What needs improvement with One Identity Active Roles?

One Identity Active Roles can be improved with a more modern user interface, better reporting and analytics capabilities, simplified workflow customization, improved troubleshooting tools, and stronger cloud and hybrid identity integration capabilities.I did not rate One Identity Active Roles at the highest level because areas such as user interface modernization, workflow complexity, troubleshooting experience, reporting capabilities, and cloud integration still have room for improvement.

One area that could be improved in One Identity Active Roles is the user interface and initial configuration process, as some advanced workflows and policy settings can be complex for new administrators.

One Identity Active Roles can be improved with a more modern and user-friendly interface, better reporting and analytics, simplified workflow customization, faster performance in large environments, and stronger cloud and hybrid identity integration capabilities. Additionally, One Identity Active Roles could be improved with troubleshooting tools, clearer error reporting, enhanced real-time monitoring dashboards, and simplified complex policy and workflow management to make administration easier in large enterprise environments.

While One Identity Active Roles is a strong identity and access management solution overall, there are a few areas where it could improve. One challenge we experienced was the initial setup and configuration complexity. Deploying workflows, policies, and delegation models require careful planning and a good understanding of the Active Directory environment. For organizations without experienced administrators, the learning curve can feel quite steep in the beginning. The user interface could also be more modern and intuitive. Some administrative tasks require navigating through multiple menus and the overall experience could be simplified for faster day-to-day management. Another area for improvement is reporting and customization. While the auditing features are good, creating highly customized reports sometimes requires additional efforts or scripting knowledge. More built-in reporting templates and easier dashboard customization would be helpful. We have also noticed that troubleshooting workflows or synchronization issues can occasionally take time because the logs can be very detailed and technical. Better diagnostic tools and simpler error explanations would improve the operational experience. That said, once the platform is properly configured and maintained, it performs reliably and delivers strong automation, delegation, and governance capabilities. One additional area where One Identity Active Roles could improve is cloud integration and hybrid environment management. While it works well with Active Directory and the Microsoft environment, organizations moving heavily towards cloud-first infrastructure may want even deeper and more seamless integration with modern SaaS platforms and identity providers. Performance optimization in large environments could be improved. In very large enterprise deployments with complex workflows and multiple managed domains, some administrative actions and synchronization tasks can occasionally feel slower than expected. Another point is documentation and onboarding resources. The product is feature-rich, but some advanced configurations require going through extensive documentation. More practical examples, guided setup wizards, and easier to follow best practice guides would help new administrators adopt the platform faster. Overall, the core functionality is solid, and most of the pain points are related more to usability, complexity, and modernization rather than the reliability. One additional improvement I would mention is around integration flexibility with third-party ITSM and DevOps tools. While the platform integrates well within Microsoft-centric environments, broader out-of-the-box integration and simpler API workflows for non-Microsoft ecosystems would make deployment and automation easier for organizations using diverse infrastructure. Another area is upgrade and migration simplicity. In enterprise environments, version upgrades and environment migration sometimes require careful planning and testing. Streamlining that process with more automated compatibility checks and migration assistance would reduce operational overhead.

One needed improvement in One Identity Active Roles is the customer support. Customer support needs to improve because queries are not resolved in a responsive manner. The solutions provided are not capable enough to solve our problems, and responses are not very quick.Another area needing improvement is the steep learning curve. One Identity Active Roles should provide user manuals, user guides, and resources so that the learning curve becomes much easier than it currently is. The ease of integrating One Identity Active Roles with our existing IT infrastructure and directory services has been a smooth process. The overall integration with existing IT infrastructure was smooth and really helped us.

One Identity Active Roles is strong operationally, but there are a few areas where it could improve, such as cloud-native integration; since many organizations are moving towards hybrid and multi-cloud environments, a tighter and simpler integration with more cloud platforms would enhance the overall experience. One practical pain point I encountered around workflow customization and change management is that the tool is powerful, but when organizations want highly customized approval flows based on business logic, implementation can become complex and often relies on experienced administrators or consultants.

