We just raised a $30M Series A: Read our story

One Identity Manager OverviewUNIXBusinessApplication

One Identity Manager is #5 ranked solution in top User Provisioning Software and #6 ranked solution in top Identity Management (IM) tools. IT Central Station users give One Identity Manager an average rating of 8 out of 10. One Identity Manager is most commonly compared to SailPoint IdentityIQ: One Identity Manager vs SailPoint IdentityIQ. The top industry researching this solution is Computer Software Company, accounting for 29% of all views.
What is One Identity Manager?

One Identity Manager helps you mitigate risk, secure data, meet uptime requirements and satisfy compliance by giving your users access to data and applications they need and nothing more. IAM can be driven by business needs, not IT capabilities. With Identity Manager, you can manage user identities, privileges and security across the enterprise, putting you in control of identity management and taking the burden off your IT staff.

One Identity Manager is also known as Quest One Identity Manager, Dell One Identity Manager.

One Identity Manager Buyer's Guide

Download the One Identity Manager Buyer's Guide including reviews and more. Updated: October 2021

One Identity Manager Customers

Texas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies

One Identity Manager Video

Archived One Identity Manager Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
reviewer1214262
User at a tech services company with 201-500 employees
MSP
Enables us to find all sorts of questionable activity that we were able to address

Pros and Cons

  • "The short version is that we gained significant insight into the issues of access governance. This allowed us to turn an auditing nightmare into praise from our auditors."
  • "The support team could be improved on. The first level of support essentially looks up knowledge base articles and often can't provide the answer needed."

What is our primary use case?

Access governance related to audits.   

BAAN, AX, AS400, AD, Exchange, Footprints, several home-grown applications.

We had a relatively small AD (about 5,000 users) but our primary challenge was that all of the legacy systems in place, including multiple instances of BAAN that came from different M&A deals, each with their own configurations and entitlements. 

How has it helped my organization?

The short version is that we gained significant insight into the issues of access governance. One of our largest challenges was lacking insight into who had what access and where. For years access had been granted in an ad-hoc manner, mostly as "I need access like Sally" situations resulting in a mess of too much access son nearly every account in our organization.  Implementing an IAM system allowed us to turn this auditing nightmare into praise from our auditors, eliminating fines and cutting operational costs, paying for the implementation within a year. 

Additionally, we found all sorts of questionable activity that we were able to address. Using the built in policy tools we were able to identify those who went around controls and address them both stopping their unapproved activities as well as getting feedback to improve the IAM interaction with the company. The loss of unapproved access also stopped a few cases of potentially criminal activity that came to light because of our new found trove of data but further details cannot be shared. 

The amount of useful data we were able to gain immediately after a basic implementation was exceptional. Within days of installing the product in production and well before the official go-live we were able to create meaningful reports of all sorts and start correcting missing and wrong data as well as access control issues. We had tried system cleanup projects before and had some success but correcting our data in earnest began once we could see everything in one place.  

As the project matured we were able to move more and more out of the hands of IT and into the hands of the LOB representatives. Which in turn both improved the business' view of IT as a whole and allowed IT to focus on other projects and trim staffing levels on low tier work, moving those employees to more important work and helping some of them grow their careers. 

The value gained by taking control of your access data and walking the path towards governance is immense and the progress we made inspired me to pursue a career helping other companies achieve the same success. I would recommend that every company undergo an IAM project especially if they have nothing in place now. 

What is most valuable?

In dollars: access reviews. In QoL: Entitlement requesting, Approval workflow, and Attestations. 

At the start of our project, IT was considered a burden by most of the company. One Identity's easy to set up requestable items and the associated smart approval workflows gave IT the power to become a hero to the company. Eventually we had lines of business coming to us with requests to integrate more and more into the self-service portal. Then on top of that, the existing attestation cycles allowed us to confidently know for certain that correct access was issued and maintained across the company. 

What needs improvement?

My largest issue with the product is the ability to customize the web portal. There is a tool that allows this to happen but it is difficult to use (except for minor changes like logo, color scheme, or basic edits, such as displayed columns on an object. Then, to make it worse, the documentation is not helpful at all in describing what pieces do or how to use them. Even after training, I would not be confident in attempting any large change to the portal. 

For certain, this is the area that I think needs the most improvement from the current state. 

For how long have I used the solution?

I have been using One Identity Manager for six years.

What do I think about the stability of the solution?

The stability is fantastic. 

Your real stability issues are going to come from SQL and not the product itself. There are redundancies built into any general implementation and always-on availability is expected. If you are already running your SQL in an always-on way, the chance of downtime with One Identity is essentially zero. 

Upgrading from one version to another is the only potential issue. You have to have an outage to perform it. There are ways to make this smooth but it is the one area where stability could be an issue. 

What do I think about the scalability of the solution?

The solution scales very well. I have experienced issues when attempting to scale to the largest companies. However, when we did encounter issues, One Identity did a fantastic job of providing the resources and fixes needed to scale the system to millions of identities. 

How are customer service and technical support?

The support team could be improved on. The first level of support essentially looks up knowledge base articles and often can't provide the answer needed. This could be skewed because any issue we couldn't solve with our implementation partner was certainly not a level 1 issue. However, even with One Identity knowing that we would have to deal with bad level 1 before we could get someone who could actually help on the line. 

However, to give a positive side, any time there was an emergency they were very quick to get the right resources on the issue, even when it meant waking people up in the middle of the night.  

Which solution did I use previously and why did I switch?

We did not have a solution in place. This was a greenfield project. 

How was the initial setup?

The initial setup was very, very easy. 

Our complexity all came from integrating outside systems. The out-of-box experience with One Identity was genuinely fantastic.

