One Identity Active Roles Reviews

One Identity Active Roles is used for automation, on-boarding, off-boarding workflows, managing group membership and permissions, role-based access control, auditing, and compliance in our hybrid AD environment with approval workflows.

A practical example we are currently using is as follows. When HR creates a new employee record, One Identity Active Roles automatically creates the AD account, assigns the correct OU based on the department location, adds predefined security groups, applies mailbox and licensing policies, and sets manager attributes and naming standards. For access control, we use dedicated administrators so the L1 helpdesk team can reset passwords or unlock accounts without receiving full domain admin rights. Access is restricted through role-based permissions and approval workflows, which improves security and reduces the risk of unauthorized AD changes.

This use case fits our organization well.

One Identity Active Roles offers workflow automation, role-based access control, dynamic group management, hybrid AD and Microsoft 365 management, approval workflows, policy enforcement, and auditing.

The feature that stands out and has had the biggest impact is the dedicated administrator combined with workflow automation. Before implementing One Identity Active Roles, routine AD tasks required senior administrators with elevated privileges. Now L1 and L2 support teams can safely handle tasks such as password resets, account unlocks, group modifications, and basic user provisioning through controlled RBAC policies. This helps us by reducing dependence on domain admin access, lowering the risk of accidental and unauthorized changes, speeding up user on-boarding and support requests, standardizing AD operations across teams, and reducing manual efforts and workload. Onboarding previously took around thirty to forty minutes, and now it takes just two to three minutes.

One Identity Active Roles has improved our organization by automating AD tasks, reducing manual errors, improving security through dedicated access control, and speeding up user onboarding and off-boarding. It has also helped reduce admin workload and improved our compliance tracking.

One Identity Active Roles is very strong for AD automation, dedicated administration, and governance, especially in a large enterprise environment. The main areas that could be improved are UI modernization and reporting flexibility. These improvements could help the product achieve a higher rating.

I have been using One Identity Active Roles for almost a year.

Based on our analysis and reporting, there is approximately fifty to seventy percent reduction in manual effort. Onboarding time has been reduced from twenty to thirty minutes to five minutes. There is a significant decrease in configuration errors due to the automation workflow templates.

One Identity Active Roles currently satisfies my use case, and I am happy with the solution. There is no need for improvements right now. However, when time passes, I will conduct research and development with other competitors as well. When I determine that the product needs improvement, I will update my feedback accordingly.

The features that stand out are currently working as expected. One Identity Active Roles is performing as anticipated. My overall rating for this product is eight out of ten.

One Identity Active Roles is my primary solution for managing Active Directory efficiently and securely, with a focus on day-to-day tasks such as user account credentials, password reset and account unlock, group membership management, and automating AD tasks.

When a new employee joins, I use One Identity Active Roles to create the AD account using a template and automatically assign groups based on department, set mailbox and permissions, apply naming conventions, and policy.

One Identity Active Roles offers me several best features, including automation workflow, which saves a lot of manual AD work during onboarding and offboarding, and its role-based delegations that allow the help desk to perform limited tasks without full admin rights, as well as change history and auditing that make it easy to track who can change what in AD.

The automation feature has made the biggest difference in my day-to-day work, which assists in designing auditing benefits. Tasks such as user onboarding, offboarding, group assignment, and mailbox provisioning are significantly improved.

One Identity Active Roles has positively impacted my organization by enabling faster onboarding and offboarding through automations, reducing manual AD errors and permission mistakes, and lightening the workload for the infrastructure help desk team. Tasks that used to take 20 to 30 minutes manually can now be completed within 5 to 10 minutes.

The time savings facilitated by One Identity Active Roles have allowed my team to focus more on higher-value work instead of repetitive admin tasks. Instead of spending hours on account provisioning, password issues, or manual permission changes, the team can now concentrate on projects, security improvement, and user support, which has also reduced stress during busy periods because workflows are standardized and less error-prone.

One Identity Active Roles could be improved with better cloud-native management and SaaS options, simpler reporting, and easier customization.

I wish for simpler reporting and easier customization as additional needed improvements.

I have been using One Identity Active Roles for the last one and a half years.

I assess the ease of integrating One Identity Active Roles with my existing IT infrastructure and directory services as generally good, as it integrates well with Active Directory, making the core setup straightforward. However, the initial configurations, policy roles, and workflows are complex and require AD expertise. Once deployed, day-to-day operations and synchronizations are quite reliable.

One Identity Active Roles has significantly reduced both the complexity and workload of administrative tasks related to Active Directory, particularly for data tasks such as user creation, group changes, and account management.