One Identity Active Roles could be improved with a more modern and intuitive UI, faster performance for large environments, simpler reporting customization, and smoother integration with cloud-native identity platforms and APIs.

One Identity Active Roles could be improved with a modern and intuitive user interface, simpler configuration for complex workflows, and faster performance in large environments. Better cloud integration and easier customization for reporting and automation would also enhance the overall experience.

One Identity Active Roles could be improved with a more modern and intuitive user interface, faster performance during large-scale directory operations, and simpler initial deployment and configuration.

One Identity Active Roles is very useful, though there are a few areas where it could be improved, such as the user interface, policy creation, and reporting - it requires good knowledge of Active Directory. The UI can feel outdated and not very intuitive for new users, and the learning curve is steep. Sometimes there can be slight delays when handling large-scale operations, and the reporting needs to be more helpful for audits.

Overall, One Identity Active Roles is a very powerful tool, but there are definitely areas where it can be improved. One area is the user interface. It can feel a bit outdated and not as intuitive, especially for a new user. A more modern and user-friendly UI would improve adoption and reduce the learning curve. Another improvement area is integration and cloud support. While it works well with on-premises Active Directory, integration with Azure AD and other cloud systems can be better and more seamless. Also, dynamic group processing and performance can sometimes be challenging in large environments, especially when there are complex rules. Optimizing performance in such cases would help. From a governance perspective, features such as attention and certification could be stronger as they are important for compliance-heavy environments. Lastly, improving integration with third-party systems and simplifying customization would make it easier for organizations to adapt it to their needs. Along with UI and integration, I think One Identity Active Roles could improve in a few operational areas. One is reporting and dashboards. While auditing is strong, the out-of-box reports can be a bit limited or not very visual. A more customizable and user-friendly dashboard would help teams quickly get insights without extra effort. Another area is troubleshooting and error visibility. Sometimes when workflows or policies fail, the error messages are not very clear, so it takes time to identify the root cause. Better logging and clearer error messages would make support easier. Also, upgrades and maintenance can be a bit complex. Simplifying version upgrades and reducing downtime would be beneficial, especially in large environments. Finally, training and documentation for new users could be improved. Since the tool is quite powerful, having more straightforward guides or built-in help would reduce the learning curve for new admins. Some additional improvements I would suggest include better cloud-native capabilities. As organizations move more toward cloud-first strategies, having stronger native support beyond Microsoft Active Directory would be helpful. Simplified customization is another area where, while the tool is powerful, customizing workflows or policies can sometimes be complex. Making this more low-code or user-friendly would improve productivity. Lastly, faster performance in large environments would also help because in environments with many objects and complex rules, performance tuning can be challenging. Overall, it is a very solid and reliable solution, especially for AD management, but enhancing cloud readiness, usability, and performance would take it to the next level.

One Identity Active Roles can be improved by enhancing its user interface to make it more modern and intuitive, as sometimes navigation and configuration feel complex for new users, and additionally, improving reporting and dashboard capabilities with more customizable and real-time analytics would add significant value, while better native integration with cloud platforms like Azure AD and hybrid environments could also strengthen support for evolving infrastructure needs, and simplifying workflow design with more visual and user-friendly options, along with improved performance during large-scale operations, would make it even more efficient and easier to manage the enterprise environment. One specific issue I have encountered recently is that the interface and workflow configuration can become complex and less intuitive, especially when managing multiple approval steps or modifying existing workflows, which sometimes requires deeper scripting or backend adjustments, so more user-friendly and visual workflow design would be a great improvement, and as a wish-list item, I would like to see stronger, more seamless integration with cloud and hybrid environments like Azure AD, along with enhanced real-time reporting dashboards and easier troubleshooting tools, which would help in faster issue resolution and a better overall administration experience.