What about the implementation team?

We used a 3rd party partner of One Identity as well as trained an in-house team to administrate and extend the system.

The partner was extremely knowledgeable and in a couple of cases more so than the vendor. We were extremely happy with the outcome of their work. 

What was our ROI?

Our ROI is very, very large. 

We eliminated ongoing SOX violations and associated fines.

Additionally, and without including the above, we were able to see savings in IT costs greater than the cost of our implementation within one year. A significant portion of this came from moving our most common help desk requests into self-service. 

The example I would give as the largest of these is Baan. Traditionally, a ticket was submitted, then tier 1 moved it to the Baan team who was responsible for both access and troubleshooting. Baan was significantly understaffed and the turnaround was slow. When they did address the ticket it would require calling managers and attempting to figure out what access they actually needed. Turn around was 2 to 3 weeks PER REQUEST. By defining roles with the business (a huge task in itself), creating self-service requestable items, creating approval flows, and automatically producing formatted tickets to Baan (direct connection to add access was not available to us) we were able to reduce the turn-around time to less than a day. Freeing up resources to do more important work. 

Finally, we were able to change the perception of IT nearly company-wide. While this has no dollar amount attached this is probably the most significant return we experienced. 

What's my experience with pricing, setup cost, and licensing?

One Identity genuinely provides one of the lowest costs for the initial setup of any product while still being a robust suite of tools. Price was a major driving factor in or choice to use One Identity. 

Which other solutions did I evaluate?

We did evaluate multiple other options before choosing. Hitachi ID, Salesforce (they really do have an IAM offering), Oracle.

What other advice do I have?

My advice would be to implement the out-of-box product and pull in your initial data sooner rather than later. Planning is needed but I assure you that you likely don't know how much of a mess you're in, especially if you have no IAM solution already in place. 

The OOB data collection will help shed light on the issue you have and have yet to discover then you can craft robust solutions to tackle them.

Involve HR, involve your process owners, involve your business unit leads. Ultimately, you want to use a tool like this to empower your business to make decisions and engage in self-service. It may be difficult at first but if you involve them and try to meet their needs you can turn IT from a burden into the hero of your company. 

Work with a partner. While the vendor has great staff and is very knowledgeable, ultimately the partners are the ones who can really help you make the magic happen. All partners have the ability to engage the vendor directly should the need arise. You can save a significant amount of cost by going this route. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Eva Ferk
Identity Manager at University of Maribor
Real User
Our users now have just one digital identity

Pros and Cons

  • "It gives the best user experience, enabling us an overview of all user entitlements."
  • "This solution is better on the IT personnel, because now they spend less (or almost no time) managing user rights."
  • "The initial setup was complex. We have a lot of different systems. The journey from implementing to joining all the systems was difficult."
  • "The performance could use improvement. Sometimes synchronizations take too long."

What is our primary use case?

We had several tools over time to try to gain control of IAM, but none of them were capable enough for our needs. We simply had too many systems to work with. We wanted one digital identity for each user and a comprehensive view of each user’s entitlements.

How has it helped my organization?

Before the implementation, it was necessary to create user accounts to give access to every single information system and application. A lot of resources were needed for development, implementation, support and control of identities and their entitlements. Employees had up to ten credentials for various applications. Now, our users have just one digital identity for all of our systems.

One Identity Manager provides one digital identity for each of the university’s 20,000 users. It also unifies and automates all processes in staff’s and student’s lifecycle by interfacing with other university systems. IAM is now more transparent to IT, students and staff, and helps reduce risk by automatically controlling access according to a user’s status.

This new approach to IAM has created huge efficiencies for IT, especially when it comes to managing more than 300,000 rights. Compared to the situation we had before, IT staff now spend less or almost no time for managing identities and rights.

We are located in Europe, so GDPR is a must for us. So, One Identity solution is helping  with this topic too.

What is most valuable?

  • It gives the best user experience, enabling us total transparency in user access rights.
  • We unified business processes for students and staff at enrollment/hiring/graduation/termination of contract in all organizational units of the university.
  • It reduced risks by granting adequate access rights to users.
  • The best feature is that HR finally took responsibility of it, so not everything is on IT.
  • The policy and role management features are important for identity management.

What needs improvement?

Improve the implementation of additional One Identity Manager’s features. This we are going to focus on after an upgrade to release 8.1 will be finished.

For how long have I used the solution?

6 years

What do I think about the stability of the solution?

Generally speaking, the solution has great stability, modularity and scalability. We have not had many stability issues until now. However, my opinion is there is still some space to improve performance. Sometimes synchronizations take too long.

Which solution did I use previously and why did I switch?

We had several tools over time to try to gain control of user accounts and their privileges. But none of the solutions were capable enough to cover all our our needs. We simply had too many disparate systems to work with. We wanted one digital identity for each user and a comprehensive view of each user’s entitlements. Plus, we needed to ensure we could control those entitlements easily.

We noticed that One Identity Manager was positioned well in Gartner’s Magic Quadrant for User Administration and Provisioning, based on its evaluation of One Identity Manager.

How was the initial setup?

The initial setup was complex. We have a lot of different systems. But, we started step by step with connecting active directory for employees to the IAM system and with data and business processes consolidation. Then, we used the same approach for all our students’ identities and related processes. Many processes we had to redesign, but the main benefit is the processes are much more simplified now. Yes, the journey from introducing One Identity Manager solution to joining all the systems was difficult, but we have reached our final goal.

What about the implementation team?

We have a valuable partner located in Slovenia, who is helping us with analysis and architecture. They advise us with many best practices and are responsible for the implementation and technical aspects of the solution.

