IBM Tivoli Access Manager [EOL] vs One Identity Active Roles comparison

IBM and One Identity are both solutions in the User Provisioning Software category. Additionally, 93% of IBM users are willing to recommend the solution, compared to 100% of One Identity users who would recommend it.

IBM Tivoli Access Manager [...

Read 29 IBM Tivoli Access Manager [EOL] reviews

93% willing to recommend

One Identity Active Roles

Read 59 One Identity Active Roles reviews

6,946 Views
2,501 Comparison Views

100% willing to recommend

IBM Tivoli Access Manager [...

One Identity Active Roles

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between IBM Tivoli Access Manager [EOL] and One Identity Active Roles based on real PeerSpot user reviews.

Find out what your peers are saying about One Identity, SailPoint, Omada and others in User Provisioning Software.

To learn more, read our detailed User Provisioning Software Report (Updated: April 2026).

Buyer's Guide

User Provisioning Software

April 2026

Download the complete report

Helped 893,244 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

IBM Tivoli Access Manager [...

Average Rating

8.0

Reviews Sentiment

3.8

Number of Reviews

Ranking in other categories

No ranking in other categories

One Identity Active Roles

Average Rating

8.6

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

User Provisioning Software (3rd), Active Directory Management (1st), Non-Human Identity Management (NHIM) (2nd)

Featured Reviews

it_user711612

Senior Consultant at a insurance company with 1,001-5,000 employees

Reverse proxy provides central control over authentication and authorization.

It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features Reverse proxy is the most valuable feature as it provides central control over authentication and…

Read full review

Mahesh Malve

Senior Business Development Executive at DigitalTrack Solutions Ind Pvt Ltd

Automation has transformed user lifecycle tasks and now enforces consistent secure access

While One Identity Active Roles is a strong platform, a few improvements would make it even better. Many users feel the user interface is not very modern or intuitive, and it can take time to get used to navigating the console and workflows. Another improvement area is the learning curve and setup complexity. One Identity Active Roles is very powerful, but initial configuration, especially for policies, workflows, and delegation, can be complex and require experienced resources. From an integration perspective, although it supports multiple systems, organizations would benefit from more out-of-the-box connectors and smoother cloud integrations such as Azure Active Directory and software-as-a-service applications, as some setups currently require customization. In terms of reporting, while auditing is strong, generating business-friendly reports can be challenging. Users have mentioned the need for better dashboards and easier report generation. There are also some performance considerations, especially in large environments, such as slower PowerShell execution or delays in dynamic group processing in certain cases. Overall, improvements in user interface, ease of use, integration, reporting, and performance optimization would significantly enhance the product experience.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It is a very stable and good product."

"Tivoli Access Manager's proxy product (WebSEAL) is extremely fast."

"Before the solution was implemented it took around 2-3 weeks to get all the necessary account information for a new employee in my organization, and since implementation this now only takes a few minutes."

"This product is highly recommended to meet access management and web single sign-on requirements."

"Tivoli Access Manger lets you separate security from applications and manage at one place."

"It is a totally secure way of accessing clients through various application portals for more than ten EU countries, just by using single sign-on."

"The integration effort with the end application is quite straightforward and easy."

"It has helped them to improve and control web and mobile application security."

More IBM Tivoli Access Manager [EOL] pros

"One Identity Active Roles has helped my organization reduce the number of incorrect privileged accounts through the management unit feature and enables comprehensive group membership management with features not available in Active Directory, such as adding multiple secondary owners and dynamic groups."

"Over a decade, this solution has done its job; it's a very stable system, easy to implement, easy to upgrade, and has very low operation maintenance costs."

"One Identity Active Roles has positively impacted my organization by providing a consistent and easy to understand interface for Active Directory, whether you are reading it or whether you are actively managing Active Directory."

"Clear ROI has been seen with One Identity Active Roles, mainly through the time savings and reduced manual administration."

"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."

"Active Roles helped reduce our identity-based breaches."

"We have seen a good return on investment because the automation feature has reduced manual efforts by around thirty to fifty percent and improved efficiency with reduced workload, saving our engineers time."

"Active Roles improved the management of users, groups, and AD objects in the organization."

More One Identity Active Roles pros

Cons

"The TAMeB policy server is not scalable."

"Administration of the product can be improved a lot."

"Multi-factor authentication with social integration needs to improve."

"Installation and configuration. If you don’t know the requirements of the supporting components, it could be complicated to install and this has been improved in the later versions that are renamed to IBM Tivoli Security Access Manager."

"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."

"Multi-factor authentication with social integration needs to improve."

"I have not tested the stability yet."

"Web Portal Manager does not implement the full set of functions found in the command line"

More IBM Tivoli Access Manager [EOL] cons

"I know they have increased support for Entra ID and mentioned providing support for AWS. A way to connect to various directories and integrate with cloud directories would be beneficial."

"First is the user interface and experience. While it is functional, it can feel complex for a new user and less intuitive, especially for onboarding a new user."

"One Identity Active Roles can be improved by modernizing the UI to be more responsive, as some advanced workflow configurations can feel a bit clunky during setup."

"One Identity Active Roles is very helpful, but a few improvements could make it even better, such as simplifying the user interface to make it more user-friendly, especially for new users, and making setup and configuration easier."

