No more typing reviews! Try our Samantha, our new voice AI agent.
karan rathod - PeerSpot reviewer
network security engineer at a outsourcing company with 11-50 employees
Real User
Top 5
Jun 5, 2026
Automation has streamlined identity governance and has improved secure delegation in our directory
Pros and Cons
  • "One Identity Active Roles has positively impacted our organization by making Active Directory management much more efficient, reducing manual work, improving control over permissions, and providing better visibility into changes, which has helped both security and compliance efforts."
  • "The main improvement I would like to see for One Identity Active Roles is a more modern and intuitive interface, along with more customizable reporting and dashboards to enhance our experience with the platform."

What is our primary use case?

Our main use case for One Identity Active Roles is Active Directory administration and user lifecycle management, and we use it to create, modify, disable, and manage user accounts, groups, and permissions in a controlled and standardized manner, which improves security and reduces the risk of manual error when managing the Active Directory environment.

A good example of how we use it for user lifecycle management is user onboarding, where instead of manually creating accounts and assigning permissions in Active Directory, One Identity Active Roles automation automates the process using predefined templates and workflows, saving time, reducing errors, and ensuring users receive the correct access from day one.

Another benefit of our main use case with One Identity Active Roles is delegated administration, which allows different teams to perform specific tasks without needing full Active Directory access, improving security and making administration much easier while helping with auditing and change tracking.

What is most valuable?

The best features of One Identity Active Roles include user lifecycle management, delegated administration, automation, and role-based access control, where user lifecycle management helps to standardize and automate tasks, and delegated administration allows teams to perform specific tasks without giving them full Active Directory privileges, thus improving both security and operational efficiency.

For one example regarding how automation and role-based access have helped my team, the user onboarding process used to involve the administrator manually creating accounts, assigning groups, and configuring permissions; however, with One Identity Active Roles, the process can be standardized through workflows and templates, which reduces manual effort, speeds up provisioning, and ensures users receive the correct access from the start, while I also appreciate the auditing and change tracking capabilities for visibility into who changed what and when, which aids troubleshooting, compliance, and overall governance in our Active Directory environment.

One Identity Active Roles has positively impacted our organization by making Active Directory management much more efficient, reducing manual work, improving control over permissions, and providing better visibility into changes, which has helped both security and compliance efforts.

What needs improvement?

The main improvement I would like to see for One Identity Active Roles is a more modern and intuitive interface, along with more customizable reporting and dashboards to enhance our experience with the platform.

I would appreciate more integration with other identity and security tools, alongside more flexible reporting and dashboards to improve the functionality of One Identity Active Roles while we have not faced major performance issues.

For how long have I used the solution?

I have been using One Identity Active Roles for approximately one year.

Buyer's Guide
One Identity Active Roles
June 2026
Learn what your peers think about One Identity Active Roles. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,748 professionals have used our research since 2012.

What do I think about the stability of the solution?

I have not used the AI-specific capabilities extensively, but the overall output from One Identity Active Roles has been accurate, and we still perform reviews for important changes; however, I find the system to be consistent and dependable.

What other advice do I have?

I rate One Identity Active Roles a 9 out of 10 because it has helped simplify Active Directory administration, improve security, delegate access, and reduce manual errors through automation, making it a reliable and valuable solution for identity and access management.

I chose 9 out of 10 because it is a reliable and feature-rich solution that has enhanced efficiency and security for my team, while to reach a perfect 10, I would like to see a more modern interface, improved reporting, and additional integrations with other platforms.

From my experience with One Identity Active Roles, governance and security are some of the strongest aspects of the platform because it provides role-based access control, delegated administration, and detailed auditing to ensure that administrative activities are properly controlled and monitored, and while I have not extensively utilized specific AI-driven capabilities, the overall security model helps reduce the risk of unauthorized changes and improves visibility into who performs what actions.

I utilize One Identity Active Roles in an on-premises environment that is integrated with our Active Directory infrastructure, so it primarily operates within our on-premises setting.

I have utilized the fine-grained permission control feature of One Identity Active Roles, and it has helped us enforce least privilege access by allowing users to perform only the tasks relevant to their role, notably enabling the help desk team to manage passwords and user accounts without requiring full Active Directory administrative rights, thereby improving security and control.