My experience with the delegation of administrative tasks through One Identity Active Roles has been that it has made the workflow much more structured and controlled, with tightly scoped permissions so users receive only what they need.

My main advice to others looking into using One Identity Active Roles is to properly plan your directory structure first before configuring anything. It is essential to invest time in establishing an appropriate Active Directory structure beforehand and to use the least privilege design as a default concept. I would rate my overall experience with One Identity Active Roles as a nine out of ten.

Hybrid Cloud

Microsoft Azure

My main use case for One Identity Active Roles is for Active Directory user management, access control automation, and user provisioning and de-provisioning.

I use One Identity Active Roles to automate new user creation when a new employee joins, where the required AD account, groups permissions, and mailbox access are assigned automatically based on their roles or department.

I use One Identity Active Roles day-to-day for many use cases to reduce manual work, so it improves access management efficiency and makes user administration faster and more secure; that is mainly how One Identity Active Roles helps in my day-to-day work.

The best features of One Identity Active Roles that I have been using for the last year include workflow automation, delegated administration, role-based access control, user provisioning, de-provisioning, centralized Active Directory management, and detailed auditing and reporting use cases.

One Identity Active Roles' biggest impact is workflow automation, which has made the biggest impact for my team, as it helps automate user onboarding, access assignment, and the approval process, which saves time, reduces manual errors, and improves operational efficiency.

One Identity Active Roles has positively impacted my organization since it reduced manual administrative work, strengthened access security, and helped streamline user and permission management across the organization.

I have seen faster user onboarding and fewer manual errors after implementing One Identity Active Roles, where tasks that previously took 20 to 30 minutes manually can now be completed in just a few minutes through automation and predefined workflows.

One Identity Active Roles provides strong automation capabilities that significantly reduce manual administrative work, with one especially helpful example being automated employee onboarding, where user accounts, group membership, permissions, and mailbox access are assigned automatically based on the employee's department or role.

One Identity Active Roles has reduced the complexity and workload of Active Directory administration by automating repetitive tasks, simplifying user management, and improving delegation and access control processes.

Automation has reduced manual administrative efforts and saved significant time during onboarding and access management tasks that earlier took 20 to 30 minutes and are now completed in a few minutes.

One area that could be improved in One Identity Active Roles is the user interface and initial configuration process, as some advanced workflows and policy settings can be complex for new administrators.

One Identity Active Roles is stable.

One Identity Active Roles is scalable and works well for growing environments with increasing users, groups, and administrative workload.

I would rate the customer support seven out of ten.

Previously I used different solutions on native Microsoft Active Directory administration tools and manual processes, and I switched to One Identity Active Roles to improve automation, delegation, auditing, and centralized access management.

Integration of One Identity Active Roles with my existing identity infrastructure was moderately easy since it integrates well with Active Directory, and the setup was manageable.

Before choosing One Identity Active Roles, I evaluated some other options like Microsoft Entra ID and Okta for their identity and access management capabilities.

My experience with delegation in One Identity Active Roles has been positive, allowing specific administrative tasks to be assigned to the right team without giving full domain access.

My experience with the pricing and licensing of One Identity Active Roles has been reasonable for enterprise use.

My advice for organizations considering One Identity Active Roles is to plan the role structure, delegation model, and automation workflows properly before implementation to maximize the benefits of automation, improve security, and simplify Active Directory administration.

I would rate this review eight out of ten.

Hybrid Cloud

Amazon Web Services (AWS)

I am an end user of One Identity Active Roles for internal access and system purposes. When I need access to an internal dashboard to analyze business data for a project, I raise a request through One Identity Active Roles. The request goes through the approval process, and once approved, I am granted access without needing to contact the IT team directly. This helps me complete my tasks on time, and the status can be easily tracked so I do not have to manually follow up. The approval workflow makes the process secure and smooth, and even though I am not from a technical background, it helps me significantly.

I use One Identity Active Roles to gain access to some particular tools that are shared among multiple interns in my company.

The best feature that One Identity Active Roles offers is the approval flow, which gives access only to authorized persons, making the process secure. The user-friendly interface allows someone without a technical background to apply for the tools needed and be given access.

The approval process makes things more secure and efficient. This process prevents unauthorized and accidental access to sensitive tools and data, which are major concerns for my company. I have been told to access some particular tools and data through that portal only.

