One Identity Manager Reviews

The primary use case is to allow users to quickly administrate their permissions and data.

As a consultant, it is a good product to sell.

It always helps to improve the processes of the customers.

• It's very flexible. You can customize it to the fullest extent. You can use it for almost every situation for every customer.
• The policy and role management features are very good. They have gotten better over time.
• The privileged accounts governance features are very good.

As consultants, it's a very complicated to learn it at first, which makes it hard to find people to work with it.

The Synchronization Editor has to become easier to use for us, as technical consultants, because sometimes it's very complicated. If, as a new feature, there would more connectors out of the box in the Synchronization Editor, this would help a lot.

It is very stable. We did had some occasions where we had problems with the stability, but the stability is very good.

It is very scalable. We have customers with just a few users to customers with hundreds of thousands of users.

The initial set up was quite complex. It takes quite some time to get use to this product because of its complexity. Then, you are able to customize it and do everything the customer needs.

It takes some time before we, as consultants, really receive benefits out of it. This applies to the customer, as well.

It will impact the cloud strategy of a lot of customers in the future. We just started to implement this feature for customers, so it should have a huge impact in the future.

We have not integrated the solution with SAP.

We want to bring our on-premise systems under our control, then our cloud solutions under our control.

With this product, we been able to bring together HR, IT, and lifecycle management. It is very helpful for managing the Joiner/Mover/Leaver process. We also use it for compliance on all the audits which are around.

We have integrated the solution with SAP, which has governance. We need to manage the Visual Administrator and One Identity Manager. The integration is pretty straightforward. There were some bugs with version 6 which are being removed with version 8, which is good. The platform is progressing. Though, some parts of SAP are not covered yet, like GRC.

The tool is like a big Lego in which you can use the parts that make sense for your organization.

It has several components out-of-the-box.

The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price. 

I would like the sync editor to be able to change labels because currently our concurrent development cannot work on this.

Self-service is important for our end users. However, after three years, people continue calling the help desk, and the help desk is using this solution to make its requests.

The web front-end definitely needs improvement.

Once the solution is configured, the stability is good.

We are an organization with 10,000 employees. This means 100,000 accounts or an account in group tables or approximately one million. We are not really big. It works okay for us as long as we fine tune some parts in the web design. 

The technical support is non-existent. It is not worth talking about.

We used a homemade solution, which was AD-based. It was a layer on top of AD with Java and Oracle Database in the background, but we had to move to something that can also manage could cloud, which was why we switched.

If you have consultants who do not know the solution nor the target systems, the initial setup is hard. It is my impression that if you are some very huge organization. One Identity will send the best people. If you are unimportant, then you get people who are seeing this application for the first time. This is the only way that I can explain what happen to us in the past.

We used someone at first, who was definitely not good. Then, we used Deloitte France, who was also not good. Then, we use Deloitte Germany, and the solution finally worked. That was three attempts. It was really hard to find good people.

On deprovisioning, when somebody leaves the organization, it allows us to better cut access to everything that they had.

The finalists were SailPoint IdentityIQ and One Identity. The reason that we chose One Identity was due to the logic of the connectors that they have. From those, we understood that this solution contained expertise on target systems.

If you want real-time management, it can be done within three to five working days with this product. That is how we do things today, so we have a process in place and do it with internal resources.

Bring your processors in under your control. Define what you want and when it works in Excel, then you are ready to buy the solution. It doesn't really matter which solution you would buy, as long as you have things under control.

The policy and role management features are very powerful, but it is hard to make the organization use them in the proper way.

We have not implemented the privileged account governance features.

From the back-end perspective (provisioning engine), I would give it a nine out of ten. However, from the web front-end, I would give it a five out of ten.

We use it for all things related to identity in our organization.

It will have an impact on our cloud IT strategy, as we are planning to move to the cloud. We are looking to go to Azure, but we will still have an on-premise product.

It is a flexible because it is customizable. It allows you to build anything on top of it.

The web portal can be a bit muggy at times. This is one of the key complaints from our customers. This is a major issue with version 6, and while version 7 is slightly better, I am hoping this is fixed in version 8.

I would rate it as a seven out of ten, because there is definitely room for improvement.

The data is easy to manipulate using SQL queries and commands.

The product was initially brought in to replace an unsupported solution. Later on, it became a partner self-service portal, reducing service desk calls to create accounts for business partners.