What was our ROI?

This solution helped us to reduce help desk calls. Before the implementation, people were calling because they didn't have access to some systems, etc. After the implementation, we implemented the application access metrics - authenticated users may conduct only previously authorized transactions. Now, all our users have access to these applications when they get their digital identity. Thus, there are no more calls to help desk.

What other advice do I have?

While our journey to find a solution was tiring and we invested a lot of work and knowledge, our expectations have been reached and even exceeded. It's really good to invest time and money in a solution which offers you something that all users, not just IT, can use.

Sometimes, the solution is flexible. However, the customer should sometimes be flexible to the solution, as well.

Those who worked on this implementation now spend less time on user rights, etc. While it lowered their workload with this solution, they are now working on something else.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about One Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
543,424 professionals have used our research since 2012.
SK
Technical Support Analyst at a financial services firm with 1,001-5,000 employees
Real User
Secure solution that helps us complete tasks in the least amount of time

Pros and Cons

  • "The most valuable feature for me is the built-in security, which is the best that I have seen."
  • "A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory, on the fly."

What is our primary use case?

Our primary use case is to control access to our open source Unix and the app store games. This is a banking organization, so you don't want to give all of the rights to one person.

How has it helped my organization?

Using this solution means that our engineers do not need to log in to a domain controller as frequently. Rather, they can log in using One Identity and perform all of the administrative tasks. This is beneficial from a security perspective, and also helps to complete the task in the least amount of time.

It provides Authentication services and integrates Active Directory for open source operating systems.

What is most valuable?

The most valuable feature for me is the built-in security, which is the best that I have seen. The interface is also very good.

What needs improvement?

My only complaint about this solution is the price, as I think that the cost of the full user license is a little high.

A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory on the fly.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

I would rate the stability of this product a nine out of ten. This is the only tool that will comfortably help you work with Active Directory in other solutions. 

What do I think about the scalability of the solution?

It is scalable across infrastructures. It works with Windows, open source operating systems, and covers almost everything that you need. We have more than 4,000 users in this solution. Our organization keeps growing, so our base will forever be increasing.

How are customer service and technical support?

To this point, we have not had to reach out to the solution's technical support.

Which solution did I use previously and why did I switch?

Prior to using this solution, everything was done manually. Security was at risk of breach and we thought that we needed to be compliant.

How was the initial setup?

The setup of this solution was simple and straightforward. Any admin can do it by looking at the whitepaper.

The process of deployment took approximately one month. However, that is not because the process is complicated or time-consuming. In our case, being in banking, there are a lot of policies and processes that have to be followed before implementing a new solution.

One Identity does what we need it to do, so we do not require any other plugins or packs to run our solution. 

What about the implementation team?

One Identity sells everything that is required to deploy. We directly deal with them and do not use a vendor or a consultant.

What's my experience with pricing, setup cost, and licensing?

There is a one-time licensing cost, and there is also a yearly subscription fee. The fee is related to the number of users and is perhaps $6 or $7 per license per month. 

Which other solutions did I evaluate?

We did look at other options, but it boiled down to choosing One Identity with no second thought.

What other advice do I have?

My advice is to try this product first and then decide. In organizations with a large footprint of open source operating systems, such as Unix or Linux, security for them is a bigger concern, especially for banking. They should take advantage of using the evaluation version.

Overall, I would rate this product eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Massimiliano Ferrazzi
Senior Manager Global IT Operations at a healthcare company with 1,001-5,000 employees
Real User
Automation simplifies multiple-account and role management

Pros and Cons

  • "The connection with multiple systems is what makes it flexible. We can create the accounts flexibly, enabling access to other systems. In addition to Active Directory, it can extend to SAP, to Salesforce, to Office 365, etc."
  • "More integration with SAP and with the internet of things would be good. We also have system devices that we could manage as identities, so that would be a feature to add."

What is our primary use case?

We use it to manage all identities within the company. We use it to monitor users when onboarding and offboarding. We also use it for all the related accounts, such as SAP accounts and AD, to give permissions to our employees within these systems.

We do all the privileged management as well within One Identity Manager, which mainly consists of monitoring and control of users, especially who's changing what.

How has it helped my organization?

There are users within SAP, the so-called "firefighters," who need to have a little bit more access to SAP. They are the ones who are allowed to switch down modules, put down the systems, and so on. They require high-privilege access. One Identity helps us to monitor those activities and ensure that we make the changes that are required so the users will have those permissions.

When we have a request from HR for onboarding a new employee, before having One Identity, we had all manual processes. If the user was going to be assigned to a specific application, we needed to contact the responsible person on that team to open multiple tickets, multiple requests. Today, those activities, are completely managed by the Service Desk. That means we have reduced the time it takes for the onboarding process enormously. It used to take two or three weeks to do a full onboarding, but today we can do it in two or three days, providing access to the systems.

The solution has reduced Service Desk calls by 75 to 85 percent. In terms of automation with this system, we now have 94 percent coverage of our users and systems. That means we increase security as well, and not only reduce calls to the Service Desk.

In addition, when it comes to compliance, One Identity is used to cross-reference between the identities and accesses. This has improved the detection time of security events and has helped us with both data protection and compliance. One Identity is a main driver and helper in improving this area.

What is most valuable?

It's the automation. With One Identity you can have multiple accounts and everything is managed in the same system. You don't need to manage different systems at different times. With just one, you can do everything. It saves a lot of time for us and simplifies things.

In terms of the policy and role management features, through the automation that we have within the system, we are able to simplify those processes. The role management is really a great solution because we assign and define roles within the system and then apply them to the identities that we create for our employees.

