One Identity Manager Reviews

We use One Identity to integrate our internal and external applications into SSO.

One Identity's biggest benefit is application integration. The solution allows us to apply the same governance coverage to all environments. It helps consolidate procurement. One Identity streamlines application access decisions. It allows the application team to choose the protocol the application will use. We can automate access control with One Identity, saving us time and money. The automation gives us a few errors, but it's manageable. 

One Identity's interface is pretty good. It's user-friendly, and you can access most applications inside the console. The user experience is solid. You can use One Identity if you are a layman without much technical experience. You might need a little more training with admin access, but it's easy to learn. 

The identity governance components have some room for improvement, particularly the ability to terminate an employee's ID after leaving the company. Customization can be difficult because One Identity uses specified attributes that we must use.

We have used One Identity Manager.

I rate One Identity Manager eight out of 10 for stability.

I rate One Identity support seven out of 10. 

Neutral

Oracle Access Manager is comparable to One Identity. It's a good product.

Deploying One Identity Manager took around half an hour. Three or four people were involved on our side, and the application team required our product manager and change manager. One Identity requires annual maintenance depending on the customer's requirements, and the number of people devoted to maintenance depends on your environment's size. 

I estimate that the return on investment is around 40-50 percent. 

One Identity Manager isn't the best solution on the market, but it's cost-effective.

I rate One Identity Manager seven out of 10. I would recommend One Identity to a small company. It requires minimum support because it's user-friendly, but you may need something more secure for a large-scale deployment. 

We utilize One Identity Manager to oversee all the identities within the company, and we are constructing workflows to enable self-service keys for compliance and access matters.

One Identity Manager is the optimal solution for creating a unified platform for enterprise-level user administration and governance.

One Identity Manager provides a unified platform for managing both data and privileged accounts. We receive alerts for privileged access and, based on specific criteria, we can determine whether the request is for an end-user account or a privileged account, and apply the appropriate permissions seamlessly.

The user experience and interactivity of One Identity Manager are straightforward for non-IT individuals to utilize.

Customizing One Identity Manager is easy to do.

The business roles of the solution that maps company structures for dynamic application provisioning are important because they help our organization fulfill the needs of any employee automatically, based on the structure. This provides users with immediate access, eliminating the need for human intervention.

The ability of One Identity Manager to extend governance to cloud applications is of great importance because cloud applications have become a new tool in our society. Whether we use private or public clouds, every company will eventually have to transition to the cloud. Therefore, it is crucial to be able to manage all our access within a single platform, which is the best approach. Hence, we obviously require a platform that can connect to the cloud and also handle compromised applications, making it transparent for business use.

One Identity Manager's ability to automate tasks that previously required human intervention has benefited our organization by freeing up the time of our IT department to concentrate on other tasks.

The solution helps us minimize gaps in governance coverage among test, development, and production servers because we can provide access through any environment within the system, freeing up time for our business.

The solution has helped us create a privileged governance stance to close the security gap between privileged users and standard users. We can now view all the accesses from a single interface, which enables us to be proactive in our compliance efforts. Without One Identity Manager, we would have to depend on multiple tools and reports, which can sometimes be delayed. By utilizing One Identity Manager, we can establish preventive rules to avoid any SOC problems or on-the-fly access. While certain access can be granted without risk, it is crucial to have a clear overview, of which One Identity Manager provides.

One Identity Manager helps streamline application access decisions for both permissions and licenses. Using a web designer, we have designed routines that allow us to create disclaimers or automated questions. Based on the user's responses, we can propose either a free license or a pro license, depending on the specific case. Additionally, we have implemented routines to uninstall and deactivate licenses when they are not in use. However, this is always a challenging task because we want to ensure that users do not waste time if they need the software again. The fact that we can easily request any application through an automated process is advantageous. Furthermore, canceling a license does not significantly impact the business since it can be reinstated within minutes if needed again after a few months of not being used.

Streamlining application compliance and application auditing is essential. The single pane of glass visibility helps us maintain compliance, and for application auditing, we can utilize all the reports provided by the IT team. Additionally, we can conduct our own audit reviews and collect evidence to ensure that the process is followed without relying solely on the IT team. This approach aligns with our automation mindset, which we aim to introduce.

