One Identity Manager Reviews

We use One Identity Manager for identity governance.

One Identity Manager provides a single platform for enterprise-level administration and governance of user data and privileged accounts.

One Identity Manager provides a good user experience and intuitiveness.

After the training, basic configuration and customization are quite easy to do. For complex customization, we need to consult a consultant.

The business role's functionality is not that important at this time, but it will become more important as we grow using the application.

One Identity Manager makes provisioning easier, and it's a modern solution.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. This has made the process more automated.

We have started the process of closing the gap between privileged and standard users. As we progress along our roadmap, we will see the gap shrinking.

It helps streamline application access decisions.

One Identity Manager helps with application compliance and application auditing.

One Identity Manager has helped us to achieve an identity-centric zero-trust model. This automates tasks and reduces manual steps, which leads to fewer errors.

I like the customer-facing portal because it is simple to use for end users. Some of the features are also easy to configure.

The customization process should be simplified.

I have been using One Identity Manager for four months.

The SaaS version has stability issues.

One Identity Manager is scalable.

The technical support team's response time needs to be improved.

Neutral

We previously used the legacy Sun Identity Management application, which was no longer supported. Therefore, we decided to switch to One Identity Manager.

The initial deployment was complex, primarily due to business needs, rather than One Identity Manager.

Configuring and testing took months, and we had a team of 20 people involved in the deployment.

We partnered with iC Consult.

iC Consult helped us implement and customize One Identity Manager.

iC Consult trained our staff. 

We are satisfied with their performance.

Our One Identity partner also helped with post-implementation support. We could not have deployed the solution without them.

One Identity Manager is fairly priced.

I would rate One Identity Manager seven out of ten.

We have it deployed globally. Currently, we have 100 people using the solution but it will eventually be used by 6,000 people.

The maintenance is completed by One Identity.

I recommend doing a proof of concept before implementing One Identity Manager.

We use the solution for the management of identity and access identity, mostly for our employees.

It really helps in application access decisions, application compliance, and application auditing. That is what we mainly use it for: to have governance and compliance.

The solution has helped application owners make application governance decisions without IT. That's how we configured it. That has been a positive effect.

There are a lot of valuable features, including connectors, attestations, and workflow.

For the governance of users, data, and privileged accounts, it's really strong. It's really good, a 10 out of 10.

We also make use of its business roles to map company structures for dynamic application provisioning. That aspect is super important.

It has problems with performance. This is a very serious issue for us. Other than that, it's really capable. The performance is what is missing. It's really poor.

A second problem is the visibility in the search functionality. You don't have flexible search capabilities when you look for either roles or users. You cannot use multiple attributes. The search fields are very limited and that definitely needs improvement.

Also, the interface is really old. From that perspective, it's a six out of 10.

Another issue is that it is really difficult to customize it to our needs. If "10" is super-difficult, I would rate the customization at eight. When it comes to the options, it is super flexible. From that perspective, it is really strong.

I have been using One Identity Manager for almost two years.

It's a stable solution.

So far, it has been scalable when it comes to connecting new systems. When it comes to the performance of the tool, as I mentioned, if you want to have multiple users using it at the same time, it really lacks scalability.

We currently have around 60,000 users of the solution.

I believe we use Premier Support. To be perfectly honest, we were not very happy about Premier Support, and it was escalated.

The answer we usually get is that something will be fixed in the next release, or the release after that. Sometimes they help, but most of the problems are not solved.

Neutral

We had a previous solution, RSA, previously known as Aveksa, but it was not scalable enough for our needs, and it had internal bugs and problems.

We upgraded to One Identity mainly for the connectors. Because of the performance, we're struggling a little bit with One Identity. Other than that, it gives us what we need.

Taking into account our requirements, the deployment had to be complex because we're a complex organization. In general, we have one central solution that is delivered to the entire organization. We operate in a tenant model where particular entities can manage their scopes of applications and roles.

We were super-fast in the deployment. It took us about one and a half years. But we migrated the previous solution into One Identity, so we had already built most of the structures. We also had the connectors and definitions.

We had 10 to 14 people involved.

There is a lot of maintenance, including patching, upgrading versions, implementing improvements, and building new functionalities. It includes the whole life cycle.

I don't have access to how much we pay for licenses. That usually depends on how the company negotiates. But I believe the pricing is fair.

