No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Tivoli Access Manager [EOL] vs One Identity Active Roles comparison

IBM and One Identity are both solutions in the User Provisioning Software category. Additionally, 93% of IBM users are willing to recommend the solution, compared to 100% of One Identity users who would recommend it.
One Identity Active Roles
Read 87 One Identity Active Roles reviews
  • 7,934 Views
  • 2,777 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between IBM Tivoli Access Manager [EOL] and One Identity Active Roles based on real PeerSpot user reviews.

Find out what your peers are saying about One Identity, SailPoint, Omada and others in User Provisioning Software.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed User Provisioning Software Report (Updated: June 2026).
Buyer's Guide
User Provisioning Software
June 2026
Download the complete report
Helped 900,747 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Tivoli Access Manager [...
Average Rating
8.0
Reviews Sentiment
3.8
Number of Reviews
29
Ranking in other categories
No ranking in other categories
One Identity Active Roles
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
87
Ranking in other categories
User Provisioning Software (3rd), Active Directory Management (1st), Non-Human Identity Management (NHIM) (1st)
 

Featured Reviews

it_user711612 - PeerSpot reviewer
it_user711612
Senior Consultant at a insurance company with 1,001-5,000 employees
Reverse proxy provides central control over authentication and authorization.
It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features Reverse proxy is the most valuable feature as it provides central control over authentication and…
Read full review
Varun Mehra - PeerSpot reviewer
Varun Mehra
collaboration support engineer at a retailer with 11-50 employees
Automation has transformed onboarding and access control and now streamlines daily governance
While One Identity Active Roles is a strong identity and access management solution overall, there are a few areas where it could improve. One challenge we experienced was the initial setup and configuration complexity. Deploying workflows, policies, and delegation models require careful planning and a good understanding of the Active Directory environment. For organizations without experienced administrators, the learning curve can feel quite steep in the beginning. The user interface could also be more modern and intuitive. Some administrative tasks require navigating through multiple menus and the overall experience could be simplified for faster day-to-day management. Another area for improvement is reporting and customization. While the auditing features are good, creating highly customized reports sometimes requires additional efforts or scripting knowledge. More built-in reporting templates and easier dashboard customization would be helpful. We have also noticed that troubleshooting workflows or synchronization issues can occasionally take time because the logs can be very detailed and technical. Better diagnostic tools and simpler error explanations would improve the operational experience. That said, once the platform is properly configured and maintained, it performs reliably and delivers strong automation, delegation, and governance capabilities. One additional area where One Identity Active Roles could improve is cloud integration and hybrid environment management. While it works well with Active Directory and the Microsoft environment, organizations moving heavily towards cloud-first infrastructure may want even deeper and more seamless integration with modern SaaS platforms and identity providers. Performance optimization in large environments could be improved. In very large enterprise deployments with complex workflows and multiple managed domains, some administrative actions and synchronization tasks can occasionally feel slower than expected. Another point is documentation and onboarding resources. The product is feature-rich, but some advanced configurations require going through extensive documentation. More practical examples, guided setup wizards, and easier to follow best practice guides would help new administrators adopt the platform faster. Overall, the core functionality is solid, and most of the pain points are related more to usability, complexity, and modernization rather than the reliability. One additional improvement I would mention is around integration flexibility with third-party ITSM and DevOps tools. While the platform integrates well within Microsoft-centric environments, broader out-of-the-box integration and simpler API workflows for non-Microsoft ecosystems would make deployment and automation easier for organizations using diverse infrastructure. Another area is upgrade and migration simplicity. In enterprise environments, version upgrades and environment migration sometimes require careful planning and testing. Streamlining that process with more automated compatibility checks and migration assistance would reduce operational overhead.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The Verify feature: A push method which customers are going for."
"It is a very stable and good product."
"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."
"It is a totally secure way of accessing clients through various application portals for more than ten EU countries, just by using single sign-on."
"Tivoli Access Manager (or IBM Security Access Manager) is a fully featured web authentication, sso and authorization product."
"Since its birth it is an unbelievable stable product."
"The SSO, URL-based access control, OAuth 2 and OIDC are the most valuable features."
"IBM directory server offers the best roll-out experience."
More IBM Tivoli Access Manager [EOL] pros
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"We have seen a huge return on investment with One Identity Active Roles, with measurable reductions in provisioning and admin efforts by 40 to 60%, eliminating the need for thousands of additional staff and leading to approximately 75% ROI and cost reduction."
"One positive impact we noticed from One Identity Active Roles was improved operational efficiency; earlier, many user management tasks were handled manually, which took more time and sometimes created inconsistencies, but using intelligent role-based workflows and automation made onboarding and access modification faster and more standardized, and we also saw better control over privileged access since permissions were delegated properly, reducing high-level administrative rights, which improved accountability and balanced security with operational speed."
"One Identity Active Roles has positively impacted our organization by making Active Directory management much more efficient, reducing manual work, improving control over permissions, and providing better visibility into changes, which has helped both security and compliance efforts."
"After moving to One Identity Active Roles, I achieve better automation, improved security through controlled delegation, and enhanced compliance with detailed auditing and reporting, significantly improving efficiency and reducing operational risk compared to the previous approach."
"One Identity Active Roles has had a very positive impact on the organization, especially in terms of efficiency, security, and compliance."
"One Identity Active Roles brings a positive impact to organizations in that they will start realizing the ROI in a much faster manner because the implementation time is very short and it is easy to use."
"The access templates help set up granular permissions and the web portal to manage Active Directory."
More One Identity Active Roles pros
 