One Identity Manager facilitates application owners or line of business managers in making application governance decisions without involving IT. We can provide them with a view where they can see the individuals who have worked on it, the process of their request, and the validating authority, all without needing to inquire from the site.

One Identity Manager has assisted us in achieving an identity-centric zero-trust model through the implementation of various processes.

One Identity Manager is flexible and offers numerous connectors that enable us to serve as the core component of the system, as well as to construct our own connectors using the API.

One Identity Manager can be made more user-friendly for end users. Out of the box, it can be difficult to navigate through the drop-down menu, especially when it comes to accessing the subcategories.

I have been using One Identity Manager for four years: two years as an integrator and two years as a user.

One Identity Manager is stable.

I give the scalability of One Identity Manager a ten out of ten. We are able to scale no matter what. It's completely compatible with the S5 and can achieve load balancing on web servers. It can be integrated into a single database or a cluster for scalability. I can confidently say that if my company were to triple in size tomorrow, it could handle that. I don't have to install what I don't see. I just need to make some improvements to the database and convert it into a web server that will be accessible to users.

If we experience a major incident in production, we can expect to receive a response within one hour. We find solace in knowing that any significant problems will be promptly addressed.

Positive

We had previously worked with Evidian Identity Governance and Administration, among others, but none of them provided all the features in a single solution, unlike One Identity Manager.

The initial setup is complex. Every identity solution is complex because the most important thing is not really linked to the project. It's linked to the analysis we have made before, and then our solution is not linked to the project. Every time, I think that whenever we have to put the analysis management solution in place, it will be complex because we have to take care of the processes that are already in place and also what is happening in the same tool. We have to consider all the existing processes and challenge them to make them better. Many times, some processes are difficult because we couldn't execute them perfectly with the previous solution. So we have to be able to identify if the process is in place like this because of the previous solution that doesn't handle every aspect easily, or if it needs to be redone. The deployment took one year to complete.

We had two individuals from the integrator and two internal employees dedicated full-time to the deployment.

The implementation was completed by our integration partner who provided us with an excellent expert from their team, even though the solution required additional personnel capable of integrating everything within one year. Overall, the experience was positive.

I give One Identity Manager a nine out of ten. This is a solution I want to work with because it brings satisfaction to our users.

We have a complex environment with over 50 locations, various departments, and multiple companies, each with hundreds of distinct functions.

We have two individuals responsible for maintenance, updates, and access to integrators who can provide assistance if necessary. We have around 5,000 end users.

I recommend that organizations wishing to utilize One Identity Manager should first provide internal training for their employees. This approach will enable them to develop their own understanding of the company and reduce dependence on external integrators.

The use case is like any other identity management solution: to provision and de-provision software accounts and entitlements for new hires and terminations, and to update name changes, leaves of absence, and those kinds of business cases. The goal of the tool is to automate processes of updating or modifying user access.

One Identity Manager is going to improve your CIS standards, or any other security framework, because it going to help automate account management and entitlement management. It's going to help organizations run a certification campaign and implement role-based access processes.

It also helps consolidate procurement and licensing. You can configure the tool to track cost-center expenses or licenses of software assigned to users' workstations. Typically, One Identity Manager is not used for that purpose, but it has those capabilities.

Another benefit is that it helps streamline application access decisions, application compliance, and application auditing. You can implement a request process for onboarding of any application, meaning a user can request access to an application and it will follow a workflow approval process and the request can be approved or denied. Once access is granted, One Identity Manager will provide access automatically to the target system. You can also define certification campaigns to recertify access for users. On top of that, you can configure segregation-of-duty rules.

In addition, if the application owner has all the information or the criteria to make a decision—i.e. all these users need access to my application, and all these users don't need access—we can integrate that application within One Identity Manager and enable a request engine process for that application. For example, if a new employee needs access to that application, they need to submit a request for access and the approval process will be directed to the application owner. The application owner can approve or deny access for that person. In that way, the entire decision process belongs to the application owner and not the IT department.

One Identity Manager can also help achieve an identity-centric Zero Trust model. You can configure the tool to identify the different departments, call centers, and locations to give them the minimal permissions necessary to perform a task. Furthermore, if you have critical access or entitlements that need to be recertified, you can run a certification campaign against an Active Directory group or Google group or SIP entitlement to recertify that these entitlements in Active Directory, for example, are assigned to these 20 users. You can then ask someone to certify this critical group and determine if all 20 users are still needed. If the decision-maker denies access to some of those users, the tool can remove the access automatically. It definitely gives you that flexibility.

