One Identity Manager Reviews

We used One Identity Management for 15,000 employees of a financial services firm. In addition to the IM functionality, we leveraged One ID for Identity Governance - including access certifications.

We had automated provisioning of users based on HR data. This automatically created 4-5 base accounts and birthright access for users. In addition to that, we leveraged the IT shop to request roles for users which, for the most part, automatically provisioned access to users.

In addition to this, we used the Attestation features of the product to aid in our User Access Reviews.

There were significant productivity benefits over our previous platform with the increased automation which took the process of onboarding staff down from days to minutes. It allowed user self-service for additional access. The approval process was tracked and auditable.

It also improved our security controls with tighter de-provisioning, where we would automatically terminate a user's access when they left the company. In addition, regular user access certification campaigns were undertaken to review staff access and to ensure staff only had the access required to perform their role.

As the team supporting the platform, one of the key features One Identity Manager has that was very valuable was the administration interface which allowed a quick easy overview of staff, their entitlements, and how they had were entitled to access.

Centralizing identity management allowed for a centralized governance model. 

The IT shop is a great tool that allows a simple interface for users to see their access, be able to request additional access, and view the workflow approval process to understand where their request is and what any hold-ups may be. 

The blessing and curse with One Identity Manager was its flexibility and the ability to solve business problems in a number of ways. We fell into that trap of over-customization which made upgrading the product difficult. An improvement would be to offer guides on how you should set up a base configuration. There should also be integration guides to key systems like Active Directory.

In addition to that, we had some slowness with the IT shop when we had significant amounts of data, users, etc., in the system and there were some slow database queries that needed to be optimized and patched. This caused some slowness when running Attestation campaigns. 

I used the solution for over 6 years.

Overall, the tool was stable. Our issues were mostly around customizations and bad data.

The tool is scalable and can include a number of the usual infrastructure scalability options.

Technical support was good, for the most part, especially when the local support team understood our level of expertise. If we were raising a problem it was a real problem and we were put through to the level 3 support quickly.

We had a previous Identity Management Solution and we swapped it out as the old solution had little investment in its user interface and we needed a better interface for our users to be able to self-service effectively.

It was a complex setup process, however, it was the first time it was done in the country 7 years ago. Getting the product installed was straightforward. It would be important to follow a proper SDLC with requirements being a key initial piece of the puzzle to help you maintain costs.

We used a mix of vendor and in-house resources on the project. Like the in-house resources, the vendor at the time had no prior knowledge of the tool so it was a learning journey for both sets of resources.

When we started the journey 7+ years ago, there was a limited skill set in the market, and that is still the case today. 

Like all Identity Management projects, setting firm requirements upfront is important to maintain costs.

We did evaluate other options, however, I wasn't involved in that process.

Look to limit customizations where you can; it can be easier to customize the tool in the short term, however, it can result in significant technical debt and effort in the future.

We use it for the identity lifecycle.

The solution solves our customers' compliance issues and optimizes their administration.

The solution helps to reduce help desk calls in the areas of password resets and misunderstanding requests.

It is highly integrated with our clients.

The policy and role management features are good.

The solution is flexible because you can realize the customer needs. Therefore, it is easy to upgrade specialized things. It provides the flexibly, so you can implement customers' use cases.

The connectivity to the cloud with the cloud identity need improvement. The whole security story in the area of access management along with the possibility to get access is part of this improvement process. This is the cloud access manager (CAM), and it isn't as it should be, but it's a very good long-term solution.

It is important to get the cloud integrated. One Identity is stalling about this in America, and we need it in Europe.

The stability is fine. It works for our use, and the customer is satisfied with it.

The scalability is good. We use it in smaller customer suites, but also in larger ones.

With technical support, it is always an issue to get the right person. They do have good technical people in support, but it is sometimes not so easy to get them.

The solution is easy to set up, but it requires customization, which is not easy for identity management.

When many people are coming or leaving the company, the process is optimized. The productivity is higher because the process can be done faster and easier.

The solution is used very often in the market. There are a lot of satisfied customers using the product. 

They are a lot of partners who can help you implement it, if you are interested.