One Identity Active Roles has made things more organized and secure across the company. It has also reduced the need to contact IT administrators directly, saving time for both me and the IT staff. During the orientation program, I was informed that the use of this tool has reduced the IT team's workload. Previously, the IT team needed to provide the tool and monitor who was using it, but now with this tool, they do not have to specifically check on who is accessing the tools and data.

The IT team has reduced their workload by around four hours, although I do not know the specific hours saved. Access to the tools has become much faster; as soon as I apply, it goes through the approval process, and if the tool is required, then access is provided to me or any other IT intern.

One Identity Active Roles could be improved by speeding up the approval process, especially for urgent access requests. Sometimes I need urgent approval, and then I have to call the IT team to manually pass my approval. An option to flag that I need the tool urgently would help the IT team know to expedite that approval in the future. I have seen times when I need a tool urgently, but the process takes time.

The dependency on approval sometimes causes delays, which can slow down urgent work that I am doing, particularly as my position as an intern has been growing.

By the first of May, it has been approximately two months since I have been working in my current field.

One Identity Active Roles is quite stable, and I have not seen any downtime or crashes in my use case.

One Identity Active Roles is a great tool, pretty scalable, and stable for the daily purposes we are using it for. It can be easily deployed in the company, and it is a stable solution for non-technical users like myself.

I received one or two days of training to use all One Identity tools utilized in my company, such as One Identity Active Roles, One Identity OneLogin, and Safeguard Manager, which are all great tools. I would rate this review a 7.5 out of 10.

One Identity Active Roles is mainly used for AD administrator and identity lifecycle management in my network. One Identity Active Roles is primarily used for identity lifecycle management, such as automatic user management.

Whenever a new employee joins, HR creates employee information, and One Identity Active Roles detects a new user and automatically creates an AD account, mailbox, home folder, and other necessary resources. Once login syncs the AD identity, the user automatically gets access.

The most tightly used automation feature in my network is that it automatically creates AD accounts, assigns department-based groups, applies naming conventions, sets permissions, and triggers downstream provisioning.

The best feature of One Identity Active Roles is centered around AD automation, delegated administration, governance, and hybrid identity management. These are the main features that One Identity Active Roles provides.

Delegated administration combined with automation is the feature I find most valuable in my day-to-day work because it solves two major enterprise problems simultaneously. For example, too many AD manual tasks and too many users with excessive admin rights make this feature best for me.

One Identity Active Roles has had a positive impact by empowering automation security across identity management processes. Some of the biggest improvements are faster user onboarding, reduced administrative workload, and better security through delegations. Previously, I was handling a 100 percent workload, but after using One Identity Active Roles, 70 percent of my load has been resolved.

One Identity Active Roles does not require many improvements, but for upcoming or new users, there should be an easier initial setup and configuration. One Identity Active Roles is powerful, but deployment is somewhat complex. Common challenges include policy design, delegation setup, and synchronization tuning.

While I appreciate most aspects of One Identity Active Roles, a few things need improvement. One is easier initial setup and configuration, and another is reporting and analytic enhancements that can be performed on the product.

The ease of integrating One Identity Active Roles with my existing IT infrastructure and directory services is moderate.

The overall impression of the automation capabilities provided by One Identity Active Roles is good. It is typically seen as reliable and enterprise-grade, deeply integrated with AD, governance-focused, and described as controlled identity automation with governance built in.

One Identity Active Roles typically has a major simplifying effect on Active Directory administration, especially in large or hybrid environments. The effect is usually felt in two areas: task complexity reduction and overall workload reduction.

I would advise enterprise companies to use One Identity Active Roles. It is truly useful for AD tasks.

On-premises

One Identity Active Roles is primarily used for Active Directory administration, delegation, delegated access control, user provisioning, and automating routine account management tasks.

One Identity Active Roles automatically creates user accounts with correct group memberships and permissions based on the department and role, which saves a lot of manual AD work during onboarding.

One Identity Active Roles is also used for auditing and approval workflows, especially for sensitive AD changes where better control and tracking are needed.

The best features One Identity Active Roles offers are delegated administration, automation workflows, centralized AD management, and the detailed auditing capabilities that make tracking changes much easier.

Delegated administration has made the biggest impact because it allows the different teams to manage specific AD tasks securely without giving full domain-level access.

The automation and approval workflows stand out significantly in larger environments, especially when consistency and better control over AD changes are needed.

One Identity Active Roles has positively impacted the organization by reducing a lot of manual AD administration work, improving access control, and helping standardize user management processes across the organization.

The UI of One Identity Active Roles could be more modern and responsive, and some advanced workflow configurations can feel complex during setup.

Better cloud integration and simpler reporting customizations would definitely improve the overall experience, especially in hybrid environments.