It helps in managing SAP. There is a connector that you configure with the tool and it helps to provision accounts and assign roles or permissions in SAP. If there is a disconnected SAP application and you want to bring it on board, One Identity Manager gives you the tools to do so.

One Identity Manager connects SAP accounts to employee identities under governance. Although each organization is different, what is typical in some organizations is that it is important for them to meet security compliance regulations like CIS controls. They use the solution to meet those requirements.

In addition, healthcare companies have to be HIPAA compliant. One of the HIPAA rules is related to terminations. They need to make sure that every user or employee who is terminated is denied access within 24 hours. One Identity Manager helps you to implement that kind of case. If we connect One Identity Manager with the human resources system, we can read the employee's end date and automatically disable access for that user in less than 24 hours. In fact, we can disable the employee, once we have connected to Active Directory, in five minutes or less.

One Identity Manager doesn't have a privileged access management model but we can create one. A robust solution is based on the Windows platform. To address this use case you need a SQL Database and Microsoft Internet Information Services. If your organization is a Windows environment, One Identity Manager is a good option for your company.

In terms of the user interface, Quest, the vendor, follows up-to-date web standards for development. Currently, they are moving to implement Angular as a framework to implement end-user UIs. As a result, end-users will see a pretty nice website, a web portal where users can approve requests, submit password changes, or submit new requests. Also, if there is a certification campaign running, the web portal is very user-friendly. The manager can log in and see items that need approval or denial. The current version is designed to support mobile, tablets, and web browsers.

We also make use of One Identity's business roles to map company structures for dynamic application provisioning. That is a very important feature because most companies want to implement role-based access. Business roles are one way to help companies to identify job codes and position codes. It enables the grouping and automating of certain types of access for certain departments. For example, if you know all the people in your sales department, you can configure a business role so that anybody who is a new hire in that department will get certain accounts or certain access or certain groups in different applications. Doing that in One Identity Manager is a very simple task and it is very well organized.

The product can also be extended to support any of the SaaS or PaaS applications on the cloud. Nowadays, identity manager solutions are focused more on managing of identities and entitlement access on-premises. But companies are moving to the cloud and it has become very critical for solutions to start handling user accounts and permissions in the cloud. One Identity Manager is specifically a product that is moving in that direction and providing connectors to the cloud. It's a gap that needs to be closed and not many providers are investing in that. I've been implementing One Identity Manager for 12 years and I still haven't seen any other company doing cloud identity management, 100 percent. Hopefully, next year and in the following years, more companies are going to start adopting that technology.

And whenever you implement test, dev, and production servers, it will help minimize gaps in governance coverage among them. Using the solution you can connect and configure users in production, but if you configure dev or test instances, you should absolutely be able to handle ID and governance access for those applications.

End-user UI customization is difficult and requires some knowledge of proprietary Angular technology. Every time a customer asks us: "Hey, can we modify this form in the UI?" or "Can we integrate a new form?" it's difficult to do. It's possible and we usually do it, but coding form changes typically takes two to four weeks, depending on the changes.

There is also a lack of connectors. One Identity has between 10 and 20 connectors compared to SailPoint IdentityIQ, which has about 100 connectors. Quest is improving on that. They do have cloud connectors and you can expand the number of connectors. They know there is a gap. But the connectors One Identity has are the most common connectors among all organizations.

I have been implementing the solution for about 12 years.

I don't use the solution as an end-user, I just implement it as a consultant for multiple companies. When a company wants One Identity Manager, I gather requirements, do the design, implement the solution, and train people on how to use it.

The product is very stable and performs well for medium-sized organizations with fewer than 200,000 users. For organizations with over half a million identities, there are some performance issues that have been found in previous versions, issues that affect the end-user experience. For example, if you run an attestation cycle or a request for a deployment with half a million identities, the system becomes a little slow in processing end-user requests to refresh a page, because of the amount of data.

Once you go into production and you have a stable system, you have it for a year or two, as long as there is no major issue that you find in your deployment, something that can be fixed in the next release. Typically, customers have the same version for one or two years before they decide to do an upgrade. Going through an upgrade to the next version means a lot of production testing of your current implementation.

