What advice do you have for others considering One Identity Active Roles?

My advice to others considering One Identity Active Roles is to plan role-based access control models, workflows, and delegation structures carefully, start with a pilot deployment, and fully utilize automation and auditing features to maximize security, compliance, and operational efficiency. I would rate this product a 3 out of 5 in terms of customer service.

My experience with delegation in One Identity Active Roles has been positive, allowing specific administrative tasks to be assigned to the right team without giving full domain access. My experience with the pricing and licensing of One Identity Active Roles has been reasonable for enterprise use. My advice for organizations considering One Identity Active Roles is to plan the role structure, delegation model, and automation workflows properly before implementation to maximize the benefits of automation, improve security, and simplify Active Directory administration. I would rate this review eight out of ten.

My impression of the automation capability of One Identity Active Roles is very positive, as it significantly reduces manual Active Directory tasks through automated provisioning, deprovisioning, group management, approval workflows, and policy enforcement, improving efficiency, consistency, and security across the environment. One Identity Active Roles significantly reduces the complexity of Active Directory administration by centralizing management, automating repetitive tasks, and enabling delegated access control, although the initial setup and advanced workflow configuration can be complex in large enterprise environments. One Identity Active Roles delegation allows service desk or junior administrators to perform specific Active Directory tasks including password resets, user creation, and group management without giving full domain administrative access, which improves security, reduces workload on senior admins, and speeds up request handling. My advice to others considering using One Identity Active Roles is to plan the Active Directory structure, RBAC model, and workflow carefully before deployment. I recommend starting with a pilot implementation and leveraging automation and delegated administration features fully to maximize security, efficiency, and compliance benefits. I would give One Identity Active Roles an overall rating of eight out of ten.

My advice for others considering One Identity Active Roles would be to properly plan the deployment and understand your Active Directory structure before implementation. The product is very useful for automation, delegation, and user lifecycle management, but it delivers the best results when configured carefully. It is also helpful to have a team member with good AD knowledge and to test workflows in a staging environment before moving to production. One Identity Active Roles is a strong solution for organizations that need advanced Active Directory management, automation, and delegation capabilities. It has a bit of a learning curve, but once implemented properly, it can significantly reduce manual effort and improve operational efficiency. The platform is especially valuable for large or complex AD environments where automation and governance are important. One Identity Active Roles has had a very positive impact on our organization, especially in terms of productivity, security, and compliance. From a productivity perspective, it has significantly reduced the amount of manual work for the IT team. Tasks including user onboarding, off-boarding, password reset, group management, and permission assignment are now largely automated. This allows the administrators to focus more on strategic projects instead of repetitive operational tasks. We have also noticed faster turnaround times for account provisioning and fewer support tickets related to access issues. In terms of the biggest improvement, it came from role-based access control and fine-grained delegation. Instead of giving broad administrative privilege, we can now assign limited permission based on responsibilities. This reduced the risk of accidental or unauthorized changes in Active Directory and improved our overall security posture. I would rate this solution an 8 out of 10.

My advice to others looking into using One Identity Active Roles is that if you are looking for easy-to-use software for your business needs, then One Identity Active Roles is the one that you should consider if you are looking for a budget-friendly option. I have rated this review a seven overall.

My advice for others looking into using One Identity Active Roles is to first understand your internal identity and access management processes before implementing the tool, and I recommend starting with clear delegation and automation goals instead of trying to customize everything immediately. I would rate this product an 8.5 out of 10.

My advice for others looking into One Identity Active Roles is to clearly define your Active Directory structure and governance model before implementing it. Invest time in designing roles and workflows properly, as most of the value comes from there. Also, plan the integration carefully and involve the AD and security team early to ensure smooth adoption. One Identity Active Roles has been a reliable and effective solution for managing Active Directory at scale. It improved security, reduced manual work, and brought consistency to the identity operations. The main value comes from proper design and automation setup, which pays off long-term. I would rate this review a 10 out of 10.

