One Identity Manager Reviews

The primary use case for us is to follow the identity lifecycle, starting from feature improvement up to many accounts along with targeted systems.

It has improved the way of operations functions. 

It has partly helped with GDPR, especially with HR.

The most valuable features of this solution are its handling and that it is easy to maintain and manage the data.

The solution is flexible in connection with the controls. For example, it's easy to implement, easy to handle, and understandable to configure.

The user interface needs improvement.

I would like a secondary account approach out-of-the-box, as this would be really useful. Additionally, it would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes. 

The stability has improved over time. 

It is easy to scale up. However, obtaining additional resources additional are an issue.

We have not been much in touch with their technical support, which is a good sign for the product, since it mostly working.

Our previous solution (IBM) was outdated.  

The complexity of the initial setup varies. The Active Directory may be considered less complex then connecting a SAP system.

We have a consultant, who helps us in wrapping up solutions and connecting the current systems to one another.

This solution helped us to increase employee productivity when it comes to provisioning users or systems. It is what the solution was designed for. In some cases, it has gone down from days to hours/minutes.

To a certain extent, it has helped us reduce help desk calls by five to ten percent.

It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation.

We had a shortlist of three vendors: SailPoint IdentityIQ, IBM, and One Identity. We looked at functionalities, what came out-of-the-box with each product, and what needed configuring.

The product is a nine out of ten because 80 to 90 percent of our requirements are out-of-the-box.

Consider the speed of implementation, amount of customization, and the authentications if you are comparing between tools. Operations is also a topic: Is it easy to operate and is there a dedicated operational team? 

We have integrated with SAP because SAP has connected systems.

I like the integrated approach of the privileged account governance features. 

We use it to manage identities, We have around 12,000 employees who need to be managed, which is a lot of people worldwide. It is sort of stressful to manage proactively unless you have automated systems.

We have an SAP connector since we have integrated the solution with our HR database.

Simulation mode of One Identity Manager for company policies, station policies, business roles, etc.

The solution is flexible. You can customize it a lot. You can also customize parts of it. You can can build connectors, connecting them to a new application, and so on.

There are some good things about the policy and role management features, but you can't really use them to their full potential. A lot of customizing that we have to go through to implement new processes and new customized policies could be better. Though, overall, it is great.

They need to implement a lot of best practices for this solution.

The stability is okay. It really depends on if there have been changes made on the database where you are trying to obtain your data.

I haven't had much contact with the solution's tech support. My partner contacts them.

Our company didn't have any of this type of solution before, so it's a totally new process that we're going through at this very moment.

The initial setup was quite complex because you run into some existing policies that the company already had. There was some trouble with some inconsequential policies.

We used our partners, who are an integrator. Everything is in one box.

The solution has helped us increase employee productivity when it comes to provisioning user interface systems. Our employees get everything that they need the day that they start.

Build a strong team for this solution because there will be a lot of issues that you will have to go through, especially on your HR database. Build a team that knows how to listen and how to act.

The SAP integration process was quite interesting. You have to search for the answers in the right department with the right people. After that, it becomes easy.

We are currently not on the cloud.

We have this process of provisioning and non-provisioning users, depending on our SAP HR database.

The most important thing is that we don't have bad users in our systems anymore.

We no longer keep users who shouldn't exist.

It is flexible with APIs and the customizing of a portal.

I would like to have more extensive out-of-the-box reports.

The stability is great. We haven't had any problems. It keeps on working.

We can expand as much as possible. It will meet our needs going forward. We have already expanded a lot of times. The only issue with expansion is the cost of licensing.

I have only had one experience with the technical support, and it was okay.

We were not using another solution prior to this one (not in this scope).

The initial setup is mostly straightforward, but you still need to customize some things.

It has helped to reduce the paperwork of the help desk. There is a lot less paperwork, which has increased employee productivity, allowing them to be assigned to additional projects. 

We were also looking at the Microsoft Identity Manager. However, we decided on One Identity Manager because it has a wider coverage of different products.

