We performed a comparison between One Identity Active Roles and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"It gives us attribute-level control and the AD management features work very well."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"The solution is stable."
"The solution is easy to scale."
"It offers a nice price. It's mid-range."
"It's a very useful tool that has improved our client's security, from day one."
"I like that it is easy to diagnose. It has a version of a virtual appliance so we can download it, run it, configure it, and it would take about 10 to 15 minutes to configure the cluster or so."
"Automated provisioning removes manual labor and manual provisioning."
"I've used it to manage users, create and update, delete users, change passwords, and assign and change rules."
"It is easy to use, and does not requires an extensive programming or development background."
"Self-registration and self-service password management are valuable features. The role modeling feature is also very useful. It allows you to model your enterprise role."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The way you can search groups could be better."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"The ability to send logs to a SIEM would be very beneficial."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"Symantec is only on-premises, not on the cloud."
"Integration capabilities with other solutions and formats, including JSON, could be improved."
"They provide a framework to develop your own connectors. A connector is a piece of software that integrates with the solutions that are not a part of the support matrix. Currently, it is difficult to create these connectors in this solution. Other solutions, such as NetIQ Identity, provide a better way to create your own connector. Currently, there is no cloud version. It should have a cloud version."
"The product works slowly while accessing cloud-native solutions."
"The product has a lot of need for improvement. Our issues are being raised back to the vendor as enhancements."
"In the next release, there should be provisioning of your certifications."
"The drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems. And if they could connect it to GRC systems, that's good to have in an identity product."
"We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules."
More Symantec Identity Governance and Administration Pricing and Cost Advice →
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Symantec Identity Governance and Administration is ranked 9th in User Provisioning Software with 65 reviews. One Identity Active Roles is rated 8.6, while Symantec Identity Governance and Administration is rated 7.6. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Symantec Identity Governance and Administration writes "Works well on-premises and has partial capabilities but lacks many feaures". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Softerra Adaxes, whereas Symantec Identity Governance and Administration is most compared with SailPoint IdentityIQ, AlertEnterprise Enterprise Guardian, Microsoft Identity Manager, SAP Identity Management and BeyondTrust Endpoint Privilege Management. See our One Identity Active Roles vs. Symantec Identity Governance and Administration report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