One area where One Identity Active Roles can be improved is in simplifying its initial setup and configuration process, as deployment can be complex and time-consuming for a new user or organization without deep Active Directory expertise, which can slow down adoption and require additional training or support. Additionally, improving the user interface to make it more intuitive and user-friendly would enhance the overall experience for administration, especially for those who are not highly technical. There is also scope to enhance performance in certain scenarios such as reporting over slower networks. Expanding flexibility in customization and integrations could further strengthen its usability in modern hybrid and cloud environments, making it even more efficient and easier to manage at scale. One improvement I would particularly highlight for One Identity Active Roles is the need for seamless integration with modern cloud platforms and hybrid environments. Many organizations now operate beyond traditional on-premises Active Directory, and having more out-of-the-box connection connectors and easier configuration for tools such as Azure or other SaaS applications would save time and effort. Making reporting and dashboards more customizable and intuitive would help administration quickly derive insights without relying on external tools. Improving documentation and in-product guidance could also make troubleshooting and advanced configuration much easier, especially for new users who are still becoming familiar with the platform.

One Identity Active Roles is very helpful, but a few improvements could make it even better, such as simplifying the user interface to make it more user-friendly, especially for new users, and making setup and configuration easier. Adding more customization in reporting and improving performance for larger environments would further enhance the experience. Overall, it is a strong tool with minor areas for improvement. Navigation between different options can feel complex, so simplifying that would help. Additionally, quicker search and better filtering options for users and groups would make daily tasks even faster, enhancing usability.

One area where One Identity Active Roles can be improved is in the user interface. It can feel outdated and not very intuitive for new users. Some tasks require multiple steps or navigation through different sections, which can slow things down initially. A more modern and simplified UI would definitely improve the overall experience. Another area for improvement is around integration and flexibility. While it works well with the core Microsoft environment, expanding smoother integration with more third-party tools and cloud platforms would make it even more versatile. This would help organizations manage hybrid environments more seamlessly. Overall, One Identity Active Roles is already a strong product, but small enhancements in integration and scalability would be beneficial.

A few improvements I would like to see in One Identity Active Roles are mainly around usability, reporting, and modern integration. One key area is user interface simplification. While the tool is very powerful, the admin console can feel complex for a new administrator. A more modern, intuitive UI with clearer navigation would make onboarding easier for IT teams. Another improvement area is reporting and analysis. Having more real-time dashboards, customizing reports, and better visibility into identity changes will make it easier to monitor governance at a glance without exporting data manually. A couple of additional improvement areas stand out, especially around integration and operational flexibility in One Identity Active Roles. One important area is smoother integration with the modern SaaS and cloud identity ecosystem. While it works very well with Active Directory integration, newer cloud-native applications or hybrid environments can sometimes require extra configuration efforts. More out-of-the-box connectors and simpler setup in cloud platforms would make adoption faster and easier. Better real-time monitoring and alerting would also be beneficial. While the platform does provide auditing and logs, having more proactive, real-time alerts for unusual identity changes such as bulk permission updates or suspected group notifications would be beneficial.

One Identity Active Roles can be improved, as there are a few areas that could be enhanced. The initial setup and configuration can be complex, especially when designing workflows, policies, and delegation models. It requires proper planning and skilled resources to implement effectively. The user interface, although functional, could be more modern and intuitive, as new users may require some time and training to become comfortable with the system. Reporting flexibility could also be improved, as there are built-in reports that are useful, but more customizable and user-friendly reporting options would enhance the overall experience. Additionally, the license cost is relatively high, which may concern small- to mid-sized organizations. Improving documentation and providing more guided implementation resources would help organizations accelerate deployment and reduce dependency on external support. Overall, addressing these areas would make the solution more accessible and easier to adopt. One Identity Active Roles is a mature and feature-rich solution, but there are a few areas where improvement would enhance the overall experience, such as simplifying the initial deployment and configuration process, improving the user interface, enhancing reporting capabilities by providing more flexible options, and offering better documentation with more detailed implementation guides. Additionally, optimizing licensing costs or offering more flexible pricing models could make the solution more accessible to a wider range of organizations.

