Over 252,993 professionals have used IT Central Station research.
Compare the best User Provisioning Software vendors based on product reviews, ratings, and comparisons.
All reviews and ratings are from real users, validated by our triple authentication process.
The total ranking of a product, represented by the bar length, is based on a weighted aggregate
score. For Views, Comparisons, Reviews, and Followers the score is calculated as follows: The
product with the highest count in each area gets the highest available score of 17.5 points.
Every other product gets assigned points based on its total in proportion to the #1 product in
that area. For example, if a product has 80% of the number of reviews compared to the product
with the most reviews then the product's score for reviews would be 17.5% (weighting factor) *
80% = 14. For Average Rating, the maximum score is 30 points awarded linearly based on our
rating scale of 1-10. If a product has fewer than ten reviews, the point contribution
for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews;
two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old,
as well as those written by resellers, are completely excluded from the ranking algorithm.
The best part of Oracle Identity Manager is how well it will align to the business. There are features that are more generally required by business and you can easily get them with Oracle Identity Manager. If you compare it with Azure, with... more»
When I joined my project, they had been using a meta directory for identity management and application provisioning. There were around 150,000 active accounts, out of which many were redundant. They had left the organization 10 years ago.... more»
One thing is the size of the infrastructure that is required for Oracle to implement. In addition, the maintenance cost and pricing. With an Oracle implementation, we need to have a high availability of infrastructure where you need a minimum... more»
* The GUI is very impressive and clean (even cleaner and minimalistic in v7). * JobQueueInfo does an amazing job tracking all processes. * Synchronizations are easy to set up. * Reporting capabilities are fantastic once you get the hang of... more»
* Auditing becomes easier from an admin perspective. * There is more control over everything. * Processes are much better defined. * People tend to take some functional roles much more seriously. There were some roles that were very old in... more»
* DBQueue processes can bottleneck the system at times. In v7, its apparently re-architectured, and is better. There can be too many of them and they process very slowly, causing actual processes to take a lot more time to complete. * There... more»
I like the core functionality of what IBM provides, like provisioning the triggers. Also, how you can maintain not only SAP back end systems, but non-SAP. The functionality that IBM provides if you're able to implement a certain logic, and if... more»
The current functionality allows you only to change one user at a time. There is no option to maintain the business roles from the UI using like standard validation, imports, or whatever you have to build your business roles one by one.... more»
Automation of access provisioning, maintenance, and de-provisioning based on HR employment status. The ability to add in different applications for proper lifecycle management was critical to a successful and streamlined business operation.... more»
This is based off using Account Courier and Password Courier exclusively, and may not be indicative of more recent features included in the platform. The entire provisioning and management process needed to be driven by manually developed... more»
Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites. These are heavily customizable and can fully integrate with in-house provisioning systems.
Allows users to use a single password across a set of multi-tenant application suites. This would have otherwise required 50-100 unique passwords per application. This allows the user to inject a centralized password (a.k.a. authentication... more»
The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available. The majority of the "IMS profiles" we use are too dangerous to... more»
WebSEAL is a reverse proxy web server that performs authentication and authorizations. It is similar to CA SiteMinder Secure Proxy Server. The advantage of WebSEAL is that WebSEAL supports SPNEGO protocol and Kerberos authentication to... more»
The combination of TAM with IDM in IBM Tivoli Identity Manager helped us to realize robust and secure authentication infrastructure in accordance with industry regulations and laws. * Providing centralized authentication authority and enforce... more»
Due to a constraint of the built-in browser in a Handy phone (called NTT i-Mode), the former version of TAM could not be used in the Japan market. The issue was resolved by the decline of Japan-specific Handy phones. Cookies were not... more»
* Role Based Access Control * Provisioning, Re-provisioning, De-provisioning and Undo-De-provisioning policies * Data validation policies * Workflows * If Then Else statements * Approval Workflows * Schedule Workflows * Escalation * Virtual... more»
* Heavily Automates - it will automate the entire provisioning, re-provisioning, de-provisioning and undo-de-provisioning tasks * Complete Audit Trail - it gives an audit trail for each and every activity * Increase in accountability –... more»