One Identity Active Roles has been in use for two years.

One Identity Active Roles is very stable.

One Identity Active Roles scales very well in large enterprise environments, especially for organizations managing multiple domains, hybrid AD setups, and high volumes of user provisioning tasks.

Customer support for One Identity Active Roles is great.

Before One Identity Active Roles, the organization mostly relied on native administrative Active Directory tools and manual processes. The switch was made for better automation, delegation, and centralized control over AD management.

A few other IAM and AD management solutions were evaluated before choosing One Identity Active Roles, including SalePoint, Microsoft Entra ID, and ManageEngine.

The integration of One Identity Active Roles with the existing IT infrastructure and directory services was fairly smooth overall since it works well with existing Active Directory environments, though some advanced integrations and workflow customization required extra planning and testing.

Clear ROI has been seen with One Identity Active Roles, mainly through the time savings and reduced manual administration. Onboarding, permission updates, and account management tasks that used to take a lot of manual effort are now largely automated and completed much faster.

The pricing, setup cost, and licensing of One Identity Active Roles are definitely enterprise-focused, but the value from the automation, delegation, administration, and the reduced manual AD effort makes the investment worthwhile in large environments.

My advice to others looking into using One Identity Active Roles is to plan your delegation model and automation workflows carefully before deployment because the platform delivers the most value when roles, approvals, and AD processes are well-structured from the beginning.

One Identity Active Roles has been a reliable solution for improving AD governance, reducing manual administration, and enforcing better access control across the environment. The overall review rating for One Identity Active Roles is 8 out of 10.

Hybrid Cloud

Microsoft Azure

My main use case for One Identity Active Roles is automation.

One specific example of how I use automation with One Identity Active Roles is through automated employee onboarding, where when HR shares new employee details, the system automatically creates an Active Directory account, assigning it to the correct OU, group membership, email attributes, and permission based on the employee's department or role. This significantly reduces manual efforts, provisioning time, and configuration errors.

Using One Identity Active Roles, we consolidate multiple manual Active Directory administration processes and native management tools into a single, centralized platform for user provisioning, delegation, RBAC, automation, and auditing.

The best features of One Identity Active Roles are automation, delegated administration, role-based access control, approval workflows, policy enforcement, and auditing, as these features simplify Active Directory management, improve security, reduce manual efforts, and enhance compliance.

The feature that has made the biggest difference for me in One Identity Active Roles is automation, especially automated user provisioning and de-provisioning, because it significantly reduces manual Active Directory tasks, minimizes errors, improves consistency, and accelerates onboarding and off-boarding processes.

Additionally, the delegated administration and auditing features in One Identity Active Roles are very valuable as they improve security by limiting excessive privilege and provide centralized tracking of Active Directory changes for compliance and governance.

One Identity Active Roles positively impacts our organization by reducing manual Active Directory administration, improving security through delegated access and RBAC, speeding up onboarding and off-boarding processes, reducing service desk workload, and enhancing compliance.

One Identity Active Roles can be improved with a more modern and intuitive user interface, better reporting and analytics, simplified workflow customization, enhanced troubleshooting tools, and stronger cloud and hybrid identity integration capabilities for large enterprise environments.

I have been working in my current field for the last two years.

One Identity Active Roles is generally very stable and reliable in enterprise environments with consistent performance for Active Directory automation, delegated administration, and identity management tasks when properly configured and maintained.

One Identity Active Roles scales very well for enterprise environments and can efficiently manage thousands of users, groups, and Active Directory objects through centralized automation, delegated administration, and policy management without significant performance issues.

Customer support for One Identity Active Roles has been generally good with knowledgeable technical teams and effective assistance for deployment, troubleshooting, and Active Directory integration issues, although response time for complex escalations can sometimes be slower.

Before implementing One Identity Active Roles, we mainly used native Active Directory tools and a manual administration process along with basic PowerShell scripting. We switched because One Identity Active Roles provides centralized management, automation, delegation, RBAC, and better compliance and auditing capabilities.

I assess the integration of One Identity Active Roles as moderately easy, around a four out of ten in difficulty, because the core integration with Active Directory and existing Microsoft infrastructure is straightforward.

Before selecting One Identity Active Roles, we evaluated options such as Microsoft Identity Management and SailPoint IdentityIQ, but we chose One Identity Active Roles because of its strong Active Directory integration, automation, and delegated administration.

We achieve a strong ROI with One Identity Active Roles through approximately a forty to fifty percent reduction in service desk workload, faster user provisioning from hours to minutes, fewer manual administration errors, and improved compliance and audit efficiency.