I assess the integration of One Identity Active Roles with our existing IT infrastructure and directory services as manageable, as it has facilitated effective implementation of least privilege access by allowing us to delegate specific tasks to different teams without granting full administrative rights, thus enhancing security and reducing risk. My overall review rating for One Identity Active Roles is 9 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Jun 5, 2026
Flag as inappropriate
PeerSpot user
Satyamkumar Prajapati - PeerSpot reviewer
Technical Writer at Mphasis
Real User
Top 5Leaderboard
May 12, 2026
Centralized automation has transformed onboarding and now streamlines secure identity governance
Pros and Cons
  • "One Identity Active Roles has positively impacted our organization by improving operational efficiency, strengthening governance, and reducing manual administrative effort within Active Directory and identity management operations."
  • "One area is the user interface and administrative experience. While the platform is feature-rich, some workflows and configuration screens can feel complex for new administrators, especially in large enterprise environments with extensive policy configurations."

What is our primary use case?

One Identity Active Roles serves as my primary platform for centralized Active Directory administration and identity management automation.

In my day-to-day work, I use One Identity Active Roles for centralized Active Directory and identity management through access provisioning. When a new employee joins the organization, One Identity Active Roles handles the creation of the Active Directory account, group membership, mailbox-related configuration, and role-based access assignment through a centralized workflow.

This automation has significantly impacted my daily tasks and the onboarding process by reducing administrative effort, minimizing configuration errors, and accelerating the onboarding process, which saves considerable time. Before we implemented One Identity Active Roles, the administrator manually managed multiple accounts across different systems. After implementing One Identity Active Roles, the platform applies policies and templates to provision new accounts consistently and securely.

An additional benefit of my main use case is the consistent governance across identity management operations. Since many administrative tasks are automated and policy-driven, our teams spend less time handling repetitive manual account management activities and troubleshooting configuration inconsistencies.

What is most valuable?

One of the best features of One Identity Active Roles is its automated onboarding capability.

The feature that stands out most for me is the delegated administration combined with policy-based automation, which provides a strong balance between operational efficiency and security governance. One of the most valuable aspects is the ability to assign administrative responsibility to specific teams without granting full Active Directory administrative privilege. For example, Help Desk or regional IT teams can manage password resets, group membership, or user account updates within a controlled scope, while core security and directory administrators remain centrally governed.

A feature that stands out during daily operations is the centralized auditing and tracking capability. In enterprise Active Directory environments where multiple administrators and support teams are involved, having detailed visibility into account changes, group modifications, and administrative actions is extremely valuable.

One Identity Active Roles helps simplify troubleshooting, improve accountability, and support compliance and audit requirements because administrative activities can be tracked more efficiently from a centralized platform.

One Identity Active Roles has positively impacted our organization by improving operational efficiency, strengthening governance, and reducing manual administrative effort within Active Directory and identity management operations. One of the biggest improvements was the automation of routine identity lifecycle tasks such as user provisioning, account updates, group management, and deprovisioning, which reduced repetitive manual work for administrators and helped minimize configuration errors.

We observed noticeable operational improvements after implementing One Identity Active Roles, especially in user provisioning and administrative management processes. For example, onboarding and account provisioning tasks that previously required multiple manual activities and directory updates became significantly faster through policy-based automation and predefined templates, reducing the time required for runtime account management activities and improving consistency across the environment.

What needs improvement?

One Identity Active Roles is a strong platform for identity and administration and Active Directory management; however, I see a few areas where it could be improved. One area is the user interface and administrative experience. While the platform is feature-rich, some workflows and configuration screens can feel complex for new administrators, especially in large enterprise environments with extensive policy configurations.

Another area for improvement is reporting and analytics. More modern and customized dashboards with deeper operational insights would help administrators monitor identity management activities and governance metrics more efficiently. We also found that advanced workflow customization and integration scenarios can require significant expertise and planning, so simplifying some of the configuration and automation processes would improve usability and reduce the learning curve for administrators.

For how long have I used the solution?

I have been working in my current field for more than four years.

What do I think about the stability of the solution?

One Identity Active Roles is stable.

What do I think about the scalability of the solution?

My experience is that One Identity Active Roles scales well for enterprise Active Directory administration and Active Directory management environments. The platform has been able to support a growing number of users, administrative workflows, delegation management, operational tasks, and policy-based automation tasks without major performance concerns.

How are customer service and support?

Customer support is good.

What was our ROI?

We have seen a positive return on investment from One Identity Active Roles, primarily through reduced administrative workload, improved operational efficiency, and stronger governance across Active Directory management. We also experienced fewer configuration and permission-related errors because automated workflows and approval controls reduce manual intervention.

What other advice do I have?