We recently started connecting One Identity Manager to SAP. I'm not an expert on SAP, but it's not the main system that we're interested in. One Identity Manager connects SAP accounts to employees' identities under governance, but it's just in one of the countries where we operate, and it's not even the biggest one that is using SAP. It's critical for them, but our entire company is not based on SAP.

If you configure One Identity Manager and use it properly, it helps minimize holes in data coverage for test, dev, and production servers. But it usually depends on the coverage.

In terms of Zero Trust, that requires a lot of more things, not only One Identity Manager, and we don't use other products from them.

The performance problems are a pain point, but if I compare it to not having the solution in place, it really has a positive impact. One Identity Manager really can help you, but compared to our previous process, because of the performance issues, it is actually a little down from what we had before.

Overall, I would definitely recommend One Identity Manager because we were struggling previously with our other solution, which was a little bit worse.

We utilize One Identity Manager to oversee all the identities within the company, and we are constructing workflows to enable self-service keys for compliance and access matters.

One Identity Manager is the optimal solution for creating a unified platform for enterprise-level user administration and governance.

One Identity Manager provides a unified platform for managing both data and privileged accounts. We receive alerts for privileged access and, based on specific criteria, we can determine whether the request is for an end-user account or a privileged account, and apply the appropriate permissions seamlessly.

The user experience and interactivity of One Identity Manager are straightforward for non-IT individuals to utilize.

Customizing One Identity Manager is easy to do.

The business roles of the solution that maps company structures for dynamic application provisioning are important because they help our organization fulfill the needs of any employee automatically, based on the structure. This provides users with immediate access, eliminating the need for human intervention.

The ability of One Identity Manager to extend governance to cloud applications is of great importance because cloud applications have become a new tool in our society. Whether we use private or public clouds, every company will eventually have to transition to the cloud. Therefore, it is crucial to be able to manage all our access within a single platform, which is the best approach. Hence, we obviously require a platform that can connect to the cloud and also handle compromised applications, making it transparent for business use.

One Identity Manager's ability to automate tasks that previously required human intervention has benefited our organization by freeing up the time of our IT department to concentrate on other tasks.

The solution helps us minimize gaps in governance coverage among test, development, and production servers because we can provide access through any environment within the system, freeing up time for our business.

The solution has helped us create a privileged governance stance to close the security gap between privileged users and standard users. We can now view all the accesses from a single interface, which enables us to be proactive in our compliance efforts. Without One Identity Manager, we would have to depend on multiple tools and reports, which can sometimes be delayed. By utilizing One Identity Manager, we can establish preventive rules to avoid any SOC problems or on-the-fly access. While certain access can be granted without risk, it is crucial to have a clear overview, of which One Identity Manager provides.

One Identity Manager helps streamline application access decisions for both permissions and licenses. Using a web designer, we have designed routines that allow us to create disclaimers or automated questions. Based on the user's responses, we can propose either a free license or a pro license, depending on the specific case. Additionally, we have implemented routines to uninstall and deactivate licenses when they are not in use. However, this is always a challenging task because we want to ensure that users do not waste time if they need the software again. The fact that we can easily request any application through an automated process is advantageous. Furthermore, canceling a license does not significantly impact the business since it can be reinstated within minutes if needed again after a few months of not being used.

Streamlining application compliance and application auditing is essential. The single pane of glass visibility helps us maintain compliance, and for application auditing, we can utilize all the reports provided by the IT team. Additionally, we can conduct our own audit reviews and collect evidence to ensure that the process is followed without relying solely on the IT team. This approach aligns with our automation mindset, which we aim to introduce.

One Identity Manager facilitates application owners or line of business managers in making application governance decisions without involving IT. We can provide them with a view where they can see the individuals who have worked on it, the process of their request, and the validating authority, all without needing to inquire from the site.

One Identity Manager has assisted us in achieving an identity-centric zero-trust model through the implementation of various processes.

One Identity Manager is flexible and offers numerous connectors that enable us to serve as the core component of the system, as well as to construct our own connectors using the API.

One Identity Manager can be made more user-friendly for end users. Out of the box, it can be difficult to navigate through the drop-down menu, especially when it comes to accessing the subcategories.

I have been using One Identity Manager for four years: two years as an integrator and two years as a user.