It is definitely a flexible solution. The connection with multiple systems is what makes it flexible. We can create the accounts flexibly, enabling access to other systems. In addition to Active Directory, it can extend to SAP, to Salesforce, to Office 365, etc.

What needs improvement?

We are currently on an old system, an old version. We're working on upgrading to the latest version. So when it comes to cloud-IT strategy, for example, at the time we implemented this version it was not yet a consideration. We are now starting to develop this area, and One Identity will play a key role in our cloud strategy.

Most of the issues that we are suffering from today will be fixed with the new version.

The more we have integrations with other systems, for creation of user accounts for different applications, the simpler the scalability and the usability of the system will be. That's what will make our lives easier.

I've seen that in the new version we're going to have connectors related to ServiceNow. That's a huge feature that will be important for us because we're using that system. Salesforce integration, more integration with SAP and with the internet of things would be good.

We also have system devices that we could manage as identities, so that would be a feature to add.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

The system we are using is five years old and we have had no issues at all. It is fully stable.

What do I think about the scalability of the solution?

It's scalable. We grew over the last year. We integrated companies within the group, which included creating more and more users in the system. Scaling is pretty simple. We didn't have to make major changes to the system itself. It was something that the system could support easily, especially from a functional point of view. 

It can scale vertically and horizontally without any problems. With the upgrade, we are scaling up technically, adding more servers, and it's pretty easy as well.

How are customer service and technical support?

We are working with a One Identity partner. This is really important. One of the most important things to do when going with One Identity is to choose a partner wisely. We are currently working with a partner and we're still evaluating that. It needs to be assessed a little bit better and to ensure that they can support us. It has nothing to do with One Identity support itself. The important thing is ensuring that the partner is able to support requests. That's what we are currently assessing and evaluating.

We are working with IPG because our headquarters are based in Germany. We have a history with them. We are currently ensuring that they are capable of providing the support that we require, and especially provide us the agility and flexibility we need.

The partner is important because the implementation of the systems and the configuration of the systems are done by the partner. It is key for One Identity to ensure that the partners can do the work properly.

Which solution did I use previously and why did I switch?

We had nothing before using One Identity.

We implemented One Identity in 2015 with the main goal of controlling SAP access and users, especially the privileged access in SAP and the segregation of duties. That's what we wanted to control. One Identity was the best system at the time, with really exceptional out-of-the-box functionality. It was mainly done, at that time, for SAP. It was a risk and compliance issue that was fixed with One Identity.

What was our ROI?

We are seeing return on investment although I can't quantify it. If we just think about the reduction in the onboarding time which is impacting other teams, that is an area of ROI. And especially with the Service Desk, there has already been a benefit and a return of investment in terms of resources.

What other advice do I have?

The tool is one of the best tools, out-of-the-box. It has great integration, especially for companies using SAP. On the other side, choose the right partner and don't look at only one system, but other systems as well. If a company is looking for a system to control SAP, don't focus on your SAP. Look at one system which is able to manage in general, and with good integrations. One identity is one of those systems.

It is also important to have a defined process. We establish it and then, with the use of the tool, we apply it.

I would rate the solution at nine out of ten. I like the out-of-the-box functionality. You don't need to do specific customizations; you can quickly use the system as it comes. And the solution has flexibility.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
AG
Systems Specialist at a financial services firm with 1,001-5,000 employees
Real User
Automates assignment of users to AD groups and brings all our systems together in one place

Pros and Cons

  • "Nobody has to put people in AD groups by hand anymore. It goes automatically and that's very good. It's also very flexible. It's quite easy to customize and we have customized it a lot."
  • "One of the things we would like is the ability to have more than one system role manager. That would be nice. For example, when people are on vacation, sometimes it gets a little hard to administrate system roles."

What is our primary use case?

We use it to control identity and access management in our company.

How has it helped my organization?

It has helped when people need access somewhere. It makes it much faster to grant user access. I used to be the one who gave everybody their rights and it took me a few days per week to do it. Now, it's just pressing a button. It's a huge time saver. I don't have to create the users in AD anymore.

All of the systems that we use are in Identity Manager, we didn't have that before. It was hard to even say what kind of systems we were using. Everybody had their own system. When somebody said, "I need to get access to that system," everybody often answered, "Oh, what system is that? Do we have a system like that?" Now, everything is in the same place and they can access so much more, and it's easier to get access.

The solution has also helped to very much simplify compliance. By law, once a year, we have to check what kind of access our users have. For compliance, they can look at everybody's rights because they can see them from Identity Manager. They can look at what kind of rights and access people have and get reports easily. It was very much harder before when we had to make Excel lists.

It has also helped to notably reduce helpdesk calls. Before we had Identity Manager, people called a lot. Now they don't call that much anymore about needing access to something. They can get access, themselves, from the IT shop.

What is most valuable?

Nobody has to put people in AD groups by hand anymore. It goes automatically and that's very good.

It's also very flexible. It's quite easy to customize and we have customized it a lot. There are many features already in it that you can choose from but you don't have to use everything. You can use just a few features and leave things out.

What needs improvement?

I don't have my list at the moment, but there are things we would like to have. One of the things we would like is the ability to have more than one system role manager. That would be nice. 

For example, when people are on vacation, sometimes it gets a little hard to administrate system roles. Usually, one of us has to change our role to the system role manager. In addition, we have a few systems that have many owners. They could manage the rights and access to their systems with that function.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

It has been stable. We haven't had many technical problems at all. Maybe there have been some small issues, but not anything that has been affecting my work. The performance is okay. It works quickly and is stable.

How are customer service and technical support?

We speak to our consultants. They are our technical support.