My experience with pricing, setup cost, and licensing with One Identity Active Roles has been generally positive, as the license is enterprise-based and setup requires moderate effort for Active Directory integration and workflow configuration, but the solution provides strong value through automation and delegation.

Before selecting One Identity Active Roles, we evaluated options such as Microsoft Identity Management and SailPoint IdentityIQ, but we chose One Identity Active Roles because of its strong Active Directory integration, automation, and delegated administration.

My advice to others considering One Identity Active Roles is to carefully plan the RBAC model, workflow, and delegation structure before deployment, start with a pilot implementation, and fully utilize its automation and auditing features to improve Active Directory, security, compliance, and operational efficiency. I would rate this solution an eight out of ten.

Our main use cases for One Identity Active Roles include centralized Active Directory management and user lifecycle administration. We use it to automate user provisioning and de-provisioning, manage permission and group policies, and delegate administrative tasks securely while maintaining better control and auditing over the Active Directory environment.

In our day-to-day work, we are using One Identity Active Roles to automate user onboarding for new employees. Instead of manually creating accounts, assigning groups, and configuring permissions in Microsoft Active Directory, the process is handled through predefined workflows and templates. This reduces manual effort, minimizes configuration errors, and helps new users get access to required resources much faster.

One Identity Active Roles has many use cases and fits into our day-to-day work greatly. The important benefit of One Identity Active Roles is role-based administration and auditing. It helps us delegate specific administrative tasks securely without giving full Active Directory access to every administrator. The auditing and reporting capabilities also improve visibility into user and permission changes, which is very useful for compliance and security management.

One Identity Active Roles has many features. Some of the best features include automated user provisioning and de-provisioning, role-based access control, delegated administration, and workflow automation. Its auditing and reporting capabilities are also very valuable because they provide better visibility into changes made within Microsoft Active Directory. Another strong feature is the ability to standardize and simplify identity management tasks, which reduces manual errors and improves operational efficiency.

Workflow automation and delegated features have absolutely impacted our teamwork. The workflow automation and delegated administration features in One Identity Active Roles have significantly reduced manual administrative work for our team. Routine tasks like user creations, password resets, group assignments, and account deactivations are now handled through automated workflows and the approval process.

One Identity Active Roles' auditing and compliance support is another feature we find very useful.

One Identity Active Roles helps improve identity management efficiency, reduce manual administrative efforts, and strengthen security controls around Microsoft Active Directory. After implementing One Identity Active Roles, we noticed a significant reduction in manual identity management tasks and administrative errors. The user onboarding and off-boarding process became much faster because many tasks are automated through workflows and templates.

One area where One Identity Active Roles could improve is the user interface and overall ease of administration for new users.

Another area where One Identity Active Roles could improve is performance and responsiveness during large-scale administrative tasks.

We have been using One Identity Active Roles for around two years.

One Identity Active Roles is stable.

One Identity Active Roles is highly scalable. It has been able to support growing numbers of users, groups, and administrative tasks without major performance and management challenges. The automation and delegated administration features also help organizations scale identity management operations efficiently while maintaining security and control.

Customer support is very good.

Before implementing One Identity Active Roles, we were primarily managing Microsoft Active Directory manually using native administrative tools and scripts. We switched because we needed better automation, delegated administration, auditing, and centralized identity management capabilities. As the environment grew, managing users and permissions manually became more time-consuming and harder to control consistently. One Identity Active Roles provided a more scalable and secure approach.

Our experience with the pricing and licensing of One Identity Active Roles has been generally positive. The initial setup requires planning and configuration around workflows, permissions, and integration with existing infrastructure, but the deployment process is manageable.

We have seen a positive return on investment with One Identity Active Roles. The biggest benefit has been time-saving and reduced administrator workflow through automation and delegated administration. Tasks like user provisioning, access changes, and account deactivations that previously required significant manual efforts are now completed much faster and with fewer errors. One Identity Active Roles also improved operational efficiency without needing additional administrative resources as the environment scaled, while strengthening security and compliance management.

Before choosing One Identity Active Roles, we evaluated some other options.

Organizations considering One Identity Active Roles should plan the implementation carefully, especially around workflows, delegation policies, and Active Directory governance. Starting with a pilot deployment can help identify the right automations and permission structures before a full rollout. It is also important to invest time in understanding One Identity Active Roles' automations and delegated administration capabilities. I would rate this product an 8 out of 10.

Hybrid Cloud

Microsoft Azure