We performed a comparison between One Identity Active Roles and SailPoint Identity Security Cloud based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Active Roles improved the management of users, groups, and AD objects in the organization."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Secure access is the most valuable feature."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"A feature of SailPoint IdentityIQ that I like best is that it has good integration with other platforms. My company is using ADP here in Brazil, and SailPoint IdentityIQ works very, very well with it. My company is also using the solution for governance evaluation, segregation, and other access tests. For my company, SailPoint IdentityIQ is a very important solution, especially because it's automated, and there's a huge audit and risk issue here in Brazil."
"The most powerful feature of the solution is its platform-based approach. Unlike other solutions, this tool offers a high level of customization. It is an open and flexible platform, allowing users to tailor it to their needs. This ability to customize and adapt the solution to individual requirements makes the solution stand out as a powerful product."
"Provisioning in multiple environments."
"The community is very active and when I had questions about an issue, I was able to find the resources."
"The level of customization for data imports and role modeling, because it helps to integrate faster, support easier and let it reuse the organization role structure."
"We are happy with the SailPoint IdentityIQ’s stability."
"Access certification and provisioning are two of the solutions most valuable features."
"The most valuable features of SailPoint IdentityIQ are the reporting because it is better than other solutions. The workflows can be customized to our requirements and the overall features are good."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The way you can search groups could be better."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"They should lower the price and technical support should be better."
"What it doesn't do is provide notice in the event of a vulnerability or offense from the security."
"The UI is complex."
"There are various functions that don't work in IdentityIQ, including the access request reminder, which doesn't go to the approvals in the proper format, so it's hard for users to read."
"There's a lot of customization required to improve the user experience."
"The product has poor reporting and analytic capabilities. Reports are not easy to use and its analytic capabilities are limited."
"The product’s cloud offering could be flexible."
"The solution's technical support team's response time and skills need improvement since it is an area where there are shortcomings."
More SailPoint Identity Security Cloud Pricing and Cost Advice →
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while SailPoint Identity Security Cloud is ranked 1st in User Provisioning Software with 62 reviews. One Identity Active Roles is rated 8.6, while SailPoint Identity Security Cloud is rated 8.2. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of SailPoint Identity Security Cloud writes "Flexible, easy to customize, and not too difficult to set up". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, Softerra Adaxes and NetIQ Directory and Resource Administrator, whereas SailPoint Identity Security Cloud is most compared with Saviynt, One Identity Manager, Microsoft Entra ID, ForgeRock and Microsoft Identity Manager. See our One Identity Active Roles vs. SailPoint Identity Security Cloud report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