My advice for organizations considering One Identity Active Roles is to plan the role structure, workflows, and delegation policies carefully before deployment. Taking time to align the automation and access controls with business processes helps to maximize efficiency, reduce administrative workload, and improve long-term identity management and security operations. I have given this review a rating of 10.

After implementing One Identity Active Roles, user provisioning and access management time was reduced by nearly 50 to 60%. The automation workflows helped lower manual configuration errors and improved compliance by maintaining proper approval trails and access governance records. The automation capabilities of One Identity Active Roles are impressive because they significantly reduce repetitive administrative work and improve consistency. Employee onboarding workflows were automated, so new users automatically receive the correct accounts, group memberships, and permissions based on their department and role. Automated de-provisioning is also used to quickly disable accounts and revoke access when employees leave the organization, improving both efficiency and security. The review rating provided for One Identity Active Roles is 10 out of 10.

My impression of the automation capabilities provided by One Identity Active Roles is very positive - they significantly reduce manual effort and improve consistency. For example, when a new employee joins, I use a predefined template, and One Identity Active Roles automatically creates the user account, applies naming conventions, assigns the correct groups, and enforces policies; previously, this required multiple manual setups, but now it is done in a few clicks with consistent results. One Identity Active Roles has significantly reduced both the complexity and workload of administrative tasks related to Active Directory. Many repetitive tasks are automated, so admins spend much less time on routine activities. Delegated administration allows other teams to handle common requests instead of escalating everything. My experience with the delegation of administrative tasks through One Identity Active Roles has been very positive, as it has made the workflow much more efficient and controlled. It allows specific admin tasks to be assigned to different teams, so routine tasks such as user creation or password resets are handled by help desk teams, meaning requests do not need to be escalated, so turnaround time is much quicker. My advice for organizations considering One Identity Active Roles would be to plan the implementation carefully; clearly define your requirements and decide who should have what level of access before implementing. I would rate this product an eight out of ten.

My impression of the automation capabilities provided by One Identity Active Roles is very positive. It is one of the strongest aspects of the tool and has really streamlined how we manage Microsoft Active Directory. A good example is user onboarding. Earlier, it was a fully manual process creating the account, assigning groups, and setting attributes. Now, with automation, when a request comes in, the workflow handles everything automatically. Account creation, applying naming conventions, assigning the right groups based on department or role, and even triggering approvals if required. Another example is offboarding as well. When an employee leaves, the system can automatically disable the account, remove access, and update attributes. This ensures nothing is missed and improves security. We also use automation for group management. Instead of manually adding users to groups, dynamic rules handle it based on attributes such as department or job title. Overall, automation has reduced manual effort, improved consistency, and minimized errors. It also speeds up the turnaround time for requests, which is a big advantage for both IT and end users. One Identity Active Roles has significantly reduced both the complexity and workload of administrative tasks in Microsoft Active Directory. Earlier, many tasks were manual, such as creating users, assigning groups, and managing permissions, which not only took time, but also increased the chance of errors. With One Identity Active Roles, a lot of that complexity is abstracted through automation policies and delegations. For example, instead of remembering multiple steps for user provisioning, we now rely on workflows that handle everything consistently. It also simplifies administration by providing a centralized interface. We do not have to switch between multiple tools or consoles. From a workload perspective, repetitive tasks have reduced significantly. Things such as password resets, access requests, and group updates are either delegated or automated, which frees up time for more critical tasks. My experience with delegation in One Identity Active Roles has been very positive and it has really improved how we manage day-to-day operations in Microsoft Active Directory. Earlier, most administrative tasks were handled by a small group of admins, which created bottlenecks, especially for routine requests such as password resets or account unlocks. With delegation, we have been able to distribute these tasks to different teams such as the helpdesk, but with very controlled permissions. For example, they can reset passwords or unlock accounts, but they do not have access to sensitive operations such as deleting users or modifying critical attributes. This has had a big impact on our workflow. It reduced dependency on senior admins, improved response time for user requests, reduced workload on the core IT team, and ensured better security through least privilege access. We have actively used the fine-grained permission control feature in One Identity Active Roles and it has had a strong impact on implementing least privilege in Microsoft Active Directory. Instead of giving broad admin access, we have defined very specific permissions based on roles. For example, helpdesk users are only allowed to reset passwords or unlock accounts, but they cannot modify critical attributes or delete users. This level of control has significantly reduced the number of privileged accounts in the environment. It also minimizes the risk of accidental or unauthorized changes. Another benefit is that the permissions are tied to roles, not to individuals. So it is easier to manage when people change teams or responsibilities. Overall, it has helped us enforce least privilege in a practical way, giving users exactly the access they need and nothing more, thereby improving both security and accountability. My main advice for anyone looking to implement One Identity Active Roles is to focus on planning and design upfront. First, clearly define your roles, permissions, and delegation model before implementation. One Identity Active Roles is very powerful, but if the structure is not planned well, it can become complex later. Second, start with basic automation and policies and then gradually expand. Trying to automate everything at once can make troubleshooting difficult. It is better to take a phased approach. Third, I would say to implement least privilege principles from the beginning. Design delegation carefully so users only get the access they need. This avoids rework and improves security. Overall, my advice would be to plan well, start simple, and scale gradually because One Identity Active Roles is a very powerful tool, but it works best with a structured approach. I give this solution an overall rating of nine out of ten.