Cons

"I would rate the technical support a 6/10."
"Web Portal Manager does not implement the full set of functions found in the command line"
"There is only a single step-up authentication path, but I have sometimes seen the need for several steps or a divergent path."
"The initial set-up is a bit complex for a novice as the Linux version of it needs you to be somewhat good with Linux."
"What I don’t particularly like is the flow duration."
"There were endless issues with stability in version 8.0.1."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"Sometimes, there are long running support tickets (for 6-8 months) and that is unacceptable from the customer's point of view."
More IBM Tivoli Access Manager [EOL] cons
"One Identity Active Roles does not require many improvements, but for upcoming or new users, there should be an easier initial setup and configuration."
"There is always room to improve the user interface for increased clarity. I believe enhancements to the console are also necessary because it is more confusing than the web interface."
"One challenge we experienced was the initial setup and configuration complexity."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"I did not rate One Identity Active Roles at the highest level because areas such as user interface modernization, workflow complexity, troubleshooting experience, reporting capabilities, and cloud integration still have room for improvement."
"I am not really satisfied with the customer support for One Identity Active Roles as the support is pretty limited."
"For mid-sized to small companies, I do not know if it would be that useful, considering the tool's purpose."
"Many users feel the user interface is not very modern or intuitive, and it can take time to get used to navigating the console and workflows."
More One Identity Active Roles cons
 

Pricing and Cost Advice

"The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts."
"The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
"The pricing is on the higher end."
"The pricing for Active Roles is expensive but not as expensive as other solutions like Okta."
"The pricing is high. I have not been involved with the renewal or cost aspect, but I know it is not cheap by any means. However, it is very useful for our environment."
"The licensing model is a simple user-based model, not that much complicated."
"It's expensive."
"It's fairly priced."
report
See which vendors are best for you
Use our free recommendation engine to learn which User Provisioning Software solutions are best for your needs.
See recommendations
900,747 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
16%
Financial Services Firm
15%
Marketing Services Firm
12%
Outsourcing Company
12%
Outsourcing Company
23%
Financial Services Firm
8%
Computer Software Company
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise18
By reviewers
Company SizeCount
Small Business93
Midsize Enterprise15
Large Enterprise42
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for One Identity Active Roles?
The pricing, setup cost, and licensing for One Identity Active Roles are enterprise-oriented and typically based on the number of managed users or accounts. While setup requires moderate implementa...
See all answers
What needs improvement with One Identity Active Roles?
One Identity Active Roles can be improved with a more modern user interface, better reporting and analytics capabilities, simplified workflow customization, improved troubleshooting tools, and stro...
See all answers
What is your primary use case for One Identity Active Roles?
One Identity Active Roles serves as our centralized Active Directory administration platform for identity lifecycle management, including automated user provisioning, delegated administration, role...
See all answers
 

