We performed a comparison between Microsoft Entra ID and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Single Sign-On (SSO) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Authenticator is highly secure."
"The most valuable features of this solution are security, the conditional access feature, and multifactor authentication."
"The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD."
"The solution scales well."
"The technical support is pretty good."
"Two very important features in terms of security are governance and compliance through the Conditional Access policies and Azure Log Analytics."
"The most valuable feature is the conditional access policies. This gives us the ability to restrict who can access which applications or the portal in specific ways."
"The most valuable feature of this solution is that is easy to use."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"It gives us attribute-level control and the AD management features work very well."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"Secure access is the most valuable feature."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"The downside of using a single password to access the entire system is that if those credentials are compromised, the hacker will have full access."
"A nice feature that is not currently present, would be if they had some visualization tools."
"Azure AD needs to be more in sync. The synchronization can be time-consuming."
"You can manage the users from the Office 365 administration center, and you can manage them from Azure Active Directory. Those are two different environments, but they do the same things. They can gather the features in one place, and it might be better if that place were Azure."
"Its area of improvement is more about the synchronization of accounts and the intervals for that. Sometimes, there're customers with other network challenges, and it takes a while for synchronization to happen to the cloud. There is some component of their on-prem that is delaying things getting to the cloud. The turnaround time for these requests is very time-sensitive. I don't mean this as derogatory for this service, but in my experience, that happens a lot."
"When it comes to identity governance, the governance features in Azure AD are very focused on Microsoft products. I would like to see those governance and life cycle management features offered for non-Microsoft products connected to Azure AD."
"Technical support could be better."
"The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water... We get some type of hiccup once a quarter."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"Most of the time it just works."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The way you can search groups could be better."
Microsoft Entra ID is ranked 1st in Single Sign-On (SSO) with 190 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Microsoft Entra ID is rated 8.6, while One Identity Active Roles is rated 8.6. The top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Ping Identity Platform and Okta Workforce Identity, whereas One Identity Active Roles is most compared with ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager, Softerra Adaxes and NetIQ Directory and Resource Administrator. See our Microsoft Entra ID vs. One Identity Active Roles report.
We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.