What is our primary use case?
We primarily use it for delegating access permissions to help desks, for example. We use it to automate certain things, like onboarding new users, or deprovisioning leaving users. When we add somebody to a group, it triggers some kind of automation workflow. Lastly, we use it to sanitize data entry, so to make sure that capital first letter in the street name is used, certain zip codes aren't allowed, others are, etc., so data is controlled.
How has it helped my organization?
It helps mitigate the risks. With traditional native active directory delegation, it becomes real messy, real fast. You lose oversight on who has access where. We are an acquisition merger company, so we let go of certain companies and onboard new ones. With native delegations, you lose track of who has access where. With Active Roles, we can always see who has access and what they can do in a very granular way. You can modify the street name but you can't modify the city for example. Or you can modify the picture, but not the names and so that granularity is not available normally.
This product has eliminated a lot of tedious IT tasks, especially when people leave. There are about 10 or 15 actions that Active Roles does, scripted, in the same way, each time. It used to literally be a list of things that the admin would do, like: hide the mailbox, disable user, remove the groups, etc. Also, the auditing history that it keeps is very handy for us. We have a change record of what's been done to a user, who did it, and when they did it, which really helps us out.
We really needed this kind of product for its Active Directory delegation. We could not allow everyone to have native access to our Active Directory. The delegation bit was really the trigger. Automation is also a major reason we use UiPath. There was just so much room for human error that we wanted to script activities rather than rely on the admins to know what to do. This is especially important now that we are outsourcing many activities and dealing with a changing audience. In order to make sure that everybody does the same thing at the same time, tools like these make sure that you do everything in a structured manner.
What is most valuable?
The value for us is that it resembles the native tools that most people have grown accustomed to. Most people come from another company where they may not have used Active Roles. Active Roles resembles traditional tools like Microsoft's, which is really good because it eases the way people interact with the tool.
AD and AAD management features are really good. They're better than native tools; they offer an added value. They show more fields than traditional tools, such as password age and status of things that you normally wouldn't see. We still have the mailbox and user information all on one screen, whereas in native tools, you need two tools to show that information.
What needs improvement?
Active Roles works with policies and access templates, as well as workflows, which are really powerful. While it comes with a lot of example policies and access templates, there are zero built-in workflows. I would personally love for it to come with 10 to 20 sample workflows that achieve a certain task but are not enabled by default. In that case, I would be able to just look at those to see how it's done. I could clone them, copy them, and modify them to how I want them. Then I would be good to go, rather than having to reinvent things from scratch.
For how long have I used the solution?
We've been using UiPath for about 10 or 15 years.
What do I think about the stability of the solution?
The solution is very stable. Even if components lose connectivity, or the database dies, as soon as it comes back up, it just reconnects and goes.
What do I think about the scalability of the solution?
It covers all we would like to do. It's scalable; you can make it replicate databases. We don't use a lot of those features, but it is very scalable.
How was the initial setup?
It needed a bit of getting used to, in terms of where you set what, but once you get the hang of it, it's really straightforward.
What was our ROI?
I think we're just paying for mitigating risks. There is the risk of leaving all authorized access behind and the risk of having Active Directory pollution. With that comes a risk of people getting access that they shouldn't have or having multiple accounts for the same thing. There's no money or value added from using the solution, but there is risk management. That is really what you pay for.
Which other solutions did I evaluate?
We did consider using the Microsoft solution because it's free and built-in, and that's what everybody does. However, when you grow beyond a certain ping, or scope, you find out that it just does not cut it anymore. We also considered using other tools, but at the time, I think Active Roles was very much alone in this world. I have to admit, now there are other vendors available, which I don't have any personal experience with, but on paper, they seem to do a bit of the same thing. At the time, though, there was simply nothing else that could even come close.
What other advice do I have?
I would rate UiPath as nine out of ten. There's always room for improvement. This is definitely, really up there.
Start Your UiPath Free Trial
Accelerate your digital transformation now with free access to the UiPath Platform