My main use case for One Identity Active Roles is to centralize and streamline Active Directory administration by implementing secure delegation, automation, and governance control, where I primarily use it for automated user provisioning and de-provisioning based on HR triggers, applying role-based access control through access templates, enforcing naming and attribute policies, and managing group membership dynamically, along with configuring approval workflows for sensitive access requests to ensure compliance and audit readiness, while also reducing manual intervention for service desk teams when delegated limited administrative rights through One Identity Active Roles by giving direct access to the domain controller, thereby improving security and operational efficiency and consistency across the enterprise environment. One specific issue I have encountered recently is that the interface and workflow configuration can become complex and less intuitive, especially when managing multiple approval steps or modifying existing workflows, which sometimes requires deeper scripting or backend adjustments, so more user-friendly and visual workflow design would be a great improvement, and as a wish-list item, I would like to see stronger, more seamless integration with cloud and hybrid environments like Azure AD, along with enhanced real-time reporting dashboards and easier troubleshooting tools, which would help in faster issue resolution and a better overall administration experience. I would rate this product an 8 out of 10.

My advice for anyone considering One Identity Active Roles would be to invest time in proper planning and initial setup, especially around role design, delegation models, and policy configuration, because the real value of the tool comes from how well these are structured from the beginning. Also, ensure your team has a good understanding of Active Directory. I would rate this product a nine out of ten overall.

One Identity Active Roles has significantly reduced the complexity and workload of administrative tasks related to Active Directory, as routine tasks like user creation, password resets, and access changes are automated or delegated, saving time and reducing manual efforts while making management more structured and consistent, making overall administration easier and more efficient. My experience with the delegation of administrative tasks through One Identity Active Roles has been very good, allowing us to assign specific tasks like password resets, account unlocks, and basic user management to the help desk team without giving them full admin rights, which has improved our workflow by reducing the workload on admins and speeding up issue resolution while also improving security and accountability since access is controlled and all actions are properly logged. My advice for others looking into using One Identity Active Roles would be to clearly understand your Active Directory structure and requirements before implementation, plan roles and permissions properly, and make good use of the automation and delegation features to reduce manual work and improve security. Overall, One Identity Active Roles is a reliable tool that simplifies user management and improves security, saving time and making daily operations more efficient. I would rate this product eight out of ten.

I advise others looking into using One Identity Active Roles to plan out your workflows and policies carefully before implementation. One Identity Active Roles is very powerful, but you will get the most value if your processes are clearly defined from the start. Also, start with a phased approach. Begin with key use cases such as provisioning and delegation, then gradually expand to more advanced automation. This makes adoption smoother and avoids overwhelming the team. Finally, invest some time in training and documentation so your team can fully utilize the features instead of just using it as a basic AD tool. I would rate this product a 9 out of 10.

