We performed a comparison between One Identity Active Roles and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"Secure access is the most valuable feature."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"It gives us attribute-level control and the AD management features work very well."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"It is easy to use, and does not requires an extensive programming or development background."
"The product is relatively easier to use than other identity management products."
"Using the implementation guide, I was able to implement the solution with ease."
"Governance."
"Self-registration and self-service password management are valuable features. The role modeling feature is also very useful. It allows you to model your enterprise role."
"Streamlines user access, consolidates applications."
"It has good endpoint support and endpoint connectivity to different versioning endpoints."
"It has improved our user management. It is definitely streamlined."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"The solution needs an attestation process that includes certification and recertification attestation."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The way you can search groups could be better."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"They provide a framework to develop your own connectors. A connector is a piece of software that integrates with the solutions that are not a part of the support matrix. Currently, it is difficult to create these connectors in this solution. Other solutions, such as NetIQ Identity, provide a better way to create your own connector. Currently, there is no cloud version. It should have a cloud version."
"In the next release, there should be provisioning of your certifications."
"They should easier and better integration with other software."
"The drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems. And if they could connect it to GRC systems, that's good to have in an identity product."
"The product has a lot of need for improvement. Our issues are being raised back to the vendor as enhancements."
"The development process to create this connector is not as easy as I would like."
"Provisioning has a dependency on Windows."
"I find the API boring. I also faced issues while integrating with CA SSO."
More Symantec Identity Governance and Administration Pricing and Cost Advice →
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Symantec Identity Governance and Administration is ranked 9th in User Provisioning Software with 65 reviews. One Identity Active Roles is rated 8.6, while Symantec Identity Governance and Administration is rated 7.6. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Symantec Identity Governance and Administration writes "Works well on-premises and has partial capabilities but lacks many feaures". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes, whereas Symantec Identity Governance and Administration is most compared with SailPoint IdentityIQ, AlertEnterprise Enterprise Guardian, Microsoft Identity Manager, SAP Identity Management and BeyondTrust Endpoint Privilege Management. See our One Identity Active Roles vs. Symantec Identity Governance and Administration report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.