Implementation and integration with SAP went well from the Identity side, but we have had internal problems with the data. However, we have been solving that for four years now.

We have chosen the product, especially for its governance for all the processes of the company, onboarding of employees, and lifecycle processes.

All our lifecycle processes have been improved. Some processes used to last around five days. Now, there are about one day or a couple of hours. This is very good for the user experience of our workers.

We are very satisfied of the privilege account governance feature, because we implemented a lot of processes around privilege account management that we didn't have before, which is a very good thing.

For the recertification and segregation of duties, it's easier to know all the information about our employees. If we need to delete some information, we can do it from a central point, then it can be deleted on all our searches. This is very good for GDPR.

The most valuable features of the product are the recertification, segregation of duties, and user experience.

The simplicity of the policy and role management features make it easy to use for implementing policies and configuring them.

When you see the product for the first time, it seems very complicated, but it's not. To improve the product, it should be made to seem simpler when you see it for the first time.

For the moment, we don't have any problems in production. Therefore, it is a good product.

The product is quite scalable, except for the database which is not highly available. This is where scalability could be improved.

We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support.

The initial setup is straightforward and easy to install. If it's your first time with the product, it can be very complicated because there are about 40 to 50 executables. However, when you know the product, it's simple.

The product is quite flexible. In the beginning, the product is an enormous solution. Then, after some training and experience, it becomes easier to implement.

It has helped to increase employee productivity.

We are satisfied with the product.

We want to bring our on-premise systems under our control, then our cloud solutions under our control.

With this product, we been able to bring together HR, IT, and lifecycle management. It is very helpful for managing the Joiner/Mover/Leaver process. We also use it for compliance on all the audits which are around.

We have integrated the solution with SAP, which has governance. We need to manage the Visual Administrator and One Identity Manager. The integration is pretty straightforward. There were some bugs with version 6 which are being removed with version 8, which is good. The platform is progressing. Though, some parts of SAP are not covered yet, like GRC.

The tool is like a big Lego in which you can use the parts that make sense for your organization.

It has several components out-of-the-box.

The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price. 

I would like the sync editor to be able to change labels because currently our concurrent development cannot work on this.

Self-service is important for our end users. However, after three years, people continue calling the help desk, and the help desk is using this solution to make its requests.

The web front-end definitely needs improvement.

Once the solution is configured, the stability is good.

We are an organization with 10,000 employees. This means 100,000 accounts or an account in group tables or approximately one million. We are not really big. It works okay for us as long as we fine tune some parts in the web design. 

The technical support is non-existent. It is not worth talking about.

We used a homemade solution, which was AD-based. It was a layer on top of AD with Java and Oracle Database in the background, but we had to move to something that can also manage could cloud, which was why we switched.

If you have consultants who do not know the solution nor the target systems, the initial setup is hard. It is my impression that if you are some very huge organization. One Identity will send the best people. If you are unimportant, then you get people who are seeing this application for the first time. This is the only way that I can explain what happen to us in the past.

We used someone at first, who was definitely not good. Then, we used Deloitte France, who was also not good. Then, we use Deloitte Germany, and the solution finally worked. That was three attempts. It was really hard to find good people.

On deprovisioning, when somebody leaves the organization, it allows us to better cut access to everything that they had.

The finalists were SailPoint IdentityIQ and One Identity. The reason that we chose One Identity was due to the logic of the connectors that they have. From those, we understood that this solution contained expertise on target systems.

If you want real-time management, it can be done within three to five working days with this product. That is how we do things today, so we have a process in place and do it with internal resources.

Bring your processors in under your control. Define what you want and when it works in Excel, then you are ready to buy the solution. It doesn't really matter which solution you would buy, as long as you have things under control.

The policy and role management features are very powerful, but it is hard to make the organization use them in the proper way.

We have not implemented the privileged account governance features.

From the back-end perspective (provisioning engine), I would give it a nine out of ten. However, from the web front-end, I would give it a five out of ten.

As consultants, we use it for provisioning, for access management in SAP, for AD access management. In the future, we may use it for many other applications like SafePoint and Office 365.