One Identity Manager is stable.

I give the scalability of One Identity Manager a ten out of ten. We are able to scale no matter what. It's completely compatible with the S5 and can achieve load balancing on web servers. It can be integrated into a single database or a cluster for scalability. I can confidently say that if my company were to triple in size tomorrow, it could handle that. I don't have to install what I don't see. I just need to make some improvements to the database and convert it into a web server that will be accessible to users.

If we experience a major incident in production, we can expect to receive a response within one hour. We find solace in knowing that any significant problems will be promptly addressed.

Positive

We had previously worked with Evidian Identity Governance and Administration, among others, but none of them provided all the features in a single solution, unlike One Identity Manager.

The initial setup is complex. Every identity solution is complex because the most important thing is not really linked to the project. It's linked to the analysis we have made before, and then our solution is not linked to the project. Every time, I think that whenever we have to put the analysis management solution in place, it will be complex because we have to take care of the processes that are already in place and also what is happening in the same tool. We have to consider all the existing processes and challenge them to make them better. Many times, some processes are difficult because we couldn't execute them perfectly with the previous solution. So we have to be able to identify if the process is in place like this because of the previous solution that doesn't handle every aspect easily, or if it needs to be redone. The deployment took one year to complete.

We had two individuals from the integrator and two internal employees dedicated full-time to the deployment.

The implementation was completed by our integration partner who provided us with an excellent expert from their team, even though the solution required additional personnel capable of integrating everything within one year. Overall, the experience was positive.

I give One Identity Manager a nine out of ten. This is a solution I want to work with because it brings satisfaction to our users.

We have a complex environment with over 50 locations, various departments, and multiple companies, each with hundreds of distinct functions.

We have two individuals responsible for maintenance, updates, and access to integrators who can provide assistance if necessary. We have around 5,000 end users.

I recommend that organizations wishing to utilize One Identity Manager should first provide internal training for their employees. This approach will enable them to develop their own understanding of the company and reduce dependence on external integrators.

We are utilizing One Identity Manager as a provisioning engine. The main use case for us is to manage the identity life cycle of enterprise users in our context.

In my current role where I am managing this overall program, not only from the administration aspect but as the one whom all other departments reach out to with their request, one clear benefit is delegation. One aspect that I like about this solution is delegation. We have delegated administration in a way that we have access to new campaigns configured. This solution has a prebuilt option where we can configure campaign managers, and those campaign managers have a very nice prebuilt dashboard where they can monitor the campaign itself. That is very helpful. We can give these department's folks access.

Our identity landscape is very customized and unique. We are not only providing access for different users; we also have a huge set of non-human identities. We have a huge set of provisioned and service accounts. In our previous legacy solution, the issue that we were facing was that the solution was not very robust. We could not come up with some self-governed scenarios, such as moving the ownership of non-human identities, moving the ownership of service accounts based on the change in the managerial hierarchy, or based on users' movements within the organization. With One Identity, there are very good features that come prebuilt. For example, the department hierarchy within the One Identity solution helped us to build some automated logic, which was missing in the legacy solution. Other than the self-service features, there is also the ability to use ready-made capabilities and scale up on top of it. That was another reason to go for this solution at that time.

We make use of the solution’s business roles to map company structures for dynamic application provisioning. We use it quite heavily. In our context, we have two types of roles. We are using more of the requestable roles, not dynamic roles, and we also have dynamic role-based access control configured as per our organization hierarchy. We have defined entitlements and accesses that each department leverages. Accordingly, we have defined roles in our system.

The capabilities of this solution, in terms of out-of-the-box features and the ability for us to do customization on top of it, have helped us to come up with some automated processes, which were earlier taken care of manually by our staff. Whenever human intervention is involved, it is prone to error. It has helped us to bridge those gaps, which ultimately enhanced our governance score.

It has overall helped us to create a privileged governance stance to close the security gap between privileged users and standard users. With the processes that we had earlier, there were gaps in terms of changing the ownerships of privileged accounts and managing them in a way to have notifications in place. The majority of the stuff is provided out of the box to manage privileged accesses. Also, if you are a One Identity shop and have the Privileged Access Management product from One Identity, you are covered 100% out of the box. You do not have to do any customizations. If you are using any other tools for privileged access management, the product has very good features, which you can scale up and customize in your own context.

