We performed a comparison between One Identity Active Roles and Symantec Siteminder based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The solution is stable."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"It gives us attribute-level control and the AD management features work very well."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"Secure access is the most valuable feature."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"Ease of use is very good, for administrating it. It's very well known."
"SAML is the best thing we're using right now because there is no need for creating an external account."
"Authentication & Authorization are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO."
"The solution is easy to use for our managers."
"Right now, federation that comes out-of-the-box with single sign-on is the most valuable feature that we have, and also scalability."
"It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days."
"Symantec Siteminder Is both scalable and stable."
"The Directory is secure. It's our user store, and it's important to keep our members safe. The product does well with that."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The ability to send logs to a SIEM would be very beneficial."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"Most of the time it just works."
"The solution needs an attestation process that includes certification and recertification attestation."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"An area Siteminder could improve on is that there are a few limitations, in terms of new protocols for OpenID. If I want to have different scopes, the features are limited. They also do not have APIs exposed, which is a major drawback. API is a feature I would like to see included in the next release."
"Better documentation. I went through some sessions on single sign-on for version 12.7."
"The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live."
"We are finding some compatibility issues. We're still working with CA on them."
"CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together."
"Some of the new protocols, like OAuth 2.0, could be improved."
"The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid."
"We would like to the OAuth be more stable, more issues being fixed rather than not."
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Symantec Siteminder is ranked 17th in Single Sign-On (SSO) with 69 reviews. One Identity Active Roles is rated 8.6, while Symantec Siteminder is rated 8.0. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Symantec Siteminder writes "Easy to implement and customize and very stable". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes, whereas Symantec Siteminder is most compared with PingFederate, ForgeRock, Okta Workforce Identity, PingID and PingAccess. See our One Identity Active Roles vs. Symantec Siteminder report.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.