Which solution did I use previously and why did I switch?

We had something we built ourselves, but it was not integrated with anything. It was mostly just a list. 

When the world is changing and getting more technical, people need more access and we needed the ability to check what kind of access people have. There are all the GDPRs and other things that involve our company. We also thought it would be nice to have some automation for AD. I was literally creating people in AD and giving them rights to different places, putting them in AD groups. It was wasting time and, when a person does it, there are probably mistakes and you're not always sure what's happened. There's no tracking of who did what. Now we can track everything.

How was the initial setup?

That initial implementation was a long process. It took about two years from the time we decided to take the product until we had it in production. There was a lot of fixing and thinking and configuration.

Overall, there were about ten people involved in the implementation, but we have two developers who work actively in developing it at our company. And we have about two-and-a-half people who actually work with it.

Upgrades take a while. The last upgrade we did was from version 6 to 8, when we migrated. It wasn't that difficult. It took time but we prepared properly for it, so it went very smoothly. That migration took a weekend or three days, but the preparations were over the course of many months.

We had a lot of customization in version 6, and we had to clean that up so that version 8 would work smoothly and without problems. Then, we changed our consultants as well, so we had new consultants for version 8. They knew the code better and they told us we had a lot of faults in in version 6 that we needed to fix before version 8 because they wouldn't work in version 8 anymore. We cleaned up a lot of systems and users so that we wouldn't take a lot of garbage with us to the new version.

There were two people who did the migration and they had to learn a lot about how to do it. Then we did testing in version 8 to see how everything was working. In the future, the work involved in upgrading will probably be much less because there won't be that big of a gap. In this case we had to first migrate from 6 to 7 and then 7 to 8. It was a very long process, a big project. I don't think we will do that again. I think we will upgrade with smaller gaps in the future, to make it easier.

Which other solutions did I evaluate?

We looked at one other vendor, but it was some time ago. It might have been something from Microsoft. I don't think we looked at it that seriously because, as I remember, we decided on One Identity quite fast.

What other advice do I have?

It's very good to have a system that handles access rights and a system that you can automate with a lot of other systems like with LDAP and Active Directory. You can probably integrate it with other things as well. For us, it has been a very nice product and we are very happy with it.

The advantages come with many other things that need to be done to use Identity Manager. It takes time to create things and get new systems and features running and to teach people how to use it.

We've heard about the privileged account governance features. We haven't yet started using them but I think we will soon.

Overall, I would rate it at nine out of ten. There are always things to improve on, nothing is ever perfect. I like the product and I think it's nice to work with, but I don't do that too much technical stuff. For everything I do with it, I think it works fine.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
SG
Systems Specialist at a financial services firm with 1,001-5,000 employees
Real User
Flexible solution you can customize by creating scripts or modifying the schema

Pros and Cons

  • "For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems."
  • "The system role manager, or some of the roles that are inside Identity Manager, are limited to one user. It would be more flexible if these responsibility roles could be attached to many people."

What is our primary use case?

We use it to make requests and show the information that the users have, as well as for attestation.

How has it helped my organization?

It saves us time and has increased employee productivity when it comes to provisioning users or systems. It has changed the way things are done, and people who had been doing manual work are doing something else at the moment.

We now have standard processes, the whole flow when a new user comes in; what happens and when. It's always done in exactly the same way. We know that it goes from start to finish in a certain way and we can be sure that it's done in the correct way when it's automated. The master data is always used in the same way.

It has also impacted our cloud IT strategy because we have to be there to manage the user accounts and all, in that environment. That's on-going work at the moment. We haven't implemented or started any processes in production yet.

In addition, it has helped to reduce helpdesk calls, according to the information that we have seen.

What is most valuable?

For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems.

We are familiar with the policy and role management features and we are using some of them. They are very hard to define, but they are also very powerful in a way. You have to define them clearly before you start using them.

One Identity Manager is also flexible. If it doesn't have a feature that you want, out-of-the-box, you can customize it by creating scripts or modifying the schema. But you usually need consultants to do the job.

What needs improvement?

This is getting at really detailed functionality, but the system role manager, or some of the roles that are inside Identity Manager, are limited to one user. It would be more flexible if these responsibility roles could be attached to many people. That's an issue for us at the moment.

I would like the ability to have different user accounts and to have a flexible way to order things. For example, if you have a domain with a lot of sub-domains, for the end-user it should be easy to order to these other environments. But you would have to have sub-identities. We have tried to create different kinds of solutions for this.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

This version, version 8 has been working fine. Version 6 was horrible for us. The performance wasn't good at all, but our experience now with performance and stability is good. We are happy now.

What do I think about the scalability of the solution?

When it comes to adding other users or a growing environment we haven't had any issues. At the moment, at least, we have been able to add features and functionality, and everything has worked fine.

How are customer service and technical support?

We have only used technical support through our partner/consultant company. We haven't been in direct contact with One Identity. Everything has been okay. 

Which solution did I use previously and why did I switch?

We had a solution that was built in-house before we migrated to One Identity. The old solution didn't have the automation features and provisioning features the way that this product does. The old solution was more manual with a lot of built-in scripts. It was hard to maintain or to create extra features.

How was the initial setup?

Our initial setup was about three years ago, but we did the migration from version 6 to 8. That was almost the same. It was a really big project, or it felt like it.

The initial go-live for the product overall was over one weekend, but the work before that took a year. There were ten people involved during that weekend. We had some time-outs during that year though, because there were some other big projects.

The setup was complex because we did a lot of things. It wasn't only our project, because it was HR and the organization. It was not only the technical part, "next, next, next." It included changing the processes and standards in the company overall.

