One Identity Active Roles Benefits

Michiel Simon
Technical Manager of Security at Liberty Global
It helps mitigate risks. With traditional, native Active Directory delegation, it can become really messy, really fast. You lose oversight on who has access where. We are an acquisitions and mergers company so we let go of certain companies and we onboard new ones. With native delegating, we can lose track of who has access and to what. With Active Roles, we can always see who has access, what they can do, in a very granular way. A user can modify the street name, but can't modify the city, for example; or can modify the picture, but not the names. That granularity is not normally available. It has eliminated a lot of tedious IT tasks, especially when people leave. There are ten or 15 scripted actions that Active Roles does, always the same way and at the same time. Before, there would literally be a list of things that the admin would have to do, like hide the mailbox, disable the user, remove the groups, etc. Also, the auditing history that it keeps is very handy for us. It gives us a change record of what's been done to a user, who did it, when they did it, and that really helps out. And now that we are outsourcing a lot of activities, we're dealing with a changing audience. Tools like this make sure that they do everything in a structured manner, that everybody does the same thing at the same time. View full review »
Sameer Palav
Managing Director at a tech services company with 51-200 employees
* Heavily Automates - it will automate the entire provisioning, re-provisioning, de-provisioning and undo-de-provisioning tasks * Complete Audit Trail - it gives an audit trail for each and every activity * Increase in accountability – various tasks can be enabled for approval. * Virtual Firewall against AD/Exchange - it helps protect Active Directory and Exchange exposure to administrators and engineers * Escalations – it helps escalates tasks if not acted upon in a stipulated time frame * Security – * it helps in increased security as every employee will have correct resource access depending upon the business policies * user account is disabled and user is removed from the security groups which prevent misuse of user credentials View full review »
David-Fernandez
CTO at BeClever IT Solutions
We are working with a customer now who is having some problems with their permissions and delegations, because a lot of users have to do administration activities in the Active Directory. Now, they have been given domain administrators. However, with this solution, they are skipping all the domain administrators and keeping the normal users, which is fantastic for them because some of the personnel are basic IT technicians without the knowledge of AD advance features. Our customers were afraid of errors being caused by these people, so they can avoid these errors in the new environment. This solution eliminated tedious IT tasks with provisioning. We have a lot of customers who prefill, or have only a list of values, for some fields. View full review »
Find out what your peers are saying about One Identity, CyberArk, OneLogin and others in Access Management. Updated: June 2019.
353,754 professionals have used our research since 2012.
Ferhat Karakoyun
Senior Solution Consultant at a tech services company with 51-200 employees
When a new employee is hired, we create a new Active Directory (AD) user in a related department (Organizational Unit) with a random generated password, then give that user some AD rights. Also, we create an exchange mail user for this user on cloud or on-prem and inform that user by sending a notification mail or SMS. We did similar things in other systems and did all the process manually before Active Roles. That means lots of workload and manual processes. Active Roles provided us to do all these operations automatically and reduced our workload very significantly. View full review »
Identity0bf3
Identity Senior Analyst at a Consumer Goods with 10,001+ employees
It's improved things because we don't have "cowboy changes" being made to AD without us knowing about it. People still have to do the things they need to do, but we can now make sure that they don't inadvertently do something they shouldn't. It hasn't saved us time in terms of what needs to be done, but it has saved us time in terms of not having to go back and fix stuff when people have made mistakes. View full review »
Emre Yardımcı
Solution Consultant at a tech services company with 51-200 employees
* Automation of manual identity management operations (provisioning and deprovisioning). * Solving security and compliance issues is easy. * Operational issues are much easier and more reliable with Quest ActiveRoles's directory layer and portal. View full review »
Find out what your peers are saying about One Identity, CyberArk, OneLogin and others in Access Management. Updated: June 2019.
353,754 professionals have used our research since 2012.
Sign Up with Email