The scalability is very good. You can scale the application job servers or web servers. They are very easy to scale. Once you have identified your gap or your need for scaling in your current deployment, it's just a matter of adding a new server, configuring it, and you're done. It's highly scalable.

The only advantage of their Premier Support is that you have an agent from the vendor assigned to your account, someone you can contact for any kind of product updates or fixes. That person will also tell you, "Hey, the next release is coming and these are the new features, these are the hotfixes." You get the added value that if you open a support ticket with them, your Premier Support agent will try to get a response a little sooner than usual.

Neutral

The deployment is in between easy and difficult. On a scale of one to 10, where 10 is "easy," it's an eight. It's not difficult to implement and use the out-of-the-box functionality. I can have a company running in two weeks, including connecting the tool with Active Directory and creating and updating users.

When a company wants more customization, that is when it starts getting more complicated. But if a company is looking for basic use cases and not too much customization, from the start of gathering requirements, though deployment in production and Active Directory, could take three to four weeks. That is fairly simple.

You have the option of deploying the solution on-premises or in the cloud or using Quest's cloud. The solution requires application or database servers in a web server. You can deploy it on-premises or, if you have Amazon or Azure components, you can deploy the solution there. And Quest, as a company, offers cloud services, where you pay for a One Identity Manager instance with the number of users you need, and they will do the installation and configuration for you, and they will take care of all the technology. You then just need to implement your use cases. So there are three options: On-premises, where the customer handles all the servers, in the cloud, where the customer handles all the servers, or through Identity Manager on Demand, where Quest manages all the infrastructure and servers and the customer just implements the business cases.

The number of people involved in an implementation depends. I have led teams of two people and teams of 20 people. I have implemented the solution for companies with 10,000 users and I have done an implementation for a major company with about half a million identities. For that instance, we had 10 dev servers and 20 people involved, including developers, testers, project managers, et cetera.

At the very least, when the vendor releases hotfixes every three or six months, you will need to do maintenance if there is an issue with your implementation that has been addressed in that release. Typically, customers do upgrades once a year to the next version. But the solution doesn't require a lot of attention.

My advice is to review your business cases and try to use most of the out-of-the-box features of the product, instead of asking a consulting company to customize the solution. Adding customizations will add some burden when you need to upgrade to the next version or make changes. They will increase the chances of failure and your progression and smoke testing. Try to reduce the amount of customization with this tool.

When it comes to customizing One Identity Manager for particular needs, it's like any other tool. When the tool is implemented we try to push customers to use all of the functionality. If there is a need to customize, on a scale of one to ten, where ten is easy, customizing it is a seven.

And as a tool, on its own, it does not create a privileged governance stance to close the security gap between privileged users and standard users. It needs to be integrated with another product. One Identity Manager does the user provisioning, de-provisioning, and access requests and management. But if you want a full integration with a PAM solution, Quest has a different solution called One Identity Safeguard. Safeguard is the solution for privileged access management and can be connected with One Identity Manager. By connecting the two tools, you can keep track of the submission of requests with One Identity Manager and the fulfillment of the requests in the privileged access management tool, which is Safeguard.

I am a consultant who works on the backend of One Identity. When a client has a requirement, I add it to the back end. 

One Identity Manager simplifies procurement and licensing. Using business roles helps a lot. Provisioning enables users to make application governance decisions without involving IT personnel. It makes it easier by using account definitions and business roles. 

You can assign different AD groups and applications and enable them for specific users depending on their roles. This minimizes gaps in governance coverage among test, dev, and production servers and makes things easier. 

One Identity is a complete solution that has everything we need. We can use it to manage SAP. It connects SAP to employee identities under governance. This functionality is critical. One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP, which is also crucial. The SAP-specialized workflows are easy to implement. 

One Identity provides a single platform for the administration and governance of users, data, and privileged accounts. It provides a complete overview of all these things. The user interface is intuitive and nice. It shows everything. Customizing the interface isn't hard. You can create custom fields. This is one of the most important things.

The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation.

It extends governance to cloud applications and it's complete, but there needs to be more connectors for it. That's the only thing I don't like.

I have used One Identity Manager for a year and five months.

I rate One Identity's support eight out of 10. We use the standard support. They send you a link to the documentation or a forum where someone else had the same problem. However, sometimes the documentation isn't useful, so they need to escalate the user to the product leads. In those cases, it takes weeks to resolve. 