In terms of our implementation strategy, we added a totally new HR program, to get the master data up and running and correct. And then, of course, we had to work on how the organization is defined and have master data for that, and the roles to be used and the master data for that. And we had to get overall processes standardized.

There are two-and-a-half people working on the solution now, doing daily maintenance.

What about the implementation team?

We had a partner, Infragen, do the integration. Our experience with them was good. They did good work and we had good cooperation, overall.

What was our ROI?

The managers are satisfied when things are automated, when people are coming in or going out, because they don't have to do the work. They just contact HR and it's automated from there. People know that it's one place where you can do everything: make the request, the attestation side, and compliance is also automated and in one place. That's what people want.

Which other solutions did I evaluate?

Microsoft was one of the solutions we looked at, as well as some small Finnish companies. We went with One Identity because of the features. Somebody had already made the stuff that we needed, the functionality that we needed was there and didn't require so much customization. And the partner that was able to give us the solution was also a factor in our decision to go with One Identity.

What other advice do I have?

Keep the scope small in the beginning, so you don't do too much. Go live and then add more features on the way because, otherwise, it can go on for years, and you never get anything done. Also, don't start to customize features too much. Try to use what comes out-of-the-box and try to implement it that way. Somebody has thought of these things already. In most companies, a lot of these things are probably done in the same way.

I would rate One Identity Manager at eight out of ten. There's always room for improvement, but I'm pretty satisfied.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Riyas Abdulkhader
Security Architect, InfoSec Consultant at Confidential ( Sensitive Industry)
Consultant
Top 20
Features are open and have a good tabular structure for the data

Pros and Cons

  • "This is almost a complete solution for us."
  • "It should be able to give a client version of the product, rather than just a web-portal."

What is our primary use case?

Our primary use case is for integration to a second system, which will use the role-based access management for the identities and user accounts in the One Identity Manager.

How has it helped my organization?

This is almost a complete solution for us. The data input to the second system, which has the role-based definitions, has made things easier. This is even with bubble representation.

What is most valuable?

The features are open and have a good tabular structure for the data, as well as the connected relational/relative topology.

What needs improvement?

The support documents and data sheets should be made available to the implementation of folks the product website. There's is less documentation available to the public.
There should be installer version available than a portable/web-portal which will be more useful during the testing.

For how long have I used the solution?

One to three years.

Which solution did I use previously and why did I switch?

We did not use a solution previous to this one.

What's my experience with pricing, setup cost, and licensing?

It's costlier than some other products and there is nothing that fits every solution. You have to plan your design in advance based on your needs and user base.

Which other solutions did I evaluate?

We did not evaluate other options.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AE
Senior System Administrator at a manufacturing company with 10,001+ employees
Real User
The solution is flexible. It can do almost anything.

Pros and Cons

  • "The business role management feature is pretty good because we have a lot of dynamic roles, and you can configure it with the filters."
  • "The solution does lots of things that we did manually before."
  • "Make the logging and debugging easier to find, because I'm always confused, "Where do I have to go to turn this log on if I want to see it?""

What is our primary use case?

It manages our Active Directory and SAP user accounts according to HR data and assigns permissions via request or rules.

How has it helped my organization?

We create business roles with permissions in different systems and employees can either request those bundles or get them automatically via rules. User creation in all connected systems has been automated. Employees can request permissions through the IT Shop, their manager and permission owners approve the request and the system assigns it - we don't have to wrangle with excel lists of permission assignments anymore.

What is most valuable?

It is very flexible and adaptable to our needs and the ootb features are also quite comprehensive. The overview sheets are great.

What needs improvement?

Make logging and debugging easier to find, I never quite know which log to turn on for which use case (just for my tools, for the job service user, etc).

Setting up permissions inside the admin tools could be easier, maybe have some roles already created and configurable, like helpdesk needs to view persons, accounts, requests, but not change anything, maybe be able to set delegations etc. 

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Had no major problems. Support is great and quick to help.

How are customer service and technical support?

Technical support is usually great.

Which solution did I use previously and why did I switch?

We had a vb script for Active directory user provisioning from HR data. It was outdated and prone to errors. We wanted one solution that could manage Active Directory and SAP accounts.

How was the initial setup?

The initial setup was complex because the product is complex, there's usually more than one way of doing something. It's a steep learning curve. Our project didn't leave lots of time for our internal admins to familiarize themselves with the tools. Support was a great help in the first few months after it went live and without a consultant...

What about the implementation team?

For the migration from 6.1.4 to 8.0.1 we used IT Concepts. Migration went smoothly as our expert and theirs worked closely together.

What was our ROI?

Provisioning users and permissions has been automated. The IT shop helps spread the load of permission requests and IT personnel can focus on other things than manually assigning those permissions in various systems.

Which other solutions did I evaluate?

We looked at a few different solutions. Most of them were better suited for only one target system and some had poor add-ons for the other targets we needed. OIM seemed the most balanced and also has connectors for other targets we were planning on using.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AF
Governance Team Lead at a financial services firm with 10,001+ employees
Real User
It allows you to build anything on top of it, but the web portal can be a bit muggy

Pros and Cons

  • "It is a flexible because it is customizable. It allows you to build anything on top of it."
  • "The web portal can be a bit muggy at times. This is one of the key complaints from our customers."

What is our primary use case?

We use it for all things related to identity in our organization.

How has it helped my organization?

It will have an impact on our cloud IT strategy, as we are planning to move to the cloud. We are looking to go to Azure, but we will still have an on-premise product.

What is most valuable?

It is a flexible because it is customizable. It allows you to build anything on top of it.

What needs improvement?

