Try our new research platform with insights from 80,000+ expert users
One Identity Active Roles Logo

One Identity Active Roles pros and cons

Vendor: One Identity
4.3 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

One Identity Active Roles automates provisioning and deprovisioning to save time and reduce errors, offering enhanced Active Directory management and centralized change history tracking for better troubleshooting. Workflow automation and dynamic grouping improve efficiency, while efficient delegation with access templates maintains security. However, it supports only VBScript, with a slow, unintuitive workflow engine lacking built-in workflows. Limited customer support and communication issues impact satisfaction, necessitating improvements in Active Directory and Azure AD management.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

One Identity Active Roles automates provisioning and deprovisioning, saving time and reducing errors.
It offers enhanced Active Directory management features, providing more detailed information and control.
Active Roles centralizes change history management, aiding troubleshooting and auditing efforts.
Its workflow automation and dynamic grouping features improve operational efficiency.
Delegation with access templates is more efficient and helps maintain a strong security posture.

CONS

ActiveRoles lacks support for multi-scripting languages and only supports VBScript.
The workflow engine is slow, not intuitive, and lacks built-in workflows or feedback, necessitating more user-friendly improvements for administrators.
Active Directory and Azure AD management features need enhancements for better object management and security.
Customer support is limited and can be unresponsive, with bug resolution taking too long and issues persisting in production.
Lack of communication and clear account representation with One Identity affects overall customer satisfaction.
 

One Identity Active Roles Pros review quotes

it_user749199 - PeerSpot reviewer
it_user749199
Senior Solution Consultant at a tech services company with 51-200 employees
Oct 16, 2017
It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system.
Read full review
MS
Michiel Simon
Technical Manager of Security at Liberty Global
Apr 3, 2019
It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool.
Read full review
Identity0bf3 - PeerSpot reviewer
Identity0bf3
Identity Senior Analyst at a consumer goods company with 10,001+ employees
Apr 4, 2019
It gives us attribute-level control and the AD management features work very well.
Read full review
Buyer's Guide
One Identity Active Roles
January 2026
Free Report: One Identity Active Roles Reviews and More
Learn what your peers think about One Identity Active Roles. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
881,665 professionals have used our research since 2012.
DF
David-Fernandez
CTO at BeClever
Apr 10, 2019
The provisioning and deprovisioning saves a lot of time and skips a lot of errors.
Read full review
WC
Willie Clemons
Director Identity & Access Management at a tech services company with 1,001-5,000 employees
Oct 9, 2019
Having a tool to manage all changes to AD from a single pane of glass is awesome.
Read full review
reviewer1425105 - PeerSpot reviewer
reviewer1425105
IT Lead, Security services at a aerospace/defense firm with 10,001+ employees
Sep 23, 2020
The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them.
Read full review
reviewer1430811 - PeerSpot reviewer
reviewer1430811
Information Security Manager at a manufacturing company with 5,001-10,000 employees
Oct 4, 2020
Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated.
Read full review
Kiril - PeerSpot reviewer
Kiril
Senior IT Manager at Toronto District School Board
Oct 8, 2020
Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner.
Read full review
BP
Becky Phares
Sr Business Analyst at George Washington University
Dec 1, 2020
With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems.
Read full review
it_user1558140 - PeerSpot reviewer
it_user1558140
Network Analyst at a government with 501-1,000 employees
Apr 19, 2021
Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way.
Read full review
Show 10 more reviews (out of 27)
 

One Identity Active Roles Cons review quotes

it_user749199 - PeerSpot reviewer
it_user749199
Senior Solution Consultant at a tech services company with 51-200 employees
Oct 16, 2017
For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript.
Read full review
MS
Michiel Simon
Technical Manager of Security at Liberty Global
Apr 3, 2019
It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch.
Read full review
Identity0bf3 - PeerSpot reviewer
Identity0bf3
Identity Senior Analyst at a consumer goods company with 10,001+ employees
Apr 4, 2019
Most of the time it just works.
Read full review
Buyer's Guide
One Identity Active Roles
January 2026
Free Report: One Identity Active Roles Reviews and More
Learn what your peers think about One Identity Active Roles. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
881,665 professionals have used our research since 2012.
DF
David-Fernandez
CTO at BeClever
Apr 10, 2019
For the AAD management feature, it needs to improve the objects that we can manage and the security.
Read full review
WC
Willie Clemons
Director Identity & Access Management at a tech services company with 1,001-5,000 employees
Oct 9, 2019
The ability to send logs to a SIEM would be very beneficial.
Read full review
reviewer1425105 - PeerSpot reviewer
reviewer1425105
IT Lead, Security services at a aerospace/defense firm with 10,001+ employees
Sep 23, 2020
When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow.
Read full review
reviewer1430811 - PeerSpot reviewer
reviewer1430811
Information Security Manager at a manufacturing company with 5,001-10,000 employees
Oct 4, 2020
The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there.
Read full review
Kiril - PeerSpot reviewer
Kiril
Senior IT Manager at Toronto District School Board
Oct 8, 2020
In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets.
Read full review
BP
Becky Phares
Sr Business Analyst at George Washington University
Dec 1, 2020
There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them.
Read full review
it_user1558140 - PeerSpot reviewer
it_user1558140
Network Analyst at a government with 501-1,000 employees
Apr 19, 2021
I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget.
Read full review
Show 10 more reviews (out of 27)