It has helped enable application owners or line-of-business managers to make application governance decisions without IT, but we are not using it that extensively for that. In terms of the product having features to do it, it has the features because we are using business roles where we have defined owners of business roles. Product-wise, there is out-of-the-box functionality for business owners to manage the membership. In this way, those lines of business owners are empowered to either revoke access or conduct a review on it. Earlier, with the legacy product, they were not able to do that because there was no such functionality.

In terms of user experience, once you get an understanding of the overall working of the product, it is not that difficult. There are so many underlying components within the product, and they are interlinked and working together. The initial impression is that it is just way too complicated for any developer to customize, but once you get familiar with how it is processing the information and how each box is working in silos, and what is the linkage in between, it makes sense. On a scale of ten, I would give it a seven. Three points to spare are for One Identity to enhance its documentation and maybe come up with more. They have a very good YouTube channel where they post content about One Identity. That is very helpful. However, in terms of explaining to new developers, there is room for improvement.

It has a lot of depth. It has advanced features. As a customer or as someone who is managing the solution, I like its self-service capabilities where it has lots of powers, and the users can select any reference users. The majority of the time, we face an issue where new joiners are not aware of what they need to have in order for them to do their job. One Identity has the answer where they can know this by selecting any reference users, which are basically their colleagues. This way, they can quickly know what sort of access they have in the system, and they can raise the same. The system will automatically identify it for them. It saves a lot of time and is also a very useful feature.

Another valuable aspect is the depth of the product. It allows the support team to reroute certain requests to different people, and within their request flow itself, you can ask questions. All these features are very helpful in our context.

There is room for improvement in terms of the ease of adding custom forms to onboard contingent workers. IT Shop is a great tool, specifically in terms of the self-service mechanism where it allows users to request different accesses. However, there are no prebuilt or easily customizable forms that developers can use to create onboarding forms for contingent workers. In most organizations, contingent workers do not have any authoritative source as HR. The majority of the time, the only authoritative source is the Identity Manager or the Identity Management department itself. I would love to see any enhancement in this regard. For user experience and intuitiveness, on a scale of ten, I would rate it an eight out of ten.

There is no out-of-the-box or very easy way to configure processes to manage non-human accounts. The functionalities that we have built are totally customized on top of what One Identity provided out of the box. It would have been nice to see some out-of-the-box or plug-and-play features available for it. However, the functionality was there, and we were able to scale up in terms of customization. Whatever we did was totally customized.

There should be some ready-to-use templates or utilities as the other Identity product providers have. There should be some sort of features that you can enable or there should be utilities that you can even purchase at extra cost. For example, it would be nice to see the utilities to manage privileged accounts or forms, onboarding forms, or other small things that different clients can leverage, even if it comes at a fraction of the cost.

The overall documentation needs improvement. This product has a lot of features, but people are not aware of it. The depth itself is still unknown.

Skilled resources are very difficult to find for One Identity, which leads us to the conclusion that there is very little certification or free information that users can just opt for and learn. In addition to the documentation, they should also provide more resources. Free training for partners would be nice because being a manager, it is very hard for me to locate skilled resources for this tool.

I have been using this solution for a total of five years. I have worked with it for three years in a technical role and for two years in a managerial role where I am managing people who are directly and technically managing the solution.

It is very stable. We do not need to do anything even with patching. I would rate it a nine out of ten for stability.

I would rate it a seven out of ten for scalability because I feel that the architecture of the product is such that you cannot have very effective active-to-active integration between the job servers.

For critical issues, it is good because you can call them, but for the regular issues, I feel that there is a lack of skilled resources on their side.

Neutral

We had another solution from a different vendor, and we replaced that solution with One Identity. We switched because of the self-service capabilities and advanced governance features, which were missing in the earlier solution.

Onboarding from authoritative sources and onboarding directly to One Identity Manager for contingent workers was never an issue for us, even with the legacy solution that we had earlier. The main use case for which we mainly deployed One Identity Manager and replaced the legacy solution was the self-service capabilities. There were limited self-service capabilities in the legacy solution. So, we brought this solution, which complemented the automated provisioning of users in a way that not only the solution is capable of automatically provisioning accesses based upon the policies and templates that we define in our system, but it also has very good features where it allows the end users to do many tasks by themselves. There is a self-service portal, which is called IT Shop in One Identity's terminology.