Comparisons

Symantec Siteminder vs IBM Tivoli Access Manager [EOL] Logo
Symantec Siteminder vs IBM Tivoli Access Manager [EOL]
Compared 13% of the time
Idira Privileged Access Manager vs IBM Tivoli Access Manager [EOL] Logo
Idira Privileged Access Manager vs IBM Tivoli Access Manager [EOL]
Compared 9% of the time
SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL] Logo
SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL]
Compared 8% of the time
Okta Platform vs IBM Tivoli Access Manager [EOL] Logo
Okta Platform vs IBM Tivoli Access Manager [EOL]
Compared 7% of the time
Tools4ever Password Management vs IBM Tivoli Access Manager [EOL] Logo
Tools4ever Password Management vs IBM Tivoli Access Manager [EOL]
Compared 3% of the time
More IBM Tivoli Access Manager [EOL] Competitors
ManageEngine ADManager Plus vs One Identity Active Roles Logo
ManageEngine ADManager Plus vs One Identity Active Roles
Compared 12% of the time
Netwrix Auditor vs One Identity Active Roles Logo
Netwrix Auditor vs One Identity Active Roles
Compared 8% of the time
Active Administrator vs One Identity Active Roles Logo
Active Administrator vs One Identity Active Roles
Compared 7% of the time
One Identity Manager vs One Identity Active Roles Logo
One Identity Manager vs One Identity Active Roles
Compared 6% of the time
SailPoint Identity Security Cloud vs One Identity Active Roles Logo
SailPoint Identity Security Cloud vs One Identity Active Roles
Compared 6% of the time
More One Identity Active Roles Competitors
 

Product Reports

Buyer's Guide
IBM Tivoli Access Manager [EOL]
June 2026
IBM Tivoli Access Manager [EOL] reportDownload IBM Tivoli Access Manager [EOL] product report
Buyer's Guide
One Identity Active Roles
June 2026
One Identity Active Roles reportDownload One Identity Active Roles product report
 

Also Known As

Tivoli Access Manager, IBM Security Access Manager
Quest Active Roles
 

Overview

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.
IBM

One Identity Active Roles enhances Active Directory management by automating essential tasks and improving security through efficient delegation and role-based access control.

One Identity Active Roles offers advanced features for managing Active Directory environments, aiding in automating user provisioning, group management, and de-provisioning. It integrates seamlessly with Microsoft environments and provides centralized management for both on-premises and cloud identities. By improving operational efficiency and reducing manual errors, it enforces robust governance across organizations. Active Roles includes auditing and reporting tools that strengthen compliance and security monitoring. Companies find the setup could be simplified with better documentation, more customization options in reporting, and expanded cloud integration, particularly with Azure. Improved workflows and deeper native connectors are needed for seamless automation. Price adjustments and user-friendly analytics with intuitive dashboards are recommended for better usability.

What are the key features of One Identity Active Roles?
  • Automation of Active Directory tasks: Streamlines processes such as user provisioning and de-provisioning.
  • Role-based access control: Ensures secure delegation of administration tasks.
  • Auditing and reporting: Enhances compliance with security monitoring capabilities.
  • Integration with Microsoft: Seamlessly manages on-premises and cloud identities.
What benefits and ROI should users evaluate?
  • Operational Efficiency: Reduces manual errors and streamlines active directory tasks.
  • Security and Governance: Enforces policy-based controls for secure user management.
  • Compliance: Strengthens monitoring and compliance through advanced auditing.
  • Usability: Suggests enhancements in workflow and analytics for better management.

Many industries deploy One Identity Active Roles for automating user lifecycle management, especially in Active Directory environments. It significantly eases operations by automating onboarding for new hires, managing role changes, and modifying access. The platform efficiently handles tasks like password resets and compliance audits while empowering teams to securely manage user access without requiring full administrative rights.

One Identity
 

Sample Customers

Essex Technology Group Inc.
City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
Buyer's Guide
User Provisioning Software
June 2026
Download Free Report
Find out what your peers are saying about One Identity, SailPoint, Omada and others in User Provisioning Software. Updated: June 2026.
DOWNLOAD NOW
900,747 professionals have used our research since 2012.
See our list of best User Provisioning Software vendors.

We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.