"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."

"One area where One Identity Active Roles can be improved is in the user interface. It can feel outdated and not very intuitive for new users."

"The initial setup and configuration can be complex, especially when designing workflows, policies, and delegation models."

"One specific issue I have encountered recently is that the interface and workflow configuration can become complex and less intuitive, especially when managing multiple approval steps or modifying existing workflows, which sometimes requires deeper scripting or backend adjustments, so more user-friendly and visual workflow design would be a great improvement."

More One Identity Active Roles cons

Pricing and Cost Advice

"The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts."

"The pricing is on the higher end."

"The licensing model is a simple user-based model, not that much complicated."

"The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."

"It's expensive."

"The pricing is high. I have not been involved with the renewal or cost aspect, but I know it is not cheap by any means. However, it is very useful for our environment."

"It's fairly priced."

"The pricing for Active Roles is expensive but not as expensive as other solutions like Okta."

See which vendors are best for you

Use our free recommendation engine to learn which User Provisioning Software solutions are best for your needs.

See recommendations

893,244 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Construction Company

15%

Marketing Services Firm

14%

Outsourcing Company

11%

Financial Services Firm

Outsourcing Company

19%

Financial Services Firm

Computer Software Company

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	2
Large Enterprise	18

By reviewers
Company Size	Count
Small Business	53
Midsize Enterprise	12
Large Enterprise	31

Questions from the Community

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for One Identity Active Roles?

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful ...

See all answers

What needs improvement with One Identity Active Roles?

I do not see anything that needs to be changed as of now concerning the organization's needs because it is working very well and it is providing great features with great processes. The initial set...

See all answers

What is your primary use case for One Identity Active Roles?

When a new user is created, predefined rules automatically apply naming standards and assigned groups. This reduces manual tasks while ensuring consistency across all operations. It prevents and av...

See all answers

Comparisons

Symantec Siteminder vs IBM Tivoli Access Manager [EOL]

Compared 16% of the time

CyberArk Privileged Access Manager vs IBM Tivoli Access Manager [EOL]

Compared 9% of the time

Okta Platform vs IBM Tivoli Access Manager [EOL]

Compared 8% of the time

SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL]

Compared 8% of the time

Ping Identity Platform vs IBM Tivoli Access Manager [EOL]

Compared 3% of the time

More IBM Tivoli Access Manager [EOL] Competitors

ManageEngine ADManager Plus vs One Identity Active Roles

Compared 13% of the time

Netwrix Auditor vs One Identity Active Roles

Compared 9% of the time

Active Administrator vs One Identity Active Roles

Compared 8% of the time

One Identity Manager vs One Identity Active Roles

Compared 7% of the time

SailPoint Identity Security Cloud vs One Identity Active Roles

Compared 6% of the time

More One Identity Active Roles Competitors

Product Reports

Buyer's Guide

IBM Tivoli Access Manager [EOL]

May 2026

Download IBM Tivoli Access Manager [EOL] product report

Buyer's Guide

One Identity Active Roles

April 2026

Download One Identity Active Roles product report

Also Known As

Tivoli Access Manager, IBM Security Access Manager

Quest Active Roles

Overview

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.

IBM

One Identity Active Roles enhances Active Directory management by automating essential tasks and improving security through efficient delegation and role-based access control.

One Identity Active Roles offers advanced features for managing Active Directory environments, aiding in automating user provisioning, group management, and de-provisioning. It integrates seamlessly with Microsoft environments and provides centralized management for both on-premises and cloud identities. By improving operational efficiency and reducing manual errors, it enforces robust governance across organizations. Active Roles includes auditing and reporting tools that strengthen compliance and security monitoring. Companies find the setup could be simplified with better documentation, more customization options in reporting, and expanded cloud integration, particularly with Azure. Improved workflows and deeper native connectors are needed for seamless automation. Price adjustments and user-friendly analytics with intuitive dashboards are recommended for better usability.

What are the key features of One Identity Active Roles?

Automation of Active Directory tasks: Streamlines processes such as user provisioning and de-provisioning.
Role-based access control: Ensures secure delegation of administration tasks.
Auditing and reporting: Enhances compliance with security monitoring capabilities.
Integration with Microsoft: Seamlessly manages on-premises and cloud identities.

What benefits and ROI should users evaluate?

Operational Efficiency: Reduces manual errors and streamlines active directory tasks.
Security and Governance: Enforces policy-based controls for secure user management.
Compliance: Strengthens monitoring and compliance through advanced auditing.
Usability: Suggests enhancements in workflow and analytics for better management.

Many industries deploy One Identity Active Roles for automating user lifecycle management, especially in Active Directory environments. It significantly eases operations by automating onboarding for new hires, managing role changes, and modifying access. The platform efficiently handles tasks like password resets and compliance audits while empowering teams to securely manage user access without requiring full administrative rights.

One Identity

Sample Customers

Essex Technology Group Inc.

City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies

Buyer's Guide

User Provisioning Software

April 2026

Download Free Report

Find out what your peers are saying about One Identity, SailPoint, Omada and others in User Provisioning Software. Updated: April 2026.

DOWNLOAD NOW

893,244 professionals have used our research since 2012.

See our list of best User Provisioning Software vendors.

We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.