We know few other products in this industry. The flexibility, long term plan, and roadmap are very good. Also, its future is looking good.

We are using One Identity Manager to manage user access requests. Then we manage the provision, as well as the provision of those users. We get the identities from SAP and then we provide them whatever access they are requesting.

The biggest improvement has been the auditing. Now we have a record of what the users have, what the users have requested and when, and when things were approved. It's all in the same system.

The most valuable feature is the fact that we don't need paper anymore. We came from a paper solution and getting rid of the paper is valuable.

The solution is also flexible. We have customized our IT shop. Because we have so many applications, the solution, out-of-the-box, wasn't good enough for us. So we have customized all our workflows for approvals and it's working fine.

I have some doubts, not about the stability but when they released version 8 we were unsure about the roadmap that they were going to follow. We are waiting for 8.1 before we upgrade.

There's no problem with the scalability.

We have opened a couple of cases and we've had a really good response from the team. Initially, we contacted Professional Services a couple of times, and their answers were pretty good.

We didn't have any solution previously.

The initial setup was complex.

We used a partner. Our experience with them was difficult because the project was really difficult. We had our ups and downs but, in the end, it was good.

For this or any other similar solution, make sure you have the maturity to go forward with an identity management project. If you are at that point, this solution is a good option to look at because it's really flexible. It makes it possible to do a lot of things.

We are getting comfortable with the solution. We're just at the very beginning. We are in production but not for the whole company, so we are not enjoying all the benefits of the solution. In terms of the privileged account governance features, we are not there yet. We are now investigating them and they look fine but, we are progressing slowly.

The solution has helped to simplify compliance, but not as much as we would like because we haven't implemented all the options, all the features yet. We are in the middle of that.

We have integrated the solution with SAP, we need to get identities from it. The integration process with SAP has been the worst. It has been really difficult because our SAP is really customized. The standard connector hasn't been enough, so we have had to create a new connector and it's been really difficult.

I would rate it at eight out of ten. It's pretty new but they are making a great effort to be the best and to focus on the user.

We mostly use One Identity Manager for the tasks of onboarding and offboarding business roles, assigning permissions, and ensuring that we have a record in auditing to fill out compliance needs.

It allows us to do a lot more tasks in an automated way. Previously, we had to do a lot of things manually. Because of the automation, it allows us to assign a resource. We just have to name a resource. This allows us to transfer some tasks to the first line of the service desk, allowing our IT to concentrate more on other tasks and the needs of the business.

The most valuable feature is the configuration of users, especially onboarding and offboarding SAP roles. It is very important this is done in a fast way, especially in connection to the SAP HR system, where we can get a user onboarded as soon as they have the information recorded in HR.

Connections with more clouds systems is already planned. The more that we can use One Identity to connect with other systems to manage all the applications accessed throughout One Identity, the better. I would expect to have more connections and setups to other systems.

Visually, I would like it to be more user-friendly. Version 8 looks visually like version 6, so this still needs improvement in later versions.

The performance is quite bad, but this is because we have a very old version.

We only use the privileged account governance to identify the type of the account where there are no functions designed behind it. This will probably be something that we will develop more in version 8. Because in our current version, we don't want to add more functions with the performance already being poor.

It is not an all or nothing scenario. It's very good that you can choose exactly what fits your business.

We used a partner. So, we don't use the support service directly from One Identity. All the support that we need is done through our partner.

We didn't have a solution to manage identities previously. The need to have an identity management system came from auditing, our SAP needs to have monitoring, and the need to control SAP accounts and roles.

One of the main reasons, in the beginning, to go with One Identity Manager is to have integration with SAP. It's very important to have our business roles and privileged access monitor always up-to-date, especially if you have privileged users and firefighters. You need to monitor their access very carefully.

For version 6, the SAP integration out-of-the-box can be quite exceptional. The configuration might be a bit harder to do in the beginning, but then the functionality and the way it works is very easy and straightforward to use. 

We have reduced about 60 percent of our help desk calls, especially for onboarding and simple tasks that do One Identity automation.

The solution has helped us increase employee productivity when it comes to provisioning users and systems. Now, we have standardization for all countries, where we are in 36 countries, presently. It is very important to be standard in the way you work with the solution. 