There are too many configuration interfaces. They could simplify the design to not require VB/PS coding to draw the workflows.

I have used this solution for three years.

The initial connection to the domain and LDAP trees was painful. However, once configured, it was stable.

The product scaled well. We had approximately 8000 users at the time of implementation.

There is great technical support. No issues there.

We used Novell's DirXML 1.1a. The client opted to migrate instead of upgrading.

The initial setup was complex due to the customer’s complex environment. A third-party service provider was required for deployment.

Licensing can be high. Quest usually bundles with other products, so you can get a better deal.

We only upgraded from the same vendor, Novell at the time.

The product has its challenges, but when well configured, it can provide good results.

In Q1IM, at least the version I worked with, it wasn't very intuitive to create processes and you need to actually add code to the boxes in order to customize. I always compare with NetIQ/Microfocus as they have the designer which is easier to elaborate rules.

About the interface, they have multiple applications, such as report designer, webdesigner, designer, object browser, import tool, manager, identity manager, jobqueue info. Its a suit of apps. It takes time to get familiar with them and know which does what.

Everything (location, cost center, department, business role, etc.) is a role.

The Data Importer is a great tool to create an ETL. It generates code which is easy to maintain later without the tool.

The Attestation function lets you easily define grant/deny workflows based on constellations in the database.

We were able to connect 300+ SAP clients who were requesting access to SAP roles with the software. We also established an offboarding/onboarding process for SAP clients, as well as other target systems.

Some internal structures are in place because of already depreciated functions back from the time when the solution was used for software deployment and as a help desk.

Four years.

Versioning requires a lot of customizing effort.

No issues.

Web Designer consumes a lot of memory based on certain queries that could let the IIS run short on memory. This could be mitigated with more memory.

Very good.

Very good.

No.

No, it is wizard driven. If something went wrong we had to restart from the beginning.

The vendor team had a mixed level of experience, but there were enough excellent engineers.

Unmeasured.

Start with an operations team that is motivated to learn a lot in a short period of time. The longer you wait, the more expensive it will be to get the right level of expertise in this area.

I was not involved.

Great product, which I would recommend. It has a huge learning curve, but could solve all your IAM challenges. Make sure to have a good team and support from the vendor.

Our primary use case is for integration to a second system, which will use the role-based access management for the identities and user accounts in the One Identity Manager.

This is almost a complete solution for us. The data input to the second system, which has the role-based definitions, has made things easier. This is even with bubble representation.

The features are open and have a good tabular structure for the data, as well as the connected relational/relative topology.

The support documents and data sheets should be made available to the implementation of folks the product website. There's is less documentation available to the public.
There should be installer version available than a portable/web-portal which will be more useful during the testing.

We did not use a solution previous to this one.

It's costlier than some other products and there is nothing that fits every solution. You have to plan your design in advance based on your needs and user base.

We did not evaluate other options.

This was for customers identity management, where there were a huge number of domains and the customer had unnecessarily complicated the system with a lot of parameters and attributes. 

Larger customization has made the system complex and confusing. The people who deployed it initially did little to document it. This has had a negative, delayed impact on the overall project and solution. 

The good part is Quest One IDM allows for large customization.

• Separated modules and integration allow for more capabilities 
• Graphical and tabular interfaces
• VB and SQL front-end and back-end

A detailed solution document to registered aspirants and interested people would help them achieve what they require before its tested and pushed to production. Quest Software should provide notes and documents to customers before they buy the product and license.

We use it to facilitate our total identity and access management process, from HR to our target systems are using this product.

The product makes it easier for employees to be more productive.

The standard connectors are the most valuable feature.

The product is flexible. For example, it offers cloud features.

We would like the product to integrate with ServiceNow, since One Identity Manager and ServiceNow are two of our better tools. An integration between these two tools would be better for us.

The current product is stable. We are trying to get rid stability issues from the legacy version. We are now implementing version 8.2, which is so much better than version 6.

The product can grow with us.

The initial setup is fairly easy. To set up the workflows, you need good knowledge of the product. One Identity could improve the setup documentation, as it does not support, "How do I start?"

You need a good partner to assist with the implementation.

We are trying to achieve more targeted systems in the future.

We do not use the policy and role management features.

We have not integrated with SAP.