The web portal can be a bit muggy at times. This is one of the key complaints from our customers. This is a major issue with version 6, and while version 7 is slightly better, I am hoping this is fixed in version 8.

What other advice do I have?

I would rate it as a seven out of ten, because there is definitely room for improvement.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
FS
IAM Specialist at a financial services firm with 1,001-5,000 employees
Real User
The initial setup is fairly easy. To set up the workflows, you need good knowledge of the product.

Pros and Cons

  • "The product is flexible. For example, it offers cloud features."
  • "The product makes it easier for employees to be more productive."
  • "We are trying to get rid stability issues from the legacy version. We are now implementing version 8.2, which is so much better than version 6."
  • "We would like the product to integrate with ServiceNow, since One Identity Manager and ServiceNow are two of our better tools."

What is our primary use case?

We use it to facilitate our total identity and access management process, from HR to our target systems are using this product.

How has it helped my organization?

The product makes it easier for employees to be more productive.

What is most valuable?

The standard connectors are the most valuable feature.

The product is flexible. For example, it offers cloud features.

What needs improvement?

We would like the product to integrate with ServiceNow, since One Identity Manager and ServiceNow are two of our better tools. An integration between these two tools would be better for us.

What do I think about the stability of the solution?

The current product is stable. We are trying to get rid stability issues from the legacy version. We are now implementing version 8.2, which is so much better than version 6.

What do I think about the scalability of the solution?

The product can grow with us.

How was the initial setup?

The initial setup is fairly easy. To set up the workflows, you need good knowledge of the product. One Identity could improve the setup documentation, as it does not support, "How do I start?"

What about the implementation team?

You need a good partner to assist with the implementation.

What other advice do I have?

We are trying to achieve more targeted systems in the future.

We do not use the policy and role management features.

We have not integrated with SAP.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Pascal Stockmann
Consultant at igf-logic GmbH
Consultant
It is easy to extend the product for custom purposes

Pros and Cons

  • "It is easy to extend the product for custom purposes."
  • "There are several smaller parts of the tool that have room for improvement."

What is our primary use case?

My primary use case for the solution for the last several years was migrating from version 6 or older to version 7 or 8. Most of the time, we implement new features, optimize existing features, or do project management for the customer.

How has it helped my organization?

Our customers have a higher degree of automation and compliance. The product has a good self-service portal, which makes the IT processes a lot better and easier for the end customer.

We have integrated the solution with SAP. Our customer wanted us to do the implementation for web-based administration. They wanted to have easier access to provision their accounts into their system. Because until then, most of the customers were inputted manually. Now, they can automate it, which makes it a lot easier. They can monitor the segregation of duties, such as the financial aspects of it, in SAP.

What is most valuable?

There are so many different connectors out-of-the-box, and the solution works fine. Overall, the product works well and is very good tool, which functions well.

It's pretty flexible because you can use it in almost every way you want. It is very open. It provides good insight on all the basic job chains, and you are free to use, extend, or change it.

What needs improvement?

I am waiting to see the new API for the web.

There are several smaller parts of the tool that have room for improvement. One Identity currently is in the development process of fixing these issues.

What do I think about the stability of the solution?

It is quite stable if you know how to use it right. If you have a good implementation, it is really robust. 

How are customer service and technical support?

The technical support is pretty good because we can reach the right person directly. We also get escalated quickly, if necessary, to the development team. So far, it has been a good experience.

There is a good support team if you have issues. There is a really nice path to get in touch with them.

How was the initial setup?

The initial setup was pretty straightforward because the documentation is really good. It was even easy to train junior employees in our company since the documentation is easy to read and straightforward.

What was our ROI?

This solution has helped to reduce help desk calls for a lot of customers because of the password reset. People can now reset their own passwords. That is a great benefit for customers.

This solution has helped to increase employee productivity when it comes to provisioning users.

What other advice do I have?

Look at one or two videos online on the One Identity YouTube channel. Get in touch with some of their people and possible get a short preview of their products. That is the easiest way, so you can set up a test environment pretty fast be shown how simple the processes work. 

One Identity has a very strong community combined with the tool. They also have a very good relationship between partners, customers, and themselves.

It is easy to extend the product for custom purposes. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
MG
Consultant at a tech services company with 10,001+ employees
Consultant
It's very flexible; you can use it for almost every situation for every customer

Pros and Cons

  • "It's very flexible. You can customize it to the fullest extent. You can use it for almost every situation for every customer."
  • "The initial set up was quite complex. It takes quite some time to get use to this product because of its complexity."

What is our primary use case?

The primary use case is to allow users to quickly administrate their permissions and data.

How has it helped my organization?

As a consultant, it is a good product to sell.

It always helps to improve the processes of the customers.

What is most valuable?

  • It's very flexible. You can customize it to the fullest extent. You can use it for almost every situation for every customer.
  • The policy and role management features are very good. They have gotten better over time.
  • The privileged accounts governance features are very good.

What needs improvement?

As consultants, it's a very complicated to learn it at first, which makes it hard to find people to work with it.

The Synchronization Editor has to become easier to use for us, as technical consultants, because sometimes it's very complicated. If, as a new feature, there would more connectors out of the box in the Synchronization Editor, this would help a lot.

What do I think about the stability of the solution?

It is very stable. We did had some occasions where we had problems with the stability, but the stability is very good.

What do I think about the scalability of the solution?

It is very scalable. We have customers with just a few users to customers with hundreds of thousands of users.

How was the initial setup?

The initial set up was quite complex. It takes quite some time to get use to this product because of its complexity. Then, you are able to customize it and do everything the customer needs.

What was our ROI?

It takes some time before we, as consultants, really receive benefits out of it. This applies to the customer, as well.