My advice to organizations considering One Identity Active Roles would be to invest time in properly planning their identity governance model, delegation structure, and automation workflows before deployment. One Identity Active Roles provides powerful capabilities for Active Directory administration and identity lifecycle management, but careful planning helps maximize its long-term value. I would rate this product an 8 out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 12, 2026
Flag as inappropriate
PeerSpot user
Buyer's Guide
One Identity Active Roles
June 2026
Learn what your peers think about One Identity Active Roles. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,748 professionals have used our research since 2012.
reviewer2846799 - PeerSpot reviewer
Training Engineer
Real User
Top 20
May 28, 2026
Automation has transformed delegated access and now streamlines our daily identity operations
Pros and Cons
  • "After implementing One Identity Active Roles, clear operational improvements are evident, including user provisioning time reduction from hours to minutes, a 40 to 50% drop in service desk workload, faster resolution of password reset and account-related requests through delegated administration, and fewer manual errors in group assignment and permission management."
  • "One area where One Identity Active Roles can improve is simplifying complex workflow and approval management in large enterprise environments."

What is our primary use case?

One Identity Active Roles is used in our environment primarily for managing Active Directory operations such as user provisioning, password reset, account locks, group management, and delegated administration access.

User provisioning is a heavily utilized function, where new employee onboarding includes automatic account creation, OU placement, group membership, and permission assignment based on department or role. The service desk team manages group membership requests and access changes through delegated administration without requiring full domain admin rights, which reduces manual efforts and improves security control.

After implementing One Identity Active Roles, clear operational improvements are evident, including user provisioning time reduction from hours to minutes, a 40 to 50% drop in service desk workload, faster resolution of password reset and account-related requests through delegated administration, and fewer manual errors in group assignment and permission management.

What is most valuable?

The best feature of One Identity Active Roles is automation combined with delegated administration, which reduces repetitive Active Directory work such as user provisioning, group assignment, and account management while allowing the service desk team to handle routine tasks without granting full domain admin access.

Automation simplifies daily operations by eliminating repetitive manual Active Directory tasks including user creation, group assignment, password reset, and account disablement. Onboarding and offboarding processes become much faster because account permissions and group membership are assigned automatically based on role or department.

One Identity Active Roles has positively impacted productivity and user satisfaction by reducing delays in account provisioning, password reset, and access requests. Previously, many AD-related tasks were manual and heavily dependent on senior administrators, but after implementing automation and delegated administration, requests are completed much faster and with fewer errors.

What needs improvement?

One area where One Identity Active Roles can improve is simplifying complex workflow and approval management in large enterprise environments. Troubleshooting permission inheritance, synchronization issues, or customized workflows can still require considerable time and experienced administrator involvement.

The UI experience, easier workflow customization, and better troubleshooting visibility for complex AD and hybrid identity environments require improvement. Identifying permission inheritance issues or synchronization problems still sometimes requires manual investigation.

Complex workflow management and troubleshooting simplification in large enterprise environments remains an area for improvement.

For how long have I used the solution?

I have been using One Identity Active Roles for two years.

What do I think about the stability of the solution?

One Identity Active Roles has been very stable, with no major outages or performance problems experienced during normal operation.

What do I think about the scalability of the solution?

One Identity Active Roles handles our large Active Directory environment efficiently as the number of users, groups, and delegated administration tasks increases.

How are customer service and support?

Customer support for One Identity Active Roles is generally good, with the support team demonstrating strong technical knowledge, particularly regarding AD integration.

Which solution did I use previously and why did I switch?

Before implementing One Identity Active Roles, native Active Directory tools, manual administration, and PowerShell scripting were primarily used.

What was our ROI?

A good ROI was achieved with One Identity Active Roles through measurable operational improvements, including a 40 to 50% reduction in routine service desk workload.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing is generally positive for an enterprise environment, as the initial investment can feel high but provides long-term value.

Which other solutions did I evaluate?

Before choosing One Identity Active Roles, Microsoft Identity Manager and other tools were evaluated, with One Identity Active Roles selected for its strong integration with our existing Active Directory environment.

What other advice do I have?

Fine-grained permission control in One Identity Active Roles had a strong impact on least privilege implementation in our organization, as only specific tasks and privileges were delegated to users based on their job responsibilities.

Integration of One Identity Active Roles with our existing infrastructure is relatively smooth because our environment is already heavily based on Active Directory and Microsoft technology, although the main challenge came during complex workflow customization.

The automation capabilities of One Identity Active Roles are very positive, as they reduce repetitive tasks such as automatic user account creation during new employee onboarding.