Product Categories

Product Categories
Active Directory Management
User Provisioning Software
Non-Human Identity Management (NHIM)

Popular Comparisons

Popular Comparisons
SailPoint Identity Security Cloud vs One Identity Active Roles Logo
SailPoint Identity Security Cloud vs One Identity Active Roles
Omada Identity vs One Identity Active Roles Logo
Omada Identity vs One Identity Active Roles
Saviynt vs One Identity Active Roles Logo
Saviynt vs One Identity Active Roles
One Identity Manager vs One Identity Active Roles Logo
One Identity Manager vs One Identity Active Roles
CyberArk Identity vs One Identity Active Roles Logo
CyberArk Identity vs One Identity Active Roles
OneLogin vs One Identity Active Roles Logo
OneLogin vs One Identity Active Roles
One Identity Safeguard vs One Identity Active Roles Logo
One Identity Safeguard vs One Identity Active Roles
Netwrix Auditor vs One Identity Active Roles Logo
Netwrix Auditor vs One Identity Active Roles
Microsoft Active Directory vs One Identity Active Roles Logo
Microsoft Active Directory vs One Identity Active Roles
Oracle Identity Governance vs One Identity Active Roles Logo
Oracle Identity Governance vs One Identity Active Roles
ManageEngine ADManager Plus vs One Identity Active Roles Logo
ManageEngine ADManager Plus vs One Identity Active Roles
Symantec Identity Governance and Administration vs One Identity Active Roles Logo
Symantec Identity Governance and Administration vs One Identity Active Roles
OpenText Identity Manager vs One Identity Active Roles Logo
OpenText Identity Manager vs One Identity Active Roles
ManageEngine ADAudit Plus vs One Identity Active Roles Logo
ManageEngine ADAudit Plus vs One Identity Active Roles
Change Auditor for Active Directory vs One Identity Active Roles Logo
Change Auditor for Active Directory vs One Identity Active Roles
See all alternatives

Product Categories

Product Categories
Active Directory Management
User Provisioning Software
Non-Human Identity Management (NHIM)

Popular Comparisons

Popular Comparisons
SailPoint Identity Security Cloud vs One Identity Active Roles Logo
SailPoint Identity Security Cloud vs One Identity Active Roles
Omada Identity vs One Identity Active Roles Logo
Omada Identity vs One Identity Active Roles
Saviynt vs One Identity Active Roles Logo
Saviynt vs One Identity Active Roles
One Identity Manager vs One Identity Active Roles Logo
One Identity Manager vs One Identity Active Roles
CyberArk Identity vs One Identity Active Roles Logo
CyberArk Identity vs One Identity Active Roles
OneLogin vs One Identity Active Roles Logo
OneLogin vs One Identity Active Roles
One Identity Safeguard vs One Identity Active Roles Logo
One Identity Safeguard vs One Identity Active Roles
Netwrix Auditor vs One Identity Active Roles Logo
Netwrix Auditor vs One Identity Active Roles
Microsoft Active Directory vs One Identity Active Roles Logo
Microsoft Active Directory vs One Identity Active Roles
Oracle Identity Governance vs One Identity Active Roles Logo
Oracle Identity Governance vs One Identity Active Roles
ManageEngine ADManager Plus vs One Identity Active Roles Logo
ManageEngine ADManager Plus vs One Identity Active Roles
Symantec Identity Governance and Administration vs One Identity Active Roles Logo
Symantec Identity Governance and Administration vs One Identity Active Roles
OpenText Identity Manager vs One Identity Active Roles Logo
OpenText Identity Manager vs One Identity Active Roles
ManageEngine ADAudit Plus vs One Identity Active Roles Logo
ManageEngine ADAudit Plus vs One Identity Active Roles
Change Auditor for Active Directory vs One Identity Active Roles Logo
Change Auditor for Active Directory vs One Identity Active Roles
See all alternatives
Related questions
  • 32
Why should one choose One Identity Safeguard and One Identity Active Roles for the banking and insurance industry?
  • 60
Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?
  • 16
Why is Active Directory Management important for companies?
  • 9
When evaluating Active Directory Management, what aspect do you think is the most important to look for?