My advice to others considering One Identity Active Roles is to start with clear planning and a well-defined identity governance model before implementation. From our experience, the tool is very powerful, but the real value comes when rules and access policies are properly designed upfront, with the Active Directory structure being clean and well-organized. One final thought about One Identity Active Roles is that its biggest strength is not just automation, but the governance structure it brings to Active Directory management. It efficiently shifts identity management from the manual, ticket-driven process to a policy-based control system, which improves both security and operational consistency over time. I would rate this product a 9 overall.

My advice to organizations considering One Identity Active Roles is to clearly define their identity management requirements and plan the implementation carefully. Investing time designing workflows, delegation models, and policies before deployment ensures smooth operation and maximum benefit from the solution. Organizations should also conduct a proof of concept to validate key use cases such as lifecycle automation and access governance, and proper training for administrators and helpdesk teams is essential to fully utilize the platform's capabilities. Overall, One Identity Active Roles is highly recommended for organizations looking to streamline and secure Active Directory management. I provide this review with an overall rating of nine out of ten.

Organizations looking into One Identity Active Roles should approach it as a strategic identity governance and administration platform, not just another AD management tool. It delivers the most value when implemented with clear processes, role models, and automated goals in mind. One Identity positions it around secure provisioning, delegation, and hybrid AD-Entra ID management. My overall rating for One Identity Active Roles is 9 out of 10.

One Identity Active Roles has had a significant positive impact on our organization's compliance efforts. One of the biggest advantages is the built-in auditing and traceability. Every action, whether it is user creation, group modification, or permission changes, is logged with clear details of who performed it and when. Additionally, policy-based administration ensures that all changes follow predefined rules, which reduces the risk of non-compliant configurations. One Identity Active Roles has significantly reduced both the complexity and workload of Active Directory administration. After implementation, routine tasks are automated, responsibilities are distributed through delegation, and policies ensure consistency automatically. My advice to others considering One Identity Active Roles would be to treat it as a strategic investment rather than just a tool. Before implementing, clearly define your identity management processes. Plan your delegation model and policies carefully. Start with a key use case such as user lifecycle resolution. If implemented correctly, it can significantly improve efficiency, security, and governance, but planning is critical to fully realize its value. Overall, One Identity Active Roles has proven to be a reliable and valuable solution for managing Active Directory at scale. While there are areas for improvement, I would suggest this as one of the best tools I have ever used across my experience. I would rate this solution a 9 out of 10.

One Identity Active Roles has had a very positive impact on our organization, mainly in terms of efficiency and security. First, it has reduced manual work significantly by automating user provisioning and access management, which saves a lot of time for our IT team. Second, it has improved security by ensuring users only get the right access and reducing the risk of over-permission or errors. One Identity Active Roles is a very reliable and powerful solution for identity and access management. It really stands out in terms of automation, security, and centralized control, especially in hybrid environments. It helps reduce manual effort, enforce policies, and maintain consistency across systems. At the same time, it has a slight learning curve and some areas of improvement, as with any enterprise tool. However, once properly implemented, it delivers strong value. I would definitely recommend One Identity Active Roles for organizations looking to improve efficiency and strengthen their identity and security.

I highly recommend One Identity Active Roles for any organization looking for strong management of their Active Directory in their environment with strong control, automation, and security features. Organizations can consider this solution the best fit. I also advise starting with the basic configuration and expanding gradually while providing proper training to the IT team. This will be helpful and beneficial over time. I give this product a rating of 9 out of 10.

There are no additional thoughts to comment on regarding the main use case. One Identity Active Roles is perfectly adequate as of now. One Identity Active Roles is recommended as one of the best solutions currently in the market since it addresses many issues such as risks faced, inconsistent account setup, excessive admin privileges, lack of audit trails, and manual provisioning errors, all of which can be resolved with this solution. This review has been given a rating of eight.