Positive

The initial deployment was easy and could be completed in one or two days if we only consider the installation and synchronization of target systems. However, it takes longer to set up the business roles and all that. 

I rate One Identity Manager nine out of 10. The only issue I have is the documentation. 

We utilize One Identity Manager to manage the employee lifecycle, provision user accounts, administer numerous systems, and maintain a web portal.

One Identity Manager's ability to consolidate tools helps simplify the administration process.

I would rate the UI nine out of ten. The performance and appearance have improved since the new portal was implemented.

With my experience and the help of the user community, customizing One Identity Manager is not difficult.

The business roles feature is easy to use.

We see the benefits of One Identity Manager within weeks of deployment.

One Identity Manager helps minimize governance gaps between test, development, and production servers. An administrator's experience typically correlates with increased ease of use.

One Identity Manager simplifies the process of determining application access. Integration is straightforward for standard systems like Active Directory or Exchange, but connecting custom web applications requires developing a connector, which is time-consuming but manageable for experienced programmers.

One Identity Manager is more reliable than other identity managers. The most valuable features are the behavior, configuration, and customization options.

Using dynamic business roles can degrade the performance of One Identity Manager.

I would like to have better documentation for configuring other Microsoft systems.

I have been using One Identity Manager for almost four years.

One Identity Manager is stable. If it crashes, it is due to human error, not the solution itself.

One Identity Manager's scalability depends on the use of other Microsoft systems, such as SQL and Windows servers.

The deployment is straightforward. The deployment takes between one and two hours and requires one engineer. The overall implementation requires a team consisting of an architect, an analyzer, one or two programs, testers, and an engineer.

We are integrators who implement One Identity Manager for our customers.

I would rate One Identity Manager nine out of ten.

In most cases, the customer doesn't need to do any maintenance.

We operate in three regions and use One Identity Manager for identity governance.

One Identity Manager enables us to manage SAP systems efficiently. We can configure user settings and assign global and business roles, adding them to the directory regardless of their account activation status.

One Identity Manager integrates SAP accounts with employee identities. We can create accounts by importing job data into the server. However, if an employee's data is missing, we must input it first to create their profile.

One Identity Manager provides a single platform for enterprise-level administration and governance of users' data and privileged accounts.

The interface is intuitive, displaying all employee details and allowing for direct edits after account creation.

Customizing One Identity Manager is easy to do.

One Identity Manager allows us to manage business roles, including adding and removing them through the deployment flow sheet.

One Identity Manager is user-friendly, offering both ease of understanding and management. From a central console, we can apply both business and referral roles.

One Identity Manager helps to make procurement and licensing easier.

One Identity Manager helps us achieve an identity-centric zero-trust model. 

One Identity Manager's account creation feature stands out as its most valuable functionality.

I would like One Identity Manager to offer an easier way for users to learn to use their new features.

I have been using One Identity Manager for two years.

One Identity Manager is stable.

The initial deployment of One Identity Manager was straightforward. We have three environments where we deploy the load sheets to servers in a top-down approach. For removal, we follow the same procedure in reverse order.

I would rate One Identity Manager nine out of ten.

In terms of the use case, the traditional use case related to IAM is to synchronize the accounts to the user ID.

Most of the time, we connect it to Active Directory, Azure AD, SAP One, and one or two other systems at the first stage of the project. At the next stage, we start to integrate it with other systems.

My company is an integrator and a partner. I am not the final customer. I deliver solutions to our customers. I also have other solutions in my portfolio, but my strength is Identity Management.

One Identity Manager delivers SAP-specialized workflows and business logic.

It provides a single platform for enterprise-level administration and governance of users, data, and privileged accounts.

The user interface is not a big problem nowadays. About 10 years ago, it could have been a problem, but now, it is easy to do proper localization in Portuguese, Brazilian Portuguese, and Spanish. We have multiple language support. Of course, it is not yet 100%.

When it comes to customization, we need to model the business rules for customers. Every customer has different business rules. For a similar use case, you can have different business rules. I split the ability to model that into two categories. There is the ability to do the parameterization, and there is the ability to do customization with coding, which can have some risks.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers.

It also helps to create a privileged governance stance to close the security gap between privileged users and standard users.

One Identity Manager helps consolidate procurement and licensing. One of the valuable use cases that this solution provides is to take care of the licensing for some of the applications.