One Identity Active Roles is a strong product, but like any enterprise tool, there are areas where it could be improved. First is a modernized user interface, as some administrative consoles and workflows can feel dated compared to newer SaaS identity platforms. Second is faster cloud-native capabilities, as deeper native integration with Microsoft Entra ID, SaaS applications, and zero-trust ecosystems could be expanded further as organizations move towards hybrid and cloud-first environments. Third is simplified upgrades and maintenance, as enterprise customers usually prefer smoother upgrade paths, reduced dependency complexity, and easier patch management with minimal downtime. Fourth is enhanced analytics and AI recommendations, where features such as anomaly detection, role mining, duplicate access identification, and AI-driven recommendations for least privilege access would strengthen governance. In addition to the product features, I would mention documentation, support, and ecosystem integration as areas that could be enhanced in One Identity Active Roles. First is documentation and knowledge base, as more step-by-step implementation guides, architecture best practices, troubleshooting flows, and real-world use cases would help administrators deploy and manage the product faster for enterprise tools where clear and updated documentation is very important. Second is technical support experience, as faster turnaround for complex issues, more proactive guidance during upgrades and migrations, and easier access to senior technical experts would improve customer experience given that support is generally important for an identity platform because they are business-critical systems. Third is a broader integration ecosystem, as having more ready-made connectors and APIs for HR systems, SIEM platforms, ITSM tools, PAM solutions, and cloud applications would reduce customization effort. Integration with Microsoft ecosystems, ServiceNow, Splunk, and other security tools can add strong value. In addition to the broader improvements already mentioned, there are several smaller and more practical enhancements needed for One Identity Active Roles that would add value in day-to-day operations. These include faster bulk operations, better search and filtering, improved notification options, easier custom workflow design, better performance visibility, and stronger self-service capabilities.

While One Identity Active Roles is a very powerful platform, there are definitely areas where it can be improved to enhance usability and scalability. First is the user interface and experience. While it is functional, it can feel complex for a new user and less intuitive, especially for onboarding a new user. The second is the learning curve and setup. The initial setup and configuration, especially for policies, workflows, and delegation models, can be quite complex. Third is reporting and analytics enhancement. Although auditing is strong, the reporting layer could be more flexible and visual, adding features such as more customizable dashboards and better visualization. Fourth is cloud and hybrid enhancement, such as a more seamless integration with Azure AD, Microsoft 365, and other SaaS platforms. Fifth is performance in large environments. In very large-scale deployments, some organizations may experience slower performance during complex queries or workflows. Sixth is documentation and training. While documentation exists, it can sometimes be too technical and not beginner-friendly. Overall, while One Identity Active Roles is already a robust and mature solution, improvements in usability, reporting, and cloud integration could make it even more powerful and accessible in the future.

One Identity Active Roles is a strong tool, but there are a few areas where it can be improved. One area is the user interface, which can feel a bit complex or outdated. Making it more modern and user-friendly would reduce the learning curve. The initial setup and workflow configuration can be slightly complicated, especially for new users or smaller teams. Simplifying this would make adoption easier. Another improvement could be better cloud integration, especially with modern cloud environments to make it more seamless. Additionally, having more ready-made automation templates and better documentation would help teams implement use cases faster.

I do not see anything that needs to be changed as of now concerning the organization's needs because it is working very well and it is providing great features with great processes. The initial setup could be simpler because sometimes it feels like it should be more straightforward.

There are no features missing; however, the initial setup could be simpler. Apart from this, everything is smooth.

The initial setup is a bit complex for new engineers, so that could be simplified.

Even though I advocate for One Identity Active Roles, there are areas for improvement, particularly in hybrid integration experiences where it feels a bit clunky compared to its capabilities for on-premises AD management. The user interface feels dated compared to modern SaaS applications, making it less intuitive for non-technical business managers. I would like to see One Identity Active Roles lean more toward an API-first and Identity-as-a-Code approach. The current REST API feels like an afterthought, and my developers want the ability to operate through CI/CD pipelines instead of logging into the GUI.

One Identity Active Roles can be improved by simplifying the setup process since a small team in a small business requires implementation without extensive IT support. Additionally, the pricing could be more flexible or tiered to better fit the budget of a smaller organization.

Integration capabilities are somewhere in the middle; it is not easy to integrate, but it is not the hardest thing out there. Certain automations, possibly web apps, could be improved or simplified to make them easier. These automations are what I think could be improved. I do not use the comprehensive group membership management feature and have not utilized the fine-grained permission control feature deeply. The process of streamlining directory security for on-premises and cloud-based directories is not particularly applicable to my organization.