One Identity Active Roles is a great solution, which is why I have chosen a rating of nine for this review, with one point reserved for future enhancement of the solution.

Discussions around pricing and licensing reveal that One Identity Active Roles follows a standard enterprise model, but the true costs often arise during implementation, making it budget-friendly yet potentially shocking at the initial quote stage when transitioning from a manual environment. For organizations considering One Identity Active Roles, I recommend establishing a direct relationship with your account team early, which can help bypass standard queues when addressing critical issues, ensuring a smoother experience with the tool. My overall review rating for One Identity Active Roles is eight out of ten.

Planning carefully for the initial setup is important as it can be complex and time-consuming. Ensure that there is access to expertise in Active Directory. The review rating for One Identity Active Roles is 9.

One Identity Active Roles is not a scalable solution for our organization since we have local deployment and approximately 50 users, and scalability is not really relevant to us. It is not a global solution; it is not worldwide. The process of streamlining directory security for on-premises and cloud-based directories is not particularly applicable to my situation. Approximately 50 users use the solution. I would say One Identity Active Roles has reduced privileged accounts by about 30 percent. To my knowledge, it has not helped reduce identity-based breaches. I assess the visibility that One Identity Active Roles provides into my directory ecosystem as excellent. I would rate the granular control of One Identity Active Roles as a ten out of ten. I would recommend this product, but it depends on exactly what you are trying to achieve; conducting a proof of concept about what you would like to see is vital. It is very difficult to answer in a review because it depends on the pain points of the customer and what they are trying to accomplish. Overall, I would recommend it and I am satisfied with the product. The vendor may reach out if they have any questions or comments about my review. My overall review rating for One Identity Active Roles is nine out of ten.

The advice I would give to others looking into using One Identity Active Roles is to be already familiar with Active Directory Users and Computers if possible, and dive into the automation as much as possible when you first receive it without hesitation to test it. One Identity Active Roles is a very stable product and we would not consider getting rid of it, or at least a product of this sort, as there is definitely a need for it. I would say that as we migrate further into the cloud, there will probably be less of a need for it, but certainly for on-premises Active Directory, it is very important to us. I gave this review a rating of six.

Overall, I would give One Identity Active Roles a rating of nine out of ten. The main pain point I have is not huge because I know there are AD audit solutions out there individually. But with the control that One Identity Active Roles has, being as intuitive as it is, I think it is a nine out of ten. I would recommend it to any healthcare conglomerate that has multiple hands in an Active Directory environment. There are many components that I think our team is not touching the surface on from a dynamic group perspective, and we just use it for what it is today, but I think there are more components that we could explore.

My advice for others considering One Identity Active Roles is to proceed with the implementation. Start with one line of business, and then expand it to multiple lines of business and customer environments. I also suggest taking advantage of auditing and reporting from day one to simplify compliance. I would rate this product an eight out of ten.

Right now, a lot of the discussion is centered on agentic AI for One Identity Active Roles. An agentic AI who can do most common tasks on its own would really help. To be very honest, the ability to provision and de-provision resources in directories needs to be handled by my technical person, since I do not belong to that field. I feel with the kind of use cases which One Identity Active Roles addresses and the kind of market we play into, then I think nine is a good rating for them. There is always room for improvement, so hence I am not giving it a ten at this time.

Regarding integration, I have not yet integrated One Identity with other One Identity products as this process is ongoing with our recent upgrade. While we have multiple One Identity products, this integration remains a future project. Regarding lifecycle management capabilities via the workflow engine, we have not fully utilized it because most workplaces have used third-party tools such as Microsoft MIM. At my previous workplace, SailPoint was used for complete account lifecycle management. We primarily used One Identity Active Roles for account management after creation and for modification of admin accounts. I would recommend One Identity Active Roles based on its ability to manage domains from a single interface and provide minimal-required access based on work requirements. The web interface login and MMC console are very user-friendly. I would rate this solution an eight out of ten.