Because we have implemented automation to our tasks, we have probably reduced time from a few days to a few hours.

The product is quite flexible. In my previous company, I worked with Microsoft products. Now, I am using One Identity. Its functions are easier to use and more intuitive. You also have more functions available to businesses.

Check the big picture and what exactly the company needs. 

Choose the partner wisely. It's always important to make a successful implementation. 

One Identity Manager is good because it allows you to choose at a granular level exactly what you need for the business.

This is not how it's implemented currently with us, but especially in compliance GDPR and privacy settings, you can have more granular permissions on privileged accounts and be able to monitor who makes changes on the accounts in IDN.

We only have very basic functions now. However, the solution will have an impact on the roadmap of the company and on our company's roadmap of IT solutions to come.

We are tech consultants who deploy One Identity for our clients. Our clients use One Identity for provisioning and deep provisioning users. It is also used for the recertification process and access review. We have integrated One Identity for 15 to 20 clients. Soon, we expect to deploy it for another five to 10. 

The performance could be better. I also think One Identity could improve its documentation for developers. Many of One Identity's features aren't fully documented. We don't have enough information on how to use them.

I have used One Identity Manager for the past six years.

I rate One Identity nine out of 10 for stability.  We haven't seen any downtime. It has worked smoothly since it went into production. 

Deploying One Identity can be straightforward or complex depending on the environment. The time needed to deploy varies with the scope of the project.

We typically have some meetings with the client to understand what they need to integrate with One Identity. We develop custom connectors and move to the production stage if everything is working. 

I rate One Identity Manager eight out of 10. My recommendation to new users is to be patient because it's hard to understand without adequate documentation. It gets easier with time and practice. 

We had several tools over time to try to gain control of IAM, but none of them were capable enough for our needs. We simply had too many systems to work with. We wanted one digital identity for each user and a comprehensive view of each user’s entitlements.

Before the implementation, it was necessary to create user accounts to give access to every single information system and application. A lot of resources were needed for development, implementation, support and control of identities and their entitlements. Employees had up to ten credentials for various applications. Now, our users have just one digital identity for all of our systems.

One Identity Manager provides one digital identity for each of the university’s 20,000 users. It also unifies and automates all processes in staff’s and student’s lifecycle by interfacing with other university systems. IAM is now more transparent to IT, students and staff, and helps reduce risk by automatically controlling access according to a user’s status.

This new approach to IAM has created huge efficiencies for IT, especially when it comes to managing more than 300,000 rights. Compared to the situation we had before, IT staff now spend less or almost no time for managing identities and rights.

We are located in Europe, so GDPR is a must for us. So, One Identity solution is helping  with this topic too.

• It gives the best user experience, enabling us total transparency in user access rights.
• We unified business processes for students and staff at enrollment/hiring/graduation/termination of contract in all organizational units of the university.
• It reduced risks by granting adequate access rights to users.
• The best feature is that HR finally took responsibility of it, so not everything is on IT.
• The policy and role management features are important for identity management.

Improve the implementation of additional One Identity Manager’s features. This we are going to focus on after an upgrade to release 8.1 will be finished.

Generally speaking, the solution has great stability, modularity and scalability. We have not had many stability issues until now. However, my opinion is there is still some space to improve performance. Sometimes synchronizations take too long.

We had several tools over time to try to gain control of user accounts and their privileges. But none of the solutions were capable enough to cover all our our needs. We simply had too many disparate systems to work with. We wanted one digital identity for each user and a comprehensive view of each user’s entitlements. Plus, we needed to ensure we could control those entitlements easily.

We noticed that One Identity Manager was positioned well in Gartner’s Magic Quadrant for User Administration and Provisioning, based on its evaluation of One Identity Manager.

The initial setup was complex. We have a lot of different systems. But, we started step by step with connecting active directory for employees to the IAM system and with data and business processes consolidation. Then, we used the same approach for all our students’ identities and related processes. Many processes we had to redesign, but the main benefit is the processes are much more simplified now. Yes, the journey from introducing One Identity Manager solution to joining all the systems was difficult, but we have reached our final goal.

