated 7.8. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of SAP Identity Management writes "Allows for seamless integration and provides a unified login experience ". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Softerra Adaxes, whereas SAP Identity Management is most compared with SailPoint IdentityIQ, Microsoft Identity Manager, SAP Customer Data Cloud, Omada Identity and Saviynt. See our One Identity Active Roles vs. SAP Identity Management report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.