I would definitely recommend One Identity Active Roles because it allows the delegation of Active Directory through a web portal instead of a console. Additionally, while the Entra ID part requires improvements, it can still delegate Entra ID objects. I rate the overall solution an 8 out of 10.

I would recommend One Identity Active Roles due to its straightforward delegation capabilities, comprehensive management of Active Directory objects, an excellent PowerShell cmdlet suite for scripting, and a robust change history feature for auditing. The overall solution is rated as eight out of ten.

If there is a colleague who wants to manage Active Directory without an identity and access management solution, I would ask: "do you actually know what's going on in the Active Directory? What delegated control have you given, and what is the visibility of the delegated controls? What naming standards do you have for departments, for office locations, for cities? How do you make sure that you can only select the already predefined locations? Also, what kind of business are you in? Are you hit by we're not hit by dollar, but are you hit by dollar? Are you hit by NIST two? Are you hit by SOX? What compliance requirements do you actually have?" Roles fits very nicely in that role with some of these regulations and compliance issues you need to address. Depending on company size, even with fewer identities, it might be essential for highly regulated industries like finance. Having a product like One Identity Active Roles allows centralized management and limits what delegated users can do. In native Active Directory, delegation could grant too many rights, but now it permits granular delegation, such as allowing a support user to change passwords only. This level of control is beneficial for multiple companies, as harming the directory can hurt the business. I rate the product nine out of ten.

I'm a One Identity partner. Our clients range from small to enterprises. Customers range from 50 to 30,000 people. If there is any mess in Active Directory, like excessive delegations and errors, One Identity Active Roles will help clean it up and simplify work. It allows administrators to confidently ensure everything is configured correctly in Active Directory, securing it effectively. I rate the product nine out of ten.

It is good, and I would recommend it, but you should do a proof of concept and see if it works for your environment. Overall, I would rate the solution an eight out of ten.

I would rate One Identity Active Roles an eight out of ten.

I rate One Identity Active Roles 10 out of 10. Managing singular identities without a management suite is difficult. Active Roles is not an identity and access management solution. It's an Active Directory management suite.

I rate One Identity Active Roles 10 out of 10. My suggestion to future users is to map out your roles with as much granular precision as possible. We're trying to solve the same problems with fewer products. We're not there yet, but we plan to consolidate, and our customers are happy with One Identity products.

I'm a project manager. I can't compare the solution to anything else. We don't use anything else, and we've not used anything else for many years. I'd recommend the solution to others. It's a great tool. I'd rate the solution seven out of ten.

I don't believe the solution enables you to create a user in the cloud and give them access to resources through a single workflow; not out of the box. You could certainly create that, but we don't do that. We use Azure AD Connect for that. We create the user account on-prem, and Azure AD Connect will create that user in the cloud for us. Definitely do a PoC, but I would recommend Active Roles for a small company. I don't know if it would actually scale. You have to write custom scripts for a lot of it, whereas built-in functionality would generally be quicker. But for small companies of 2,000 employees, and maybe a little bit bigger, it's a great product. It's so much easier and cheaper than any of its arrivals.

I give the solution an eight out of ten. Although small companies can use the solution, it is not essential for them. However, it is recommended for medium and large organizations. One Identity Active Roles exist because of the shortfalls in Active Directory. Before implementing One Identity Active Roles, it is important to identify the pain areas and challenges that the solution can address. This solution provides a lot of options and is highly customizable, so it is important to start with the key pain areas and challenges that the organization is facing. By doing so, the organization can gradually increase the scope of the implementation and reduce delays in automating or executing certain tasks. It is common for people in organizations to resist change. They often prefer to work in the same way they have always worked, with the same tools and processes. In order to get people to adopt a new solution, such as One Identity Active Roles, it is important to convince them of the benefits of the change. This can be done by demonstrating how the new solution will improve efficiency, reduce costs, or increase security. It is also important to get buy-in from both the top management and the technical staff. Once everyone is on board, the change is much more likely to be successful.