One Identity Active Roles can be improved by updating the interface as it seems to have been static for quite some time, and I feel there could certainly be improvements made. Similarly, with the automation, I feel an updated user interface would make it slightly easier to use and understand for people who are not necessarily familiar with things such as the Active Directory Users and Computers interface. Modernization is needed for those improvements.

One of the things I would like to see more robust is the change history. One Identity Active Roles can only monitor changes that happen in the console, and the logs don't go back longer than thirty days, maybe sixty days. The change history, when we've seen accounts get modified, we leverage a container domain that funnels accounts into our Active Directory console. I would like to see from an initial user provisioning perspective, for them to isolate the workflow and say that this came in on X date and account was created. If anyone were to modify that account from an external resource, I would like to be able to read that as well. One Identity Active Roles is strictly limited to the console. If someone makes a change, the history of those changes is not as long as I would prefer.

One area where One Identity Active Roles can be improved is by having deeper native connectors with existing and more ITSM and identity tools, which would simplify automation across multiple cloud and customer locations. I would also suggest enhancing the reporting flexibility; while audit reporting is strong, customizable dashboards and visuals could help non-technical stakeholders gain insight faster. Some users find the admin console and workflow designer to be somewhat complex, so making the interface more modern could reduce the learning curve.

If One Identity Active Roles has to be positioned for all customers, not just the entities which are being regulated, then the pricing has to be normalized. There are many solution providers in the market who can do it at a much lesser price. India is a price-sensitive market, and I can speak only for India; I cannot speak for the other part of the world. We have many local vendors who can provide these kinds of solutions. But since One Identity Active Roles is a much more mature product and has been in the market for a very long time, customers have some respect for that and they can pay the premium. But that premium cannot be three times, two times, or beyond three times. So the pricing has to be normalized based on the market. Every market has its own constraints, so the One Identity team should work on that aspect.

The interface appears outdated. Once logged in, everything inside remains unchanged from years ago. Additionally, when they release new features, they should provide training or webinars at least once or twice a year. This would help users stay updated and aware of new features. When I requested a demo session with One Identity, the presenter didn't provide complete details, making it difficult for non-technical managers to understand. The demo should be planned based on the customer's knowledge level. Regarding visibility in the directory ecosystem, while it is very good, there are limitations. When we add numerous domains, it becomes slow. With around 60 domains, attempting to add approximately 30 caused significant performance issues. We had to remove and decrease the number of domains, indicating room for improvement in managing multiple domains from a single interface.

One area for improvement would be the Entra ID side, including better delegation for Entra ID objects and more granular permissions. We would also like to see better Entra ID license management using virtual pool management, given that the current setup is custom-made, and having this feature built-in would be beneficial. The web interface could also be improved, though it's ongoing.

There are areas for improvement in One Identity Active Roles that include updating the web interface, creating an API accessible from the web, and improving overall performance, as it can be slow at times. But all of those are already in the development roadmap.

The user interface needs to be more modern and scalable. There are certain screen resolutions where the product is unusable. In today's environment, where we work with different sizes of monitors and screen resolutions, it is problematic if connecting to a certain monitor renders One Identity Active Roles unusable due to resolution issues. This should not be a concern in modern times, as the interface should automatically scale based on the resolution. This is the most significant drawback of the user interface.

The possibility to request group membership, similar to the past, was disabled and moved to Identity Manager. That would be coming back in six months. Additional documentation about the Angular web interface is also needed.

There is always room to improve the user interface for increased clarity. I believe enhancements to the console are also necessary because it is more confusing than the web interface.

I know they have increased support for Entra ID and mentioned providing support for AWS. A way to connect to various directories and integrate with cloud directories would be beneficial.

Active Roles can fix many little problems that have never been resolved and have lingered for years, continuing to annoy people. For example, you can't search by object GUIDs. The manual says you can, but it hasn't worked in five years.