* Web console – it should have more customization options in terms of look and feel of the landing page * Workflow policies – Additional policies for folder access provisioning * Bring back attestation – Attestation feature is dropped from... more»
Over time, it will improve the way my organization functions. We've had some challenges as far as rolling it out, but that's the goal. We have a consistent set of processes, so we need a consistent toolset to be able to disperse across our... more»
One of the things they don't have is, they don't provide support for what are called service accounts, non-human accounts, non-human IDs. That's critical. In addition to that, we have some role mining capabilities that Oracle really hasn't... more»
* Identifies, debugs and models the privileges of your organization, adapting it to business strategies. * Helps discover roles based on available patterns. * Enables review campaigns to certify user privileges, roles and resources,... more»
In the processes where we need to analyze data, IG has enabled and facilitated the analysis of privileges, generation of roles to cover RBAC and integrate with the solution of Identity Manager, as well as the compliance aspect by the... more»
The administrative part is not very intuitive. Actually I think it is because it requires specialization and knowledge in what is done. I found an option to import specific information, but the functionality was non-existent so they have to... more»
As a company, the most valuable feature that we have is our almost real-time feed from our HR systems into CA Identity Manager, which then feeds down to all of our directories or applications that an employee could potentially need to access.
The multitude of end-points that we can connect to, whether it is an out-of-the-box connector or through a JNDI or a JDBC connection. We can connect to just about every application that we so far have tried to connect to with relative ease.
One of the biggest features that we are looking at is more cloud-based options. Right now, there is a connector to Office 365. While it is okay for smaller companies like us, as a 300K plus operation, it is not really quite where it needs to... more»
The most valuable features are the comprehensiveness; the whole identity lifecycle management; the centralized view of people requesting access to provisioning, to SLD, and to access review; basically, the whole suite. The features are there.... more»
I would like them to focus on profile-based provisioning and make what we call the birthright access management. We need to have an easier way for people to find out the birthright rules and based on the birthright roles, the people get... more»
* Highly customizable is one of the main advantages of the ForgeRock product. I personally like the Custom Authentication Modules design. * Ability of ForgeRock support and its development team to provide patches and functionalities. * Highly... more»
For the current client environment, we have started with ForgeRock OpenAM 13.0.0 version and asked for many patches and features for our solutions. The ForgeRock team added functionalities in the form of patches and version upgrades so... more»
Similar to other products, they do have some improvement scope the in the documentation part. I do feel they became more organized and better, in terms of documenting, as they are growing with the new versions, but there is also more scope.... more»
A number of new features, such as application firewall and load balancer, were added to this solution. These features are no longer available as a software version, but only as an appliance (virtual or hard). The same appliance firmware... more»
It acts as a reverse proxy, a single point for authentication and authorization. Advanced access control introduces adaptive or risk-based authentication. Federation makes it possible to federate using SAML and OAuth.
I would like to see the possibility to administer the appliances from one “master” appliance, instead of having to log in to each particular appliance. If you have for example 4 appliances, two act as reverse proxy and two as master... more»
For many years we had Novell eDirectory as the main directory, to which was added LDAP, AS400, Active Directory, Google, and SAP. The greater strength was to keep the identities synchronized without failures in both attributes and passwords.... more»
We had a 20 year old provisioning system which was built primarily for manual activities. Identify Manager helped us move to a more automated model with fewer manual interactions. This definitely had a lot of added value for us.
Keeping up with the market and support for functionality and other core endpoints like Active Directory and Exchange that right now seems to be missing. So it needs a little more work around keeping up with what the industry is going.
Currently, it is only for select users, but the infrastructure is in place to expand to a larger group. The increased security for those users is beneficial, as well as getting them used to the app. Just getting used to 2FA is a benefit, as... more»
The gateway server is a RADIUS server, but it lacks the functionality of returning RADIUS attributes other than those that are required for the gateway to authenticate the users. This could be improved a lot by providing additional values,... more»
* The xPress technologies Through the implementation of "Identity Suite Virtual Appliance" have created a supremely quick and convenient way to install with even high availability. Multiple scenarios available on a single console.