I rate One Identity Active Roles eight out of 10. It has an unattractive web UI. If they could fix that and make it more configurable, I would give it a 10. My advice to future users is to integrate as many applications as you can into this and use all the dynamic groups.

It is a good tool and anybody who works with Microsoft Active Directory and Azure can definitely benefit from using Active Roles. But it can be challenging to get Active Roles and Azure to play nicely together, depending on how your company is configured. For some organizations, I could see that the product could help move staff to more important IT initiatives, but we don't use it at a level that it would help us in that capacity. The big lesson learned—and it would depend on various people's skill levels or proficiency— for a new implementation where you're working with Azure and not Office 365, would be to budget for at least a one- or two-day session with Professional Services. That would save you a lot of time, and in terms of hourly costs, you would actually probably end up saving money by buying the Professional Services session. I am in the process of scheduling a meeting with One Identity Professional Services to start using Active Roles for migration from AD to Azure AD. We've tried to mesh our Active Roles implementation with our new Azure setup and it's been challenging. Added support is definitely needed to get over the last few humps there. I do find it a very useful tool. I have researched other players in the field and there's not a lot out there. Active Roles has the edge. I don't see us moving to a different product, but the biggest frustration has been getting enough support out of support.

If you're going to implement it out-of-the box, off-the-shelf, exactly as it's meant to be, you should be able to do it on your own. It's pretty straightforward. If you intend to do anything else with it, a good integrator is key. The biggest lesson we've learned is that the flexibility and the extensibility of this platform allowed us to achieve far more efficiencies than we ever expected. What became the short-term certainly isn't going to be the long-term, but it proved credibility here, and that was what was really important. It gave us the credibility that we could do what we said we were going to do: take us off of a legacy tool that was broken, make things more efficient, and close the gaps until we could put in the full-blown solution.

My advice would be to make sure that you have a full-time team assigned to the solution. Take your time for the onboarding. It takes more time than we initially thought. I would rate One Identity Active Roles a seven out of ten.

If you have a need to put controls on your Active Directory environment, and there is significant manual work to put those controls in place, regardless of their effectiveness, or you have a risky native configuration that has to be addressed, my advice is that a solution like this is going to do the job pretty brilliantly. It is a great solution with a lot of capabilities. It provides different types of value for each of the capabilities that it has. Over a decade, this solution has done its job. It's a very stable system, easy to implement, easy to upgrade, and has very low operation maintenance costs. We are a very happy customer of Active Roles.

If you are very new to the product and want to get your money's worth out of it when you utilize it, because it has a lot of features, use an implementer or get some consulting time to make sure that you're utilizing it to its full potential. Biggest lesson learnt: Our IT staff, prior to using this, never really followed instructions. We're not using Azure Active Directory with Active Roles in any way. We do love that we can manage multiple Active Directories from one console and have that single pane of glass on-prem. We have multiple Active Directory environments, so we can manage them and see them all in one place. It's not integrated with a PAM solution at this time. We've thought about it, but we're not there yet. I would rate this solution a 10 out of 10.

Test it. Whenever you test it in your real environment, you normally want it. If you talk with an AD administrator about this solution and you display the features: How you save time, how you avoid errors, etc. It's a really good product. The main problem is getting companies to pay money for the product, but all AD administrators want to have this solution.

My advice would be to certainly consider Active Roles and, depending on the size of the organization, consider integrating it with Starling as well. I know the solution is extensible through cloud-delivered services but we don't use those currently. I would rate Active Roles a nine out of ten, based on the convenience it's given us.

I would give this solution a nine out of ten. There's always room for improvement. With every product, nothing is completely done. But this product is definitely up there.

This product has tremendous potential. It can be used to automate a lot of day to day activities. I always tell my customers, list down all your requirements, pain areas, and day to day tasks. Prioritize them, and use this tool to automate these tasks as per priority.