Active Roles could add more options for web customization. Our requirements are exceedingly specific. We'd like to get the web interface down to just five buttons, but in some cases, we can only get to six. The web interface in the current version is less customizable than in the previous one.

The solution has not enabled us to reduce password reset times. It has not automated provisioning. The group attestation could be improved. It was a feature that was available in version 5. You can configure it, however, it's no longer out of the box. My understanding is that they will put that feature back in again. However, right now, it's a feature that is lacking. The way you can search groups could be better. When a company has a large number of groups it's very difficult to search the groups and assign the different columns.

The Group Family feature is okay, but there are some issues around its use for creating objects automatically, based on HR attributes. Another issue is that it doesn't look like the hybrid connections are particularly mature. We haven't really used it much. We have a couple of guys setting it up who don't really like the way it's working. It uses a synchronization tool to do that. Native integration with the cloud would be better. Also, we're trying to manage Office 365 mailboxes and although it will create a mailbox in the cloud, it won't do shared mailboxes. That means we're having to write custom solutions for that. Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up. Some of their built-in functions will work off of both servers and I don't see why this shouldn't as well. Another similar gripe is that when you run custom Active Roles policies, they'll actually trigger on both hosts, not on one. In that scenario, it would be better if they would trigger on one host, unless it wasn't available. For example, if you're writing to the event log, you have a custom task and it will show up multiple times because it's being processed by multiple front-end hosts.

The solution needs an attestation process that includes certification and recertification attestation. The pricing is high and has room for improvement.

The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint.

We would like to see * extension of change-tracking auditing capabilities, especially in relationship to the virtual attributes * more flexibility with group families * integration with cloud database path solutions * better integration with Azure AD; it integrates, but it could be better. These are all things that our tech team has talked to their tech team about. And they're extremely responsive. In addition, there are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing One Identity, they're probably working on them.

In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rulesets. It's a bit difficult. I'm not the technical person that uses it, it's my team, but I heard comments that it is quite difficult for them to get to know the product and set up the tasks that are required.

The overall UI needs a refresh; the web interface requires some modernization. We would also like to have a SaaS version of Active Roles. Rather than implementing it in our data center, it would have been nice having a SaaS-delivered solution. The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there.

When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow. There are other finds, like when you just simply go look in Active Directory, and say, "Find." I absolutely love that we can export the results from that one. It's only the search function within the workflow that could be a little bit better. In version 7.4.1, they added support for SAML authentication to the web pages and the documentation was quite lacking. The documentation for that, in particular, needs a lot of work. I ended up having to work with support over multiple sessions to try and get that to work properly. This was a newer function for 7.4.1, so I had never used it before in the previous versions. When you downloaded their product, the documentation was the same as they had posted on their website. It was the same in both places. It was very broken up and wasn't complete. It needed to be reworded and flow better so somebody new could follow it a bit better. Because even after following all the solutions, even the tech support said to do it differently than what was in the document before we could get it to work. Therefore, I would definitely like to see some work on the documentation for that area.

The ability to send logs to a SIEM would be very beneficial.

For the AAD management feature, it needs to improve the objects that we can manage and the security. I know that they have everything in road map, so they probably will include everything in a year or a year and a half. I would like them to support a cloud solution. This is important for us. They have it on their roadmap. For now, they only have basic options for cloud-delivered services. We are in the prospect of looking for a customer who wants a cloud-only solution, but will wait for the new features, which will probably be available in one year. The should try to move everything to a web interface. More solutions are trying to use a web interface. They need batch processing, but that is in the road map, and that's okay. They need better language support. While they have a language pack, it's not always available at the same time as the product. Sometimes, when we install it in other countries, they don't have the language pack, then our customers complain about this.

For what we use it for, there are no additional features it would need.

Active Roles allows policies and there are a lot of example policies that come with it. It has Access Templates and there are a lot of Access Template examples in it. It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task but that are not enabled. I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch.

* Web console – it should have more customization options in terms of look and feel of the landing page * Workflow policies – Additional policies for folder access provisioning * Bring back attestation – Attestation feature is dropped from ARS. This should be brought back