One Identity Manager helps streamline the following aspects of application governance: a) application access decisions; b) application compliance; and c) application auditing. We can deliver a use case where when a user requests access, the user may receive a warning that the access being requested conflicts with some other access that the user may already have. We can now model the SOD rules to validate a request when it is made. It is very important to be able to use One Identity Manager to do this kind of validation at the time of the request.

One Identity Manager enables application owners or line-of-business managers to make application governance decisions without IT. We can model that kind of personas, participate in the process, and make some decisions in the workflow process.

One Identity Manager helps to achieve an identity-centric Zero Trust model. That is a very strong use case of One Identity Manager. They claim that they are the only vendor that can deliver the Zero Trust model or Zero Trust architecture for identity, but I do not know if they are the only vendor.

One Identity Manager connects SAP accounts to employee identities under governance. The connector from One Identity for SAP is the most powerful one in the market. This connector can touch all the levels of the objects in SAP. It can not only be connected to SAP ERP but also to SAP HANA, GRC, etc. One of the strengths of One Identity Manager is the SAP connector. You can touch a lot of the SAP environment and also have deep granularity.

It is a very powerful solution, but when it comes to doing some complex parameterization or authorization, we end up coding. Comparatively, CA solutions require less coding. It is more powerful than the CA solutions, but you end up with coding in VB.Net or C#. Complex parameterization could be better from their side. There can be more documented templates where you can take a piece of code and deliver a specific use case. I cannot find that in the documentation. Sometimes, you can go to the community, and sometimes, you have to use their support.

If you implement it properly and finetune it, it is very stable.

I have used their Premier Support. It is called PSO. It is very easy to book an appointment. You can use the calendar to find a slot. You can take half an hour or one hour. Once you are connected, the guy knows it is very important. Based on my experience, they were able to provide the resolution and tell me about the button that I needed to hit and what I needed to do. At that time, I asked them why it was not documented, and the answer from the PSO was that for specific matters, they wanted us to contact PSO. 

I prefer not to involve PSO because the prices are huge. We try to avoid it. When I need to involve PSO, it adds value, but it is very expensive. Whenever I involved PSO, I got the answers I needed within the time in which I needed the answers. I would rate them a ten out of ten.

Premier Support has not been an influence in purchasing additional licenses or products from the vendor.

Positive

I never implemented the SaaS model because of the pricing. My experience is for on-prem.

Its implementation is easy for me, but it is very complex for those who are doing it the first time. It is not straightforward. They do provide documentation, but it is not easy. I usually build my documentation and enable my team. After that, it is easy.

For its implementation, one project manager and two more people are required. One is senior, and the other one is of intermediate experience. Sometimes, developers are also required for customization.

We licensed it from a distributor. In Brazil, it is not possible to directly license One Identity. The distributor's name is ADISTEC. We did not take their help with implementation. We implemented it ourselves. They help me with other solutions but not with One Identity because it is very specific. In Brazil specifically, I do not have resources to help me with implementation. Quest in Brazil has a structure only for commercials. They do help with presale but for implementation, I do not have any kind of help. I usually take the help of the YouTube channel, the official documentation, and the community. We are pretty much doing everything ourselves.

The maintenance usually involves changing the logic, roles, or workflows. After the sign-off for the implementation, I also provide sustainability services where I take care of any problems and also contact the vendor. I also help with the environment and sometimes help implement a new connector if it is easy to implement or is a native connector from an API, for instance. I take care of the sustaining phase issues where we are not installing everything again. We are doing a little bit of parameterization. These services are helpful for revenue and important for our business.

Its price is okay. 

Overall, I would rate One Identity Manager an eight out of ten.

The primary use case involves overseeing comprehensive identity and access provisioning, along with managing the onboarding and de-provisioning processes for users. This includes orchestrating the creation of new projects, conducting simulations, and ensuring synchronization between a core solution and other target systems.

We utilize One Identity Manager to assist in SAP management. When connecting to an SAP target system, the synchronization of data is facilitated. Following the data sync process, all users can be reviewed within One Identity Manager under the SAP user tab. Furthermore, this tool allows us to publish data seamlessly from One Identity to various target systems.