One Identity Active Roles reduces the complexity and workload of Active Directory by automating repetitive administrative tasks including user provisioning, group management, password resets, and account maintenance.

Delegated administration through One Identity Active Roles is a very positive experience because it reduces dependency on senior administrators for routine tasks.

One Identity Active Roles was purchased through another channel.

I would rate this review a 9 out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 28, 2026
Flag as inappropriate
PeerSpot user
reviewer2794194 - PeerSpot reviewer
Sr Mgr Cyber Defense at a manufacturing company with 10,001+ employees
Real User
Top 5
Jan 4, 2026
Granular delegations have streamlined least-privilege access and simplified cross-domain control
Pros and Cons
  • "One Identity Active Roles takes us less time, probably half the time, to complete delegations that are very granular and complex, compared to having to use native tools and scripts."
  • "I am not really satisfied with the customer support for One Identity Active Roles as the support is pretty limited."

What is our primary use case?

My main use case for One Identity Active Roles is delegations and limiting access based on least privilege principles.

A specific example of how I use delegations and least-based access in my environment is that for cases where people only need a password reset, I can grant that capability without granting the ability to unlock accounts, or I can grant the ability to unlock without granting people password reset permissions.

What is most valuable?

The best features One Identity Active Roles offers are that it can be used across multiple domains and forests.

In our company, we have 85 different domains, and it would be cumbersome to have a separate instance of One Identity Active Roles for each domain. One Identity Active Roles allows us to give people in one domain access through One Identity Active Roles to all these other domains without them needing an account in each of those other domains, even though there does not have to be a trust between those domains.

One Identity Active Roles has positively impacted my organization by helping speed up delegations and helping us find permissions and generate reports more quickly on who has what access where.

One Identity Active Roles takes us less time, probably half the time, to complete delegations that are very granular and complex, compared to having to use native tools and scripts.

What needs improvement?

One Identity Active Roles can be improved because schemas sometimes differ between domains, and One Identity Active Roles does not behave very well with that inconsistency. We have an open case with Quest on this issue, but so far they do not have a solution for it.

I would also like to request that their support be more detailed, as we are finding difficulties getting to the correct people.

I give it an eight mainly because if we have to undo it for a divestiture, it is very difficult to strip off just the permissions easily because they are done via domain groups. We have to go back and find them all and remove them individually, so there should be an easier way to do that.

For how long have I used the solution?

I have been using One Identity Active Roles for six years.

What do I think about the stability of the solution?

One Identity Active Roles can be buggy at times, and we have to restart the server.

What do I think about the scalability of the solution?

One Identity Active Roles can handle growth in my environment, but the downside is that when we have domains that are further away from the server, it takes longer to bring up the console.

How are customer service and support?

I am not really satisfied with the customer support for One Identity Active Roles as the support is pretty limited.

How would you rate customer service and support?

Positive

What other advice do I have?

We do run into challenges with managing upgrades and patches for One Identity Active Roles, but we have a test instance that we try to do it on first.

My advice to others looking into using One Identity Active Roles is to plan out in advance and think about the big picture before you dive in. I give One Identity Active Roles an overall rating of eight out of ten.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Jan 4, 2026
Flag as inappropriate
PeerSpot user
Security Engineer at Digitaltrack
Real User
Top 5
May 28, 2026
Automated user lifecycle management has reduced manual tickets and strengthened access control
Pros and Cons
  • "One Identity Active Roles has positively impacted my organization by speeding up the user provisioning, reducing manual AD tickets, strengthening the security through consistent access control, and improving compliance."
  • "I think its governance and security are very good. If they use a third party as an AI, the security may be compromised. However, if they are using their inbuilt assistance, it gives a very good result."

What is our primary use case?

My main use case for One Identity Active Roles is automating and controlling AD user lifecycle management with delegated administrator. When a new employee joins, instead of an admin manually creating the ID accounts, assigning groups and setting permissions, One Identity Active Roles automatically takes care of the request from the HR system or service ticket, applies the naming convention and password policies, and sends approval workflows if elevated access is requested.

Integrating One Identity Active Roles with my existing IT infrastructure and directory services is a plug and play solution. I need to enter the credentials inside the AD.

My impression of the automation capabilities provided by One Identity Active Roles is positive, based on the user onboarding process automation. HR sends the request to the ticket service team, which gives the integration with One Identity Active Roles. HR alerts the support ticket administrator, who starts the process that will assign One Identity Active Roles automatically for a user based on this justification, which helps very easily.

