We performed a comparison between One Identity Active Roles and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having a tool to manage all changes to AD from a single pane of glass is awesome."
"It gives us attribute-level control and the AD management features work very well."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"The solution is stable."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"It's a very useful tool that has improved our client's security, from day one."
"The solution is easy to scale."
"When comparing it to other products, you can set up CA IAM in a PoC very quickly to demonstrate its provisioning capabilities."
"It has improved our user management. It is definitely streamlined."
"There are many valuable features within the solution. The product is easy to customize. It’s also highly secure."
"The product’s most valuable feature is flexibility. It can be customized as per the customer’s requirements."
"It offers a nice price. It's mid-range."
"Out-of-the-box the product has a lot of opportunity for configuration and sophisticated identity management capability."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"Most of the time it just works."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The way you can search groups could be better."
"The directory has room for improvement. Also, the dashboards and, in particular, the KPI dashboard that shows the current user’s information needs reworking."
"The development process to create this connector is not as easy as I would like."
"The Identity tool needs to do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point."
"There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration. What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration."
"A better information display for the approvals within the workflow would give them more information and the ability to comment back on a request as to why they're rejecting it. We've been telling them we'd like this improvement, and we hope to see it."
"The product has a lot of need for improvement. Our issues are being raised back to the vendor as enhancements."
"It has a large footprint which you'd expect to be much, much smaller. Just to run basic services, we have 10 different servers. Also, if it were easier to manage, that'd be useful."
"The solution is not the best or the fastest available."
More Symantec Identity Governance and Administration Pricing and Cost Advice →
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Symantec Identity Governance and Administration is ranked 9th in User Provisioning Software with 65 reviews. One Identity Active Roles is rated 8.6, while Symantec Identity Governance and Administration is rated 7.6. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Symantec Identity Governance and Administration writes "Works well on-premises and has partial capabilities but lacks many feaures". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Softerra Adaxes, whereas Symantec Identity Governance and Administration is most compared with SailPoint IdentityIQ, AlertEnterprise Enterprise Guardian, SAP Identity Management, Microsoft Identity Manager and Cisco ISE (Identity Services Engine). See our One Identity Active Roles vs. Symantec Identity Governance and Administration report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.