It has increased our automation and maintenance of SLA security functions. Additional compliance of all activity relate to provisioning, self-service, and all critical transaction of security management.
The following is a list of features that I have observed being used by my client that I have implemented: 1. User identity provisioning & lifecycle management 2. User Identity Profile/Attribute management 3. Self-Service Tool for end-user... more»
I have seen an organization benefit through the automation of mundane repeat tasks related to setting up user identities, and managing user access as per a defined role. One of the key business driving factors for OIM implementation has been... more»
The underlying architecture of the product is quite complex and hard to maintain and troubleshoot. Self-Service capabilities are quite limited, and the out-of-box capabilities are limited and customizations are quite complex.
* Installation process * Technical support * More relevant documentation about specific parameters (as I still have no clue what they are responsible for) * Better documentation for HA and clustered setup especially with F5 Load Balancers
Its value for us comes from the fact that it allows us to manage the entire identity lifecycle, including the on-boarding (provisioning), off-boarding (de-provisioning), modifications to the identities, self-service, password management, and... more»
It helps in streamlining the identity lifecycle management, beginning with bringing in an employee, contractor or partner into the system to until the day they leave the organization. It also streamlines many front desk operational tasks such... more»
Features need to be implemented that take into consideration solutions and products outside the Oracle stack. The industry is moving towards more generalization to compete in the market, and Oracle has to adapt to those changes.
What do our users think about their Identity and Access Management tools?
What do users discuss in their identity and access management reviews in 2017?
What have their experiences been this year?
In the excerpts below, users discuss valuable features and room for improvement for the following... more»
Business requirements analysis and building solution architecture, high level design, detail level design documents and implementation of integrated enterprise solutions
Technologies : WebLogic 11g, Oracle API(or Enterprise) Gateway (OEG Server, Policy Studio, Policy Center, Service Monitor... more>>
10+ years of experience in Information Security covering areas of both enterprise and consumer security – Identity & Access Management. Played various roles in last 10 years across Implementation, Architecting, Design & Development, Support, Pre-Sales, across multiple organizations.
Microsoft Forefront Identity Manager
Microsoft Identity Lifecycle Manager
Microsoft Active Directory Federation Services
IBM Tivoli Access Manager
IBM Tivoli Identity Manager
IBM Tivoli Federated Identity Manager
IBM Tivoli Directory Server
IBM Tivoli Enterprise Single Sign... more>>
I have more than 4 years of experience in the field of Oracle Products and have worked on integrating Oracle Banking Platform with many other Oracle Products.
* Oracle Application Development Framework (ADF)
* Oracle Service Oriented Architecture... more>>
A results-driven and customer-focused Software Engineer with 11+ years of IT experience. A Engineer with very strong understanding of IAM concepts and processes and experience in the design and/or architecture of complex security and IAM solutions as well as products.
Last 10+ years working in... more>>
I have been for many years (17) an Innovative 'Business Technology' pursuer, looking to leverage Information Technology to meet the Business Goals and beat the Business Challenges in fast growing and changing Enterprise Business Environments.
10 years of experience and specialises in the design and implementation of enterprise Account Provisioning Systems. Other experiences cover payment gateways, secured mobile FMCG, and secured web applications
a) Total IT Experience - 10 Years
b) Security... more>>
Identification of business needs, Collection of requirements, architecture, Mid-tier and UI design, implementation, testing, deployment and maintenance,
Identity Management Administration and Development
Sr. Consultant with more than 10 years of experience in understanding Business Data flows and designing & coordinating Data Interfaces
Enterprise Solutions implementation, HR and other interfaces, Technical strategy and management
Not sure which User Provisioning Software solution is right for you?Download our free User Provisioning Software Report and find out what your peers are saying about Oracle, SailPoint, CA Technologies, and more!