What is most valuable?

The best features One Identity Active Roles offers include fine-grained delegated administrator, RBAC policies, lifecycle management, hybrid managed identity management, policy-based administration, and auditing, tracking, and changes.

If I have to select one feature, lifecycle management has the biggest impact because it automates user onboarding, role changes, and offboarding, making access updates faster, consistent, and less error-prone while reducing the risk of orphaned accounts.

One Identity Active Roles has positively impacted my organization by speeding up the user provisioning, reducing manual AD tickets, strengthening the security through consistent access control, and improving compliance.

Based on our analysis, the solution saves around 30 to 60 minutes of time. Ticket reduction is around 50%, and I have seen fewer access errors.

What needs improvement?

I am very happy with the solution provided by One Identity Active Roles, so there is no need for improvement at this time. In the future, there will definitely be opportunities for improvement.

For how long have I used the solution?

I have been using One Identity Active Roles for almost one year.

What other advice do I have?

I think its governance and security are very good. If they use a third party as an AI, the security may be compromised. However, if they are using their inbuilt assistance, it gives a very good result.

I haven't used the fine-grained permission control feature of One Identity Active Roles, but it is in my license. In the future, I will be deploying this solution. I rate this product an 8 out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 28, 2026
Flag as inappropriate
PeerSpot user
AnandJoshi - PeerSpot reviewer
Software Engineer at Al Mulla Exchange
Real User
Top 5
May 17, 2026
Centralized identity automation has streamlined onboarding and improves access control
Pros and Cons
  • "One Identity Active Roles has positively impacted our organization by simplifying Active Directory administration and reducing the amount of manual work required for user and access management."
  • "One Identity Active Roles could be improved with a modern and intuitive user interface, simpler configuration for complex workflows, and faster performance in large environments."

What is our primary use case?

Our main use case for One Identity Active Roles is centralized Active Directory management and user provisioning. It helps automate user account creation, group management, role-based access control, and administrative tasks while improving security and reducing the manual workload for IT teams.

One common use case for One Identity Active Roles is onboarding new employees. Our team uses it to automatically create Active Directory accounts, assign the correct groups and permissions based on their job roles, and apply standardized policies. This reduces manual configuration errors and speeds up the provisioning process for the IT teams.

What is most valuable?

The best features for One Identity Active Roles are automated user provisioning, role-based access control, delegated administration, and centralized Active Directory management. It also provides strong auditing and compliance capabilities, which help reduce manual administrative work, improve security, and maintain consistent access policies across the organization.

The feature we rely on the most in One Identity Active Roles is automated user provisioning. It has the biggest day-to-day impact because it streamlines employee onboarding and access management by automatically creating accounts, assigning groups, and applying permissions based on predefined roles. This saves time, reduces manual errors, and ensures users get the correct access quickly and consistently.

One Identity Active Roles has positively impacted our organization by simplifying Active Directory administration and reducing the amount of manual work required for user and access management. Automation improved onboarding efficiency, reduced configuration errors, strengthened access control, and helped maintain better compliance and auditing across the environment.

After implementing One Identity Active Roles, we saw a noticeable reduction in onboarding and account management time because many tasks became automated. It also helped reduce manual provisioning errors and improved consistency in access assignment. The auditing and reporting features made compliance review easier by providing better visibility into administrative changes and user access activity.

What needs improvement?

One Identity Active Roles could be improved with a modern and intuitive user interface, simpler configuration for complex workflows, and faster performance in large environments. Better cloud integration and easier customization for reporting and automation would also enhance the overall experience.

For how long have I used the solution?

I have been using One Identity Active Roles for the last 1.2 years.

What do I think about the stability of the solution?

One Identity Active Roles is stable.

What do I think about the scalability of the solution?

One Identity Active Roles scales very well for our organization with growing Active Directory environments and large user bases. It supports centralized management, delegated administration, and automation across complex enterprise infrastructure, making it effective for handling increasing numbers of users, groups, and access management tasks efficiently.

How are customer service and support?

Customer support was good.

How was the initial setup?

Integrating One Identity Active Roles with our existing IT infrastructure and Active Directory environment was relatively straightforward. Since it is designed to work closely with Microsoft environments, the core integration process was smooth. Though some planning and customization were needed for workflows, permissions, and integration with other enterprise tools. Overall, the deployment effort was manageable for our IT team.

What was our ROI?

We have seen a positive return on investment from One Identity Active Roles. Automation significantly reduced the time spent on user provisioning, onboarding, and access management tasks, which lowered the administrative workload and improved operational efficiency.

