We performed a comparison between NetIQ Identity Manager and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main value lies in the simplicity of implementation, as well as its customized look and feel."
"The most valuable features are Password Reset Alerts, Password Sync, and SQL connectors."
"It's a very flexible tool, so you can synchronize multiple sources of data and you have multiple connections to various kinds of systems."
"The access request management has improved significantly in terms of its user interface. What sets it apart from competitors like SailPoint is that it's an event-based solution rather than schedule-based. That's a key differentiator."
"The most valuable feature of NetIQ Identity Manager for identity synchronization is the ability to provide users with all necessary access on day one through automated provisioning, facilitated by approval workflows."
"The product is easy to use."
"The most valuable features of NetIQ Identity Manager are the synchronization of different directories, such as Active Directory. We have many Active Directory systems, not only one."
"I like the eDirectory feature."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"It gives us attribute-level control and the AD management features work very well."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"Secure access is the most valuable feature."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"The solution architecture is somewhat complex. For some components, the necessary resilience is not inherent."
"The integrations must be made easier."
"There's no huge thing missing, because it's already comprehensive. Now and then, however, there might be a minor issue."
"It needs some modern features. They should improve and modernize their management interface. It has been created over years and by different persons. You can see different applications, different management consoles for different things. There should be an integrated interface."
"NetIQ Identity Manager could improve by updating the user portal, it is out of date."
"Areas for improvement are further enhancing the access granting process to reduce time and improve accuracy."
"We have another system that is using the SAML system, and we also integrate with Active Directory only. If NetIQ Identity Manager can integrate directly, we would not need to use the Active Directory directory."
"If it could be operated in such a way that anybody could use it, with just the user interface, and there's no need for programming, then that would be a great improvement."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"The solution needs an attestation process that includes certification and recertification attestation."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
NetIQ Identity Manager is ranked 8th in User Provisioning Software with 17 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. NetIQ Identity Manager is rated 7.8, while One Identity Active Roles is rated 8.6. The top reviewer of NetIQ Identity Manager writes "If it works, Designer is a charm, but it can be a pain to keep updated". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". NetIQ Identity Manager is most compared with SailPoint Identity Security Cloud, Microsoft Identity Manager, CyberArk Privileged Access Manager, Microsoft Entra ID and Omada Identity, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager and Okta Workforce Identity. See our NetIQ Identity Manager vs. One Identity Active Roles report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.