In terms of consolidation of procurement and licensing, we have not used any other solutions in such depth or so extensively. We still have one use case, which we had with the previous product as well, where we have all Oracle E-Business Suite accesses published on our self-service. The same flows are valid with One Identity as well. However, they are managing the POs and other things. That is still with the ERP itself. We have not gone to the extent of taking responsibility for the functionality of each responsibility within our identity management.

It is deployed on-prem. Our project was not just a deployment. It was also replacing the legacy solution. It was quite a unique and complex project. It took us around eight months to complete it fully because we not only deployed it, we also replaced the whole solution, and we had many integrations in place.

It requires maintenance in terms of product upgrades and security patching. In terms of One Identity upgrades, every two years, we have to upgrade because the previous version is not supported. The other thing for every organization is infrastructure vulnerability patching, so it does require maintenance.

The team that performed the deployment and did the migration had three people: two technical and one architect. The team that is currently managing includes one administrator, one architect, and one developer.

It is cost-efficient compared to its competitors. It is cost-effective. I do not know about the other regions, but here in the Middle East, the competitors are almost double the price.

I would recommend One Identity Manager in terms of value for money, but I would not recommend it in terms of skilled resources. If One Identity increases education, then it is a very good value product.

In terms of the extension of governance to cloud apps, we do have such a mechanism, but we are not directly connecting with any cloud apps. We follow our process. We do it through a proxy or some sort of data power or middleware tool. So, we do have some integration with cloud apps, but we have not used the new feature. I suppose they now have out-of-the-box connectors to connect with cloud apps, but we are not using that feature as of now because it requires a separate license. Unfortunately, we have a short budget on that ground. However, from what I heard from my developers, it is a very nice feature, and it is easy to connect, but we do not have the use case to validate.

Overall, I would rate One Identity Manager an eight out of ten.

We use One Identity Manager to synchronize SAP inbound and outbound Exchange data. More generally, we aim to synchronize data between target systems, such as those used in banking or other companies, and One Identity Manager.

One Identity Manager includes a default SAP connector that we utilize. Its simplicity is evident in connecting to SAP sites through a straightforward click or by completing a connection filtering form. We can easily establish mapping and workflow for SAP sites, making it a streamlined process. While exceptions may exist for specific customers, we can accommodate their needs by customizing workflow mappings based on their requests. Overall, the SAP connector provided by One Identity Manager is remarkably user-friendly and accessible to all, in my opinion.

We've used the web designer module, but it won't be available next year. One Identity has transitioned from web designer to Angular web development, offering complete freedom to create custom web pages and websites. While Angular requires JavaScript knowledge, it provides unrestricted development capabilities, unlike the complex web designer module. New employees struggled with learning web design, but Angular's accessibility empowers developers to modify everything within the One Identity website and backend, including database interactions and custom code development. This flexibility makes One Identity Manager a powerful tool for connecting various systems and databases.

Business roles are crucial for our customers because they are an essential identity management tool. Without them, we'd need to manually authorize every employee and group. However, Business roles allow us to create and assign business roles automatically. This is vital for our customers as we develop best practices for business workflows. A key component is creating business websites, for which we establish job descriptions and roles. Subsequently, we automate role assignments based on organization or title, which significantly streamlines our processes.

One Identity Manager is user-friendly for the end user.

One Identity Manager significantly simplifies application auditing. The auditing site we use extensively is one of its most valuable features. One Identity Manager is remarkably effective for auditing because it empowers us to create and deliver new attestation or compliance tools. We can generate all these audits through both the website and Manager modules. The audit screen on the website is exceptionally user-friendly. Customers consistently praise the audit feature, and we have received no complaints about the auditing site. We are highly satisfied with using the audit site for One Identity Manager.

One Identity Manager's most valuable asset is the ability to customize its front-end website.

The One Identity Manager documentation could be improved. Despite using the solution for six years, I encounter difficulties understanding certain features due to unclear explanations in the documentation. Additionally, while the One Identity Manager community has the potential to be a valuable resource, the community site does not effectively assist all users.

The report site could be improved because while One Identity Manager offers around forty default reports, our customers find them insufficient for their needs. Consequently, we must create custom reports to meet their specific requirements. Although building custom reports within One Identity Manager is straightforward, enhancing the existing default reports would greatly benefit our users.