What's my experience with pricing, setup cost, and licensing?

Our experience with pricing and licensing for One Identity Active Roles was positive overall. The setup required some initial planning and configuration, but the licensing and cost were justified by the automation, reduced administrative workload, and improved access management efficiency it provided.

What other advice do I have?

My advice for organizations considering One Identity Active Roles is to plan the role structure, workflows, and delegation policies carefully before deployment. Taking time to align the automation and access controls with business processes helps to maximize efficiency, reduce administrative workload, and improve long-term identity management and security operations. I have given this review a rating of 10.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 17, 2026
Flag as inappropriate
PeerSpot user
Aman Khandelwal - PeerSpot reviewer
IT Manager at Flash.co
Real User
Top 5
May 20, 2026
Automated access control has improved security and efficiency but still needs better support
Pros and Cons
  • "One Identity Active Roles has positively impacted our organization in both efficiency and security."
  • "One needed improvement in One Identity Active Roles is the customer support. Customer support needs to improve because queries are not resolved in a responsive manner."

What is our primary use case?

One Identity Active Roles is my primary tool for provisioning and de-provisioning user access so that we can utilize resources properly. We use it to provision user access to different systems based on business requirements. We use One Identity Active Roles for provisioning and de-provisioning the roles and responsibilities of users so that they can utilize the tool or software according to business requirements.

What is most valuable?

One Identity Active Roles provides excellent integration with third-party tools. The integration feature helps us smoothly create user profiles for employees so that they can use third-party software easily. We have integrated it with other software such as Salesforce, Azure, and our data company.

Another feature that is very beneficial for us is the dashboard and the reports that One Identity Active Roles provides. These are of very good quality, and you can get all the data in one dashboard, making it easier for us to track the data. The dashboard feature is excellent.

One Identity Active Roles has positively impacted our organization in both efficiency and security. Since we no longer have to manually perform provisioning and de-provisioning, the automated process has increased security and efficiency.

One Identity Active Roles has reduced the number of errors that we were facing before using it. The fine-grained permission control feature allows us to grant certain users permissions or access to software easily. This feature has improved the security of our organization and made our workflow smooth. The fine-grained permission control feature has made managing permissions more secure and automated, reducing the time spent on managing permissions and increasing efficiency overall.

What needs improvement?

One needed improvement in One Identity Active Roles is the customer support. Customer support needs to improve because queries are not resolved in a responsive manner. The solutions provided are not capable enough to solve our problems, and responses are not very quick.

Another area needing improvement is the steep learning curve. One Identity Active Roles should provide user manuals, user guides, and resources so that the learning curve becomes much easier than it currently is.

The ease of integrating One Identity Active Roles with our existing IT infrastructure and directory services has been a smooth process. The overall integration with existing IT infrastructure was smooth and really helped us.

For how long have I used the solution?

I have been using One Identity Active Roles for the last one year.

How are customer service and support?

On a scale of one to ten, I would rate One Identity Active Roles a seven. I would rate it a seven after considering all the merits and demerits of One Identity Active Roles and taking into consideration the positives, such as the reports and dashboards, provisioning, security, and third-party integration. At the same time, I consider the negatives, such as weak customer support and a steep learning curve.

What other advice do I have?

My advice to others looking into using One Identity Active Roles is that if you are looking for easy-to-use software for your business needs, then One Identity Active Roles is the one that you should consider if you are looking for a budget-friendly option. I have rated this review a seven overall.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 20, 2026
Flag as inappropriate
PeerSpot user
Nitin Yadav - PeerSpot reviewer
Network & Security Engineer at Arrow PC Network Pvt.Ltd.
Real User
Top 5Leaderboard
May 16, 2026
Structured automation has transformed directory tasks and now speeds secure user onboarding
Pros and Cons
  • "One Identity Active Roles has positively impacted my organization by enabling faster onboarding and offboarding through automations, reducing manual AD errors and permission mistakes, and lightening the workload for the infrastructure help desk team."
  • "One Identity Active Roles could be improved with better cloud-native management and SaaS options, simpler reporting, and easier customization."

What is our primary use case?

One Identity Active Roles is my primary solution for managing Active Directory efficiently and securely, with a focus on day-to-day tasks such as user account credentials, password reset and account unlock, group membership management, and automating AD tasks.

When a new employee joins, I use One Identity Active Roles to create the AD account using a template and automatically assign groups based on department, set mailbox and permissions, apply naming conventions, and policy.