Identity Governance and Administration is particularly beneficial for addressing the complexities associated with managing SAP, especially when dealing with aspects like transaction code (t-code) profiles and rules. It's important to note that while One Identity Manager doesn't specifically handle t-codes, it does provide functionality through the manager for managing files, rules, and other relevant features associated with transaction codes.

I haven't observed specialized workflows or specific business logic for SAP in One Identity Manager.

One Identity Manager serves as a consolidated platform for enterprise-level administration, offering governance over user data, privileged accounts, and related aspects. It's particularly effective in managing privileged accounts. By incorporating the manager, administrators can easily assign resources, facilitating the seamless management of admin accounts. The available features within the manager enable the creation of special identities, such as admin accounts.

The user experience with One Identity Manager is excellent. It's highly user-friendly, with well-organized features that make exploration intuitive. Everything, including account definitions, is easily accessible in the manager module. You can efficiently check the status and associations of objects, such as which projects or other objects are linked to a specific one.

Customizing the manager to meet our specific needs is crucial, as there are some limitations tied to factors like database performance. These limitations are often dependent on the volume of data being imported or synchronized. It's important to note that the platform's performance can be impacted when dealing with a high volume of data, potentially leading to degradation in performance.

I've utilized the Business Roles feature to map company structures, and it's a highly valuable tool as it allows you to define a set of rules for various markets. This feature facilitates logic and rule sets associated with market specifications. Under the business roles section, you can easily identify how markets can request access through IT software products and sales tools. Each business role is linked to specific SAP roles, creating a layered structure. This functionality simplifies understanding of the connection between SAP roles and business roles. If you're searching for a particular SAP role, you can efficiently locate it within the corresponding business role and vice versa. The platform also makes it easy to check mappings, and if new business roles need to be created, the process is streamlined within the Manager.

The Manager aids in reducing governance gaps among Test, Dev, and Production Servers. By synchronizing data monthly from the production system to the development and sandbox environments, this approach effectively minimizes any potential gaps in governance coverage.

It assists in streamlining decisions related to application access.

It does not include features for application compliance and auditing. Application auditing is not a capability provided. We do have Application rules in place, and for auditing, we utilize the attestation feature available in the Manager. However, it's important to note that managing the entire application is not within the scope of the tool.

In the Manager tools, my favorite feature is the ability to obtain a comprehensive overview of any user efficiently. The portfolio view simplifies this process, eliminating the need to check through Tableau or other tools. Another significant advantage is the quick and easy creation of mappings, roles, and IT configurations for various products within One Identity Manager. This feature stands out as a valuable and time-saving capability in the manager tools.

In our Governance and management tool, One Identity Manager plays a crucial role in connecting SAP accounts to employee identities. This integration ensures that all identities are linked to their respective employee profiles. This connection is of utmost importance because if, for instance, a login is enabled for a specific user, maintaining a consistent ID becomes essential. With One Identity, this process becomes seamless, allowing the replication of related attributes across all relevant systems and ensuring a cohesive identity management approach.

I would like them to enhance the search functionality to enable faster processing when looking for objects. Ideally, the system should automatically identify relevant entries and promptly present the results, eliminating the need for users to input search criteria each time they look for specific objects.

I have been using it for the last six years.

I would rate its stability capabilities eight out of ten.

I would rate the scalability abilities nine out of ten.

Whenever we require support from One Identity, we initiate a service request, and the support team is readily accessible. They typically respond within twenty-four hours and effectively assist us with any issues we encounter. The support from One Identity has been reliable and responsive. I would rate it eight out of ten.

Positive

The initial deployment was straightforward and smooth, mainly due to the clarity provided in the installation guide. Following the step-by-step instructions outlined in the documentation from the One Identity solution made the deployment and setup process very simple.

With the assistance of an architect, I managed the deployment process by completing just the configurations for the initial installation of One Identity. Maintenance during deployment is essential, especially when there are significant changes and script modifications aimed at improving performance. System maintenance is a necessary step in ensuring optimal functionality, and we routinely undertake these tasks.

The system lacks the capability to empower application orders in the line of Business Management to independently make governance decisions for applications without requiring IT involvement.

It did not assist us in realizing an Identity-centric Zero Trust model.

I recommend that individuals working with this system should possess some knowledge of Microsoft SQL and be familiar with server configurations. A good understanding of SQL servers can simplify the process of comprehending and managing cloud repairs. I would rate it nine out of ten.