We performed a comparison between One Identity Active Roles and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"Secure access is the most valuable feature."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"It is easy to use, and does not requires an extensive programming or development background."
"It has improved our user management. It is definitely streamlined."
"Provisioning engine (on the back-end, separate from front-end components, that's part of layered architecture)."
"Self-registration and self-service password management are valuable features. The role modeling feature is also very useful. It allows you to model your enterprise role."
"When comparing it to other products, you can set up CA IAM in a PoC very quickly to demonstrate its provisioning capabilities."
"It offers a nice price. It's mid-range."
"I've used it to manage users, create and update, delete users, change passwords, and assign and change rules."
"The solution is easy to scale."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"The solution needs an attestation process that includes certification and recertification attestation."
"They should easier and better integration with other software."
"The product works slowly while accessing cloud-native solutions."
"There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration. What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration."
"Identity Manager has a lack of entitlement support, unlike other products that I have worked with."
"The Identity tool needs to do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point."
"Symantec is only on-premises, not on the cloud."
"In the next release, there should be provisioning of your certifications."
"Although the capabilities are there, the user interface needs to be redesigned and the opportunities for integration should be improved."
More Symantec Identity Governance and Administration Pricing and Cost Advice →
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Symantec Identity Governance and Administration is ranked 9th in User Provisioning Software with 65 reviews. One Identity Active Roles is rated 8.6, while Symantec Identity Governance and Administration is rated 7.6. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Symantec Identity Governance and Administration writes "Works well on-premises and has partial capabilities but lacks many feaures". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes, whereas Symantec Identity Governance and Administration is most compared with SailPoint IdentityIQ, AlertEnterprise Enterprise Guardian, Microsoft Identity Manager, SAP Identity Management and BeyondTrust Endpoint Privilege Management. See our One Identity Active Roles vs. Symantec Identity Governance and Administration report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.