What is most valuable?

One Identity Active Roles offers me several best features, including automation workflow, which saves a lot of manual AD work during onboarding and offboarding, and its role-based delegations that allow the help desk to perform limited tasks without full admin rights, as well as change history and auditing that make it easy to track who can change what in AD.

The automation feature has made the biggest difference in my day-to-day work, which assists in designing auditing benefits. Tasks such as user onboarding, offboarding, group assignment, and mailbox provisioning are significantly improved.

One Identity Active Roles has positively impacted my organization by enabling faster onboarding and offboarding through automations, reducing manual AD errors and permission mistakes, and lightening the workload for the infrastructure help desk team. Tasks that used to take 20 to 30 minutes manually can now be completed within 5 to 10 minutes.

The time savings facilitated by One Identity Active Roles have allowed my team to focus more on higher-value work instead of repetitive admin tasks. Instead of spending hours on account provisioning, password issues, or manual permission changes, the team can now concentrate on projects, security improvement, and user support, which has also reduced stress during busy periods because workflows are standardized and less error-prone.

What needs improvement?

One Identity Active Roles could be improved with better cloud-native management and SaaS options, simpler reporting, and easier customization.

I wish for simpler reporting and easier customization as additional needed improvements.

For how long have I used the solution?

I have been using One Identity Active Roles for the last one and a half years.

How was the initial setup?

I assess the ease of integrating One Identity Active Roles with my existing IT infrastructure and directory services as generally good, as it integrates well with Active Directory, making the core setup straightforward. However, the initial configurations, policy roles, and workflows are complex and require AD expertise. Once deployed, day-to-day operations and synchronizations are quite reliable.

What other advice do I have?

One Identity Active Roles has significantly reduced both the complexity and workload of administrative tasks related to Active Directory, particularly for data tasks such as user creation, group changes, and account management.

My experience with the delegation of administrative tasks through One Identity Active Roles has been that it has made the workflow much more structured and controlled, with tightly scoped permissions so users receive only what they need.

My main advice to others looking into using One Identity Active Roles is to properly plan your directory structure first before configuring anything. It is essential to invest time in establishing an appropriate Active Directory structure beforehand and to use the least privilege design as a default concept. I would rate my overall experience with One Identity Active Roles as a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 16, 2026
Flag as inappropriate
PeerSpot user
Not Provided at a financial services firm with 51-200 employees
Real User
Top 5Leaderboard
May 22, 2026
Automation has transformed user onboarding and simplifies secure access control workflows
Pros and Cons
  • "One Identity Active Roles provides strong automation capabilities that significantly reduce manual administrative work, with one especially helpful example being automated employee onboarding, where user accounts, group membership, permissions, and mailbox access are assigned automatically based on the employee's department or role."
  • "One area that could be improved in One Identity Active Roles is the user interface and initial configuration process, as some advanced workflows and policy settings can be complex for new administrators."

What is our primary use case?

My main use case for One Identity Active Roles is for Active Directory user management, access control automation, and user provisioning and de-provisioning.

I use One Identity Active Roles to automate new user creation when a new employee joins, where the required AD account, groups permissions, and mailbox access are assigned automatically based on their roles or department.

I use One Identity Active Roles day-to-day for many use cases to reduce manual work, so it improves access management efficiency and makes user administration faster and more secure; that is mainly how One Identity Active Roles helps in my day-to-day work.

What is most valuable?

The best features of One Identity Active Roles that I have been using for the last year include workflow automation, delegated administration, role-based access control, user provisioning, de-provisioning, centralized Active Directory management, and detailed auditing and reporting use cases.

One Identity Active Roles' biggest impact is workflow automation, which has made the biggest impact for my team, as it helps automate user onboarding, access assignment, and the approval process, which saves time, reduces manual errors, and improves operational efficiency.

One Identity Active Roles has positively impacted my organization since it reduced manual administrative work, strengthened access security, and helped streamline user and permission management across the organization.

I have seen faster user onboarding and fewer manual errors after implementing One Identity Active Roles, where tasks that previously took 20 to 30 minutes manually can now be completed in just a few minutes through automation and predefined workflows.

One Identity Active Roles provides strong automation capabilities that significantly reduce manual administrative work, with one especially helpful example being automated employee onboarding, where user accounts, group membership, permissions, and mailbox access are assigned automatically based on the employee's department or role.

One Identity Active Roles has reduced the complexity and workload of Active Directory administration by automating repetitive tasks, simplifying user management, and improving delegation and access control processes.