It improves organizations because role requests are automated, as are provisioning and deprovisioning; all of that is automated. 

It saves time and improves productivity because otherwise, people would be calling the helpdesk. Productivity is improved because everything is automated. A user makes a request and a workflow is triggered. It sends mails to your manager or to the product owners for approval. If everything is working properly, productivity increases.

Even without any customization, if you install it, configure it, it's ready. We may do some small customizations afterward, but the product is really good as is. It's very powerful. Without any customization, it starts working.

There is also a new feature, the Sync Engine, which is very good. Before, without it, the initial onboarding of HR systems was very difficult.

The policy and role management features are good, but not well-implemented in many companies because it's not that easy. It takes time. We are starting to use attestation in our current project and to follow the company policies. It takes time, but the feature is good. The company policies feature is really good because in workflows you can check whether the policies are all working. It's a good feature, but I don't think it is very common in many companies.

In terms of privileged account governance, in all of our previous projects we created privileged accounts and, again, with the new projects, we are going to start managing privileged accounts through One Identity. This feature is good. The new features are really good.

Finally, the product is flexible. We can easily customize almost any part of the system, such as having logic code inside the templates, inside the tables. And we can create processes as well. The customization makes it really flexible.

One Identity has a self-service portal but many customers need a helpdesk where they can go in and request. To make that happen we need to do a lot of customization. Maybe that could be improved, but it can be implemented.

The current version we have is stable but there are bugs, of course. There are many bugs. Many customers may wait for somebody else to move their systems and after they get the feedback, only then will they move. Each time there is a new release, it takes time to become stable.

It's scalable.

Technical support depends on the level. Level-one is not as knowledgeable as level-two. But, overall, their level of knowledge is good.

For me, the setup is easy, because I have a background in Microsoft technologies. That makes it really easy.

We are currently working on integrating it with SAP, but we are customizing a lot of things to fit with the current company's requirements. Their requirements are quite different from the out-of-the-box settings. Next month is the first SAP system go-live.

After the SAP onboarding, we will look at the cloud. I have fixed some bugs in the code for the Office 365 onboarding earlier. That was a very early version with custom connectors to Office 365, version 6. But in terms of a cloud connector, we have not started to work on it yet, in the latest versions.

This was for customers identity management, where there were a huge number of domains and the customer had unnecessarily complicated the system with a lot of parameters and attributes. 

Larger customization has made the system complex and confusing. The people who deployed it initially did little to document it. This has had a negative, delayed impact on the overall project and solution. 

The good part is Quest One IDM allows for large customization.

• Separated modules and integration allow for more capabilities 
• Graphical and tabular interfaces
• VB and SQL front-end and back-end

A detailed solution document to registered aspirants and interested people would help them achieve what they require before its tested and pushed to production. Quest Software should provide notes and documents to customers before they buy the product and license.

Everything (location, cost center, department, business role, etc.) is a role.

The Data Importer is a great tool to create an ETL. It generates code which is easy to maintain later without the tool.

The Attestation function lets you easily define grant/deny workflows based on constellations in the database.

We were able to connect 300+ SAP clients who were requesting access to SAP roles with the software. We also established an offboarding/onboarding process for SAP clients, as well as other target systems.

Some internal structures are in place because of already depreciated functions back from the time when the solution was used for software deployment and as a help desk.

Four years.

Versioning requires a lot of customizing effort.

No issues.

Web Designer consumes a lot of memory based on certain queries that could let the IIS run short on memory. This could be mitigated with more memory.

Very good.

Very good.

No.

No, it is wizard driven. If something went wrong we had to restart from the beginning.

The vendor team had a mixed level of experience, but there were enough excellent engineers.

Unmeasured.

Start with an operations team that is motivated to learn a lot in a short period of time. The longer you wait, the more expensive it will be to get the right level of expertise in this area.

I was not involved.

Great product, which I would recommend. It has a huge learning curve, but could solve all your IAM challenges. Make sure to have a good team and support from the vendor.