I have been using One Identity Manager for six years.

I would rate the stability of One Identity Manager nine out of ten. While all software products are prone to errors or bugs, I have encountered none, specifically in version nine. Compared to previous versions like eight and seven, which did experience issues that required resolution, version nine represents a significant improvement in stability and reliability, making it the best version of One Identity Manager thus far.

One Identity Manager is well-suited for large-scale environments, making it an ideal solution for enterprise clients.

We use Premier Support from One Identity Manager. They respond quickly to our tickets, and our customers are extremely happy with the support.

Positive

The deployment is straightforward and takes a week to complete.

Prices in Turkey are high due to inflation, a challenge we've heard about from our customers. We understand that European consumers may have different expectations, but we must reduce the pricing to attract customers.

I would rate One Identity Manager nine out of ten.

Generally, we don't utilize a governance site but instead rely on an identity management site. Initially, our customers define the SAP architecture or structure, outlining user roles that must be created and associated with specific rules. We then establish the SAP site's structure and architecture, focusing on user management before addressing roles. Subsequently, we incorporate the business side to enable dynamic role calculation for users by creating business rules for role management and assigning roles to users.

I highly recommend One Identity Manager to others. Its ability to develop everything within a single platform is incredibly valuable for customers. Many other products or software often encounter challenges or require custom development, but One Identity Manager offers a comprehensive solution. Its simplicity and customization options make it a standout choice. While I haven't used other identity management products extensively, I am familiar with some features of competitors like SailPoint. However, One Identity Manager's flexibility allows for modifications to accommodate specific needs, unlike some out-of-the-box alternatives.

We operate in three regions and use One Identity Manager for identity governance.

One Identity Manager enables us to manage SAP systems efficiently. We can configure user settings and assign global and business roles, adding them to the directory regardless of their account activation status.

One Identity Manager integrates SAP accounts with employee identities. We can create accounts by importing job data into the server. However, if an employee's data is missing, we must input it first to create their profile.

One Identity Manager provides a single platform for enterprise-level administration and governance of users' data and privileged accounts.

The interface is intuitive, displaying all employee details and allowing for direct edits after account creation.

Customizing One Identity Manager is easy to do.

One Identity Manager allows us to manage business roles, including adding and removing them through the deployment flow sheet.

One Identity Manager is user-friendly, offering both ease of understanding and management. From a central console, we can apply both business and referral roles.

One Identity Manager helps to make procurement and licensing easier.

One Identity Manager helps us achieve an identity-centric zero-trust model. 

One Identity Manager's account creation feature stands out as its most valuable functionality.

I would like One Identity Manager to offer an easier way for users to learn to use their new features.

I have been using One Identity Manager for two years.

One Identity Manager is stable.

The initial deployment of One Identity Manager was straightforward. We have three environments where we deploy the load sheets to servers in a top-down approach. For removal, we follow the same procedure in reverse order.

I would rate One Identity Manager nine out of ten.

In terms of the use case, the traditional use case related to IAM is to synchronize the accounts to the user ID.

Most of the time, we connect it to Active Directory, Azure AD, SAP One, and one or two other systems at the first stage of the project. At the next stage, we start to integrate it with other systems.

My company is an integrator and a partner. I am not the final customer. I deliver solutions to our customers. I also have other solutions in my portfolio, but my strength is Identity Management.

One Identity Manager delivers SAP-specialized workflows and business logic.

It provides a single platform for enterprise-level administration and governance of users, data, and privileged accounts.

The user interface is not a big problem nowadays. About 10 years ago, it could have been a problem, but now, it is easy to do proper localization in Portuguese, Brazilian Portuguese, and Spanish. We have multiple language support. Of course, it is not yet 100%.

When it comes to customization, we need to model the business rules for customers. Every customer has different business rules. For a similar use case, you can have different business rules. I split the ability to model that into two categories. There is the ability to do the parameterization, and there is the ability to do customization with coding, which can have some risks.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers.

It also helps to create a privileged governance stance to close the security gap between privileged users and standard users.

One Identity Manager helps consolidate procurement and licensing. One of the valuable use cases that this solution provides is to take care of the licensing for some of the applications.