Automation has reduced manual administrative efforts and saved significant time during onboarding and access management tasks that earlier took 20 to 30 minutes and are now completed in a few minutes.

What needs improvement?

One area that could be improved in One Identity Active Roles is the user interface and initial configuration process, as some advanced workflows and policy settings can be complex for new administrators.

What do I think about the stability of the solution?

One Identity Active Roles is stable.

What do I think about the scalability of the solution?

One Identity Active Roles is scalable and works well for growing environments with increasing users, groups, and administrative workload.

How are customer service and support?

I would rate the customer support seven out of ten.

Which solution did I use previously and why did I switch?

Previously I used different solutions on native Microsoft Active Directory administration tools and manual processes, and I switched to One Identity Active Roles to improve automation, delegation, auditing, and centralized access management.

How was the initial setup?

Integration of One Identity Active Roles with my existing identity infrastructure was moderately easy since it integrates well with Active Directory, and the setup was manageable.

Which other solutions did I evaluate?

Before choosing One Identity Active Roles, I evaluated some other options like Microsoft Entra ID and Okta for their identity and access management capabilities.

What other advice do I have?

My experience with delegation in One Identity Active Roles has been positive, allowing specific administrative tasks to be assigned to the right team without giving full domain access.

My experience with the pricing and licensing of One Identity Active Roles has been reasonable for enterprise use.

My advice for organizations considering One Identity Active Roles is to plan the role structure, delegation model, and automation workflows properly before implementation to maximize the benefits of automation, improve security, and simplify Active Directory administration.

I would rate this review eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 22, 2026
Flag as inappropriate
PeerSpot user
Sachin-Yadav - PeerSpot reviewer
Network & Security Engineer at Arrow PC Network Private Limited
Real User
Top 5Leaderboard
May 27, 2026
Automated identity lifecycle has reduced ad workload and simplifies delegated administration
Pros and Cons
  • "Previously, I was handling a 100 percent workload, but after using One Identity Active Roles, 70 percent of my load has been resolved."
  • "One Identity Active Roles does not require many improvements, but for upcoming or new users, there should be an easier initial setup and configuration."

What is our primary use case?

One Identity Active Roles is mainly used for AD administrator and identity lifecycle management in my network. One Identity Active Roles is primarily used for identity lifecycle management, such as automatic user management.

Whenever a new employee joins, HR creates employee information, and One Identity Active Roles detects a new user and automatically creates an AD account, mailbox, home folder, and other necessary resources. Once login syncs the AD identity, the user automatically gets access.

The most tightly used automation feature in my network is that it automatically creates AD accounts, assigns department-based groups, applies naming conventions, sets permissions, and triggers downstream provisioning.

What is most valuable?

The best feature of One Identity Active Roles is centered around AD automation, delegated administration, governance, and hybrid identity management. These are the main features that One Identity Active Roles provides.

Delegated administration combined with automation is the feature I find most valuable in my day-to-day work because it solves two major enterprise problems simultaneously. For example, too many AD manual tasks and too many users with excessive admin rights make this feature best for me.

One Identity Active Roles has had a positive impact by empowering automation security across identity management processes. Some of the biggest improvements are faster user onboarding, reduced administrative workload, and better security through delegations. Previously, I was handling a 100 percent workload, but after using One Identity Active Roles, 70 percent of my load has been resolved.

What needs improvement?

One Identity Active Roles does not require many improvements, but for upcoming or new users, there should be an easier initial setup and configuration. One Identity Active Roles is powerful, but deployment is somewhat complex. Common challenges include policy design, delegation setup, and synchronization tuning.

While I appreciate most aspects of One Identity Active Roles, a few things need improvement. One is easier initial setup and configuration, and another is reporting and analytic enhancements that can be performed on the product.

What other advice do I have?

The ease of integrating One Identity Active Roles with my existing IT infrastructure and directory services is moderate.

The overall impression of the automation capabilities provided by One Identity Active Roles is good. It is typically seen as reliable and enterprise-grade, deeply integrated with AD, governance-focused, and described as controlled identity automation with governance built in.

One Identity Active Roles typically has a major simplifying effect on Active Directory administration, especially in large or hybrid environments. The effect is usually felt in two areas: task complexity reduction and overall workload reduction.

I would advise enterprise companies to use One Identity Active Roles. It is truly useful for AD tasks.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Last updated: May 27, 2026
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free One Identity Active Roles Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free One Identity Active Roles Report and get advice and tips from experienced pros sharing their opinions.