We have a valuable partner located in Slovenia, who is helping us with analysis and architecture. They advise us with many best practices and are responsible for the implementation and technical aspects of the solution.

This solution helped us to reduce help desk calls. Before the implementation, people were calling because they didn't have access to some systems, etc. After the implementation, we implemented the application access metrics - authenticated users may conduct only previously authorized transactions. Now, all our users have access to these applications when they get their digital identity. Thus, there are no more calls to help desk.

While our journey to find a solution was tiring and we invested a lot of work and knowledge, our expectations have been reached and even exceeded. It's really good to invest time and money in a solution which offers you something that all users, not just IT, can use.

Sometimes, the solution is flexible. However, the customer should sometimes be flexible to the solution, as well.

Those who worked on this implementation now spend less time on user rights, etc. While it lowered their workload with this solution, they are now working on something else.

We use it for meeting compliance requirements.

We were able to clear up some audit actions by providing evidence we have a proper, controlled approval process.

In addition, One Identity Manager has helped to increase employee productivity when it comes to provisioning users and systems.

Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes. It helps us set up the correct approval processes.

Better support for version control and multi-threaded development would be helpful additional features. 

The support for DevOps could be improved with quick delivery cycles and multiple delivery streams.

We do have performance problems, but outside of that, it seems stable.

We have some performance problems, so pushing to scale is a challenge.

The technical support is acceptable. We get responses when we raise queries, but maybe not as fast as we'd like.

We worked with a third-party vendor, TCS. Our experience with them was okay but it was difficult to get skilled resources.

We have seen return on investment.

Think about what the out-of-the-box features are in the product and how those map into your business requirements. Perhaps look at revisiting the business requirements to better fit with the product.

We integrated the solution with SAP, given that we already had a significant SAP deployment for our financial services. Because I wasn't involved in that I can't comment on how that process went.

In terms of our cloud strategy, One Identity Manager hasn't impacted it. The solution will fit within that strategy.

I would rate it at eight out of ten. It meets most of our business requirements. We can deliver functionality the users want, but it does need some improvements, in the performance and support for a DevOps-type quick SOC release.

The out-of-the-box connectors (SAP, LDAP, MS Active Directory, CSVs, etc.), and the one-stop-shop portal for user requests and authorizations which can be customized to display corporate logos and color schemes.

Additionally, certain “out-of-the-box” features can be configured to not be displayed or affect specific behaviors through the Project Configurator.

Additional customization requiring coding is possible, but requires additional planning, coding, and testing and is out of scope for this project.

In D1IM there are different ways of connecting with targeted systems. Out-of-the-box Connectors could be with:

• Connected system modules which allow interaction between D1IM and third party systems, with their specific schema extensions, dedicated synchronization templates and business logic. They allow deeper out-of-the-box target system management.
• Connectors which are predefined synchronization interfaces, developed by Dell, and are highly configurable but cannot be customized!

Interfaces are developed during IdM projects as an additional, customer specific feature of D1IM. This enables the connection of more proprietary or less common systems. Interfaces are easily changed in their functional behavior and implementation.

With this tool, you can easily orchestrate automation user access provisioning and implement multiple layers of authorizations (4 eyes or 6 eyes principles).

• Implementation of skip logic in user access request forms - this topic cannot been explained easily because it requires a deep dive within the functionality of the Web Portal.
• Lack of integration with RestAPI - the lack of out-of-the-box RestApi connectors creates some difficulties in integration running infrastructure as code, with DevOps operation (CI, CD, VCS etc.) and managing On Premise and external clouds.

We have been using this solution since 2006.

We have not encountered any stability issues. The system is rock solid.

We have not encountered any scalability issues.

The Dell technical support is good enough.

The D1IM gives a rare opportunity to integrate multiple authorizations and authentication platforms into a single portal.

The configuration is complex and requires a good understanding of your existing infrastructure and related protocols for communications.

We have no specific advice about licensing issues.

We evaluated Ping One Identity, SAP IDM, Oracle Access Manager, Net IQ Identity Manager, and RSA Access Manager.

Clarify what level of automation is needed in a user access request. Authorization and provisioning is achievable while comparing company needs and objectives.