One Identity Manager helps streamline the following aspects of application governance: a) application access decisions; b) application compliance; and c) application auditing. We can deliver a use case where when a user requests access, the user may receive a warning that the access being requested conflicts with some other access that the user may already have. We can now model the SOD rules to validate a request when it is made. It is very important to be able to use One Identity Manager to do this kind of validation at the time of the request.

One Identity Manager enables application owners or line-of-business managers to make application governance decisions without IT. We can model that kind of personas, participate in the process, and make some decisions in the workflow process.

One Identity Manager helps to achieve an identity-centric Zero Trust model. That is a very strong use case of One Identity Manager. They claim that they are the only vendor that can deliver the Zero Trust model or Zero Trust architecture for identity, but I do not know if they are the only vendor.

One Identity Manager connects SAP accounts to employee identities under governance. The connector from One Identity for SAP is the most powerful one in the market. This connector can touch all the levels of the objects in SAP. It can not only be connected to SAP ERP but also to SAP HANA, GRC, etc. One of the strengths of One Identity Manager is the SAP connector. You can touch a lot of the SAP environment and also have deep granularity.

It is a very powerful solution, but when it comes to doing some complex parameterization or authorization, we end up coding. Comparatively, CA solutions require less coding. It is more powerful than the CA solutions, but you end up with coding in VB.Net or C#. Complex parameterization could be better from their side. There can be more documented templates where you can take a piece of code and deliver a specific use case. I cannot find that in the documentation. Sometimes, you can go to the community, and sometimes, you have to use their support.

If you implement it properly and finetune it, it is very stable.

I have used their Premier Support. It is called PSO. It is very easy to book an appointment. You can use the calendar to find a slot. You can take half an hour or one hour. Once you are connected, the guy knows it is very important. Based on my experience, they were able to provide the resolution and tell me about the button that I needed to hit and what I needed to do. At that time, I asked them why it was not documented, and the answer from the PSO was that for specific matters, they wanted us to contact PSO. 

I prefer not to involve PSO because the prices are huge. We try to avoid it. When I need to involve PSO, it adds value, but it is very expensive. Whenever I involved PSO, I got the answers I needed within the time in which I needed the answers. I would rate them a ten out of ten.

Premier Support has not been an influence in purchasing additional licenses or products from the vendor.

Positive

I never implemented the SaaS model because of the pricing. My experience is for on-prem.

Its implementation is easy for me, but it is very complex for those who are doing it the first time. It is not straightforward. They do provide documentation, but it is not easy. I usually build my documentation and enable my team. After that, it is easy.

For its implementation, one project manager and two more people are required. One is senior, and the other one is of intermediate experience. Sometimes, developers are also required for customization.

We licensed it from a distributor. In Brazil, it is not possible to directly license One Identity. The distributor's name is ADISTEC. We did not take their help with implementation. We implemented it ourselves. They help me with other solutions but not with One Identity because it is very specific. In Brazil specifically, I do not have resources to help me with implementation. Quest in Brazil has a structure only for commercials. They do help with presale but for implementation, I do not have any kind of help. I usually take the help of the YouTube channel, the official documentation, and the community. We are pretty much doing everything ourselves.

The maintenance usually involves changing the logic, roles, or workflows. After the sign-off for the implementation, I also provide sustainability services where I take care of any problems and also contact the vendor. I also help with the environment and sometimes help implement a new connector if it is easy to implement or is a native connector from an API, for instance. I take care of the sustaining phase issues where we are not installing everything again. We are doing a little bit of parameterization. These services are helpful for revenue and important for our business.

Its price is okay. 

Overall, I would rate One Identity Manager an eight out of ten.

The primary use case involves overseeing comprehensive identity and access provisioning, along with managing the onboarding and de-provisioning processes for users. This includes orchestrating the creation of new projects, conducting simulations, and ensuring synchronization between a core solution and other target systems.

We utilize One Identity Manager to assist in SAP management. When connecting to an SAP target system, the synchronization of data is facilitated. Following the data sync process, all users can be reviewed within One Identity Manager under the SAP user tab. Furthermore, this tool allows us to publish data seamlessly from One Identity to various target systems.

