One Identity Active Roles Reviews

When a new employee is hired, we create a new Active Directory (AD) user in a related department (Organizational Unit) with a random generated password, then give that user some AD rights. Also, we create an exchange mail user for this user on cloud or on-prem and inform that user by sending a notification mail or SMS. We did similar things in other systems and did all the process manually before Active Roles. That means lots of workload and manual processes. Active Roles provided us to do all these operations automatically and reduced our workload very significantly.

• It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system.
• It allows you to easily monitor all workflow processes.
• It has very powerful native policies and scripts, which allow you to create your own custom policies, scripts, and virtual attributes.
• In addition to using the console (MMC interface), it also gives you management from the web interface.

For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript.

VB.net , C#, or Powershell scripting would be a good choice for the product.

No issues.

No issues.

Technical support replies really promptly. The support team is very experienced and focused on the product. On the other hand, there is a community portal and you can find every piece of knowledge on there.

We have not used any similar products before. We did all related operations manually.

It was very straightforward.

The licensing model is a simple user-based model, not that much complicated.

We evaluated and researched other options, such as NetIQ, FIM, Oracle, CA, IBM, and SailPoint.

However, Active Roles is most suitable for us.

It is very important to come together with system owners who will be integrated at the beginning of the project to clarify all the rules and determine the work to be done. Test environments of the systems to be integrated must be requested. Test environments are so necessary.

• Automation of manual identity management operations (provisioning and deprovisioning).
• Solving security and compliance issues is easy.
• Operational issues are much easier and more reliable with Quest ActiveRoles's directory layer and portal.

It provides automatic provisioning for many applications and systems, including in-house applications and cloud applications. Also, it offers a virtual directory structure and a new directory layer between users and physical directories. Management and monitoring become easier.

Scripting options in different languages.

Not yet.

No.

It is excellent. Quick and useful answers.

They also have a large community portal where you can find a lot of information.

I didn't use any other solution, but I evaluated many solutions.

It was simple. I didn't have a problem. It took half a day.

There is a simple user-based licensing model. Not complicated.

Yes. NetIQ, FIM, Oracle, CA, IBM, and SailPoint.

Choose your project team well. Remember that analysis of all processes is very important. Don't forget that testing is also very important after each development.