Identity Governance and Administration is particularly beneficial for addressing the complexities associated with managing SAP, especially when dealing with aspects like transaction code (t-code) profiles and rules. It's important to note that while One Identity Manager doesn't specifically handle t-codes, it does provide functionality through the manager for managing files, rules, and other relevant features associated with transaction codes.

I haven't observed specialized workflows or specific business logic for SAP in One Identity Manager.

One Identity Manager serves as a consolidated platform for enterprise-level administration, offering governance over user data, privileged accounts, and related aspects. It's particularly effective in managing privileged accounts. By incorporating the manager, administrators can easily assign resources, facilitating the seamless management of admin accounts. The available features within the manager enable the creation of special identities, such as admin accounts.

The user experience with One Identity Manager is excellent. It's highly user-friendly, with well-organized features that make exploration intuitive. Everything, including account definitions, is easily accessible in the manager module. You can efficiently check the status and associations of objects, such as which projects or other objects are linked to a specific one.

Customizing the manager to meet our specific needs is crucial, as there are some limitations tied to factors like database performance. These limitations are often dependent on the volume of data being imported or synchronized. It's important to note that the platform's performance can be impacted when dealing with a high volume of data, potentially leading to degradation in performance.

I've utilized the Business Roles feature to map company structures, and it's a highly valuable tool as it allows you to define a set of rules for various markets. This feature facilitates logic and rule sets associated with market specifications. Under the business roles section, you can easily identify how markets can request access through IT software products and sales tools. Each business role is linked to specific SAP roles, creating a layered structure. This functionality simplifies understanding of the connection between SAP roles and business roles. If you're searching for a particular SAP role, you can efficiently locate it within the corresponding business role and vice versa. The platform also makes it easy to check mappings, and if new business roles need to be created, the process is streamlined within the Manager.

The Manager aids in reducing governance gaps among Test, Dev, and Production Servers. By synchronizing data monthly from the production system to the development and sandbox environments, this approach effectively minimizes any potential gaps in governance coverage.

It assists in streamlining decisions related to application access.

It does not include features for application compliance and auditing. Application auditing is not a capability provided. We do have Application rules in place, and for auditing, we utilize the attestation feature available in the Manager. However, it's important to note that managing the entire application is not within the scope of the tool.

In the Manager tools, my favorite feature is the ability to obtain a comprehensive overview of any user efficiently. The portfolio view simplifies this process, eliminating the need to check through Tableau or other tools. Another significant advantage is the quick and easy creation of mappings, roles, and IT configurations for various products within One Identity Manager. This feature stands out as a valuable and time-saving capability in the manager tools.

In our Governance and management tool, One Identity Manager plays a crucial role in connecting SAP accounts to employee identities. This integration ensures that all identities are linked to their respective employee profiles. This connection is of utmost importance because if, for instance, a login is enabled for a specific user, maintaining a consistent ID becomes essential. With One Identity, this process becomes seamless, allowing the replication of related attributes across all relevant systems and ensuring a cohesive identity management approach.

I would like them to enhance the search functionality to enable faster processing when looking for objects. Ideally, the system should automatically identify relevant entries and promptly present the results, eliminating the need for users to input search criteria each time they look for specific objects.

I have been using it for the last six years.

I would rate its stability capabilities eight out of ten.

I would rate the scalability abilities nine out of ten.

Whenever we require support from One Identity, we initiate a service request, and the support team is readily accessible. They typically respond within twenty-four hours and effectively assist us with any issues we encounter. The support from One Identity has been reliable and responsive. I would rate it eight out of ten.

Positive

The initial deployment was straightforward and smooth, mainly due to the clarity provided in the installation guide. Following the step-by-step instructions outlined in the documentation from the One Identity solution made the deployment and setup process very simple.

With the assistance of an architect, I managed the deployment process by completing just the configurations for the initial installation of One Identity. Maintenance during deployment is essential, especially when there are significant changes and script modifications aimed at improving performance. System maintenance is a necessary step in ensuring optimal functionality, and we routinely undertake these tasks.

The system lacks the capability to empower application orders in the line of Business Management to independently make governance decisions for applications without requiring IT involvement.

It did not assist us in realizing an Identity-centric Zero Trust model.

I recommend that individuals working with this system should possess some knowledge of Microsoft SQL and be familiar with server configurations. A good understanding of SQL servers can simplify the process of comprehending and managing cloud repairs. I would rate it nine out of ten.