What other advice do I have?

It will impact the cloud strategy of a lot of customers in the future. We just started to implement this feature for customers, so it should have a huge impact in the future.

We have not integrated the solution with SAP.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
JP
Product Specialist at a retailer with 10,001+ employees
Real User
The solution is stable, but slow

Pros and Cons

  • "We have seen a slight reduction in help desk calls, as this solution is a self-service product."
  • "The initial setup was complex. It is an extremely complicated thing to replace an entire self-built solution."
  • "The tool to develop the web portal needs improvement."

What is our primary use case?

The primary use case is to handle identities.

How has it helped my organization?

We have seen a slight reduction in help desk calls, as this solution is a self-service product.

What is most valuable?

  • To get an overview.
  • To get a good structure.
  • To get a good automation process.

What needs improvement?

The tool to develop the web portal needs improvement.

We are pushing out a cloud strategy, but running this on-premise solution, and do not know what steps to take.

For how long have I used the solution?

Still implementing.

What do I think about the stability of the solution?

The stability depends a lot on the infrastructure, but it is pretty slow. For us, it is stable, but slow.

How are customer service and technical support?

I haven't used the technical support yet.

Which solution did I use previously and why did I switch?

We are using a self-built solution. It would cost too much to get that up to the standard of what we need. In the long-term, it is cheaper to buy a solution that has what we need. Though, we are still running the previous solution, as we are still in the implementation phase. One Identity Manager is very limited in what we have live; we are not using it fully yet.

How was the initial setup?

The initial setup was complex. It is an extremely complicated thing to replace an entire self-built solution.

What about the implementation team?

We are using an implementer for the deployment.

What other advice do I have?

Think through what is most important and your strategy, especially your cloud strategy. Look at the different competitors in the market, including this one.

Our cloud strategy is impacting what we decide to roll out.

We have not implemented the privileged account governance features yet.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Michael Botek
CEO at IT Design Software Projects and Consulting
Consultant
The solution solves our customers' compliance issues and optimizes their administration

Pros and Cons

  • "The solution is flexible because you can realize the customer needs. Therefore, it is easy to upgrade specialized things. It provides the flexibly, so you can implement customers' use cases."
  • "With technical support, it is always an issue to get the right person. They do have good technical people in support, but it is sometimes not so easy to get them."

What is our primary use case?

We use it for the identity lifecycle.

How has it helped my organization?

The solution solves our customers' compliance issues and optimizes their administration.

The solution helps to reduce help desk calls in the areas of password resets and misunderstanding requests.

What is most valuable?

It is highly integrated with our clients.

The policy and role management features are good.

The solution is flexible because you can realize the customer needs. Therefore, it is easy to upgrade specialized things. It provides the flexibly, so you can implement customers' use cases.

What needs improvement?

The connectivity to the cloud with the cloud identity need improvement. The whole security story in the area of access management along with the possibility to get access is part of this improvement process. This is the cloud access manager (CAM), and it isn't as it should be, but it's a very good long-term solution.

It is important to get the cloud integrated. One Identity is stalling about this in America, and we need it in Europe.

What do I think about the stability of the solution?

The stability is fine. It works for our use, and the customer is satisfied with it.

What do I think about the scalability of the solution?

The scalability is good. We use it in smaller customer suites, but also in larger ones.

How are customer service and technical support?

With technical support, it is always an issue to get the right person. They do have good technical people in support, but it is sometimes not so easy to get them.

How was the initial setup?

The solution is easy to set up, but it requires customization, which is not easy for identity management.

What was our ROI?

When many people are coming or leaving the company, the process is optimized. The productivity is higher because the process can be done faster and easier.

What other advice do I have?

The solution is used very often in the market. There are a lot of satisfied customers using the product. 

They are a lot of partners who can help you implement it, if you are interested.

We know few other products in this industry. The flexibility, long term plan, and roadmap are very good. Also, its future is looking good.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Miska Siirto
Lead Solution Architect at Tieto Sweden AB
MSP
You can scale it quite big, which is good, and it has good sizing

Pros and Cons

  • "It brings simplicity into complex matters."
  • "You can scale it quite big, which is good. It has good sizing."
  • "It is a large solution where you need to learn how to work in a certain way for it to provide the best benefit."
  • "I would like some access management features to be added. We have some customers with a small need to do authentication as a service, and there are other solutions on the market which offer this."

What is our primary use case?

We using it internally. We are also offering it to our customers as a managed service.

How has it helped my organization?

I have heard that the overall security is much better, although we still have slow processes going on within the company. Internally, this is what I have heard, since I work more on the customer side.

Since we are ISO 27001 compliant and GDPR compliant, the product has probably helped with this.

What is most valuable?

It brings simplicity into complex matters.

What needs improvement?

I would like some access management features to be added. We have some customers with a small need to do authentication as a service, and there are other solutions on the market which offer this.

It is a large solution where you need to learn how to work in a certain way for it to provide the best benefit. On the other hand, it's really a structured way so you should work in a structure way, as it is a compliant to other frameworks.

What do I think about the stability of the solution?

I haven't heard any complaints regarding stability. 

There was some slowness when we implemented it, but I haven't heard anything since.

What do I think about the scalability of the solution?

You can scale it quite big, which is good. It has good sizing. 

We have some smaller customers where the solution is too big, but that is an IAM world issue.

We have 15,000 people working for us.

How are customer service and technical support?

I've been happy with the technical support. When I previously worked in another company implementing One Identity Manager, I was pretty happy with support.

How was the initial setup?

The initial setup for us is quite simple, and we have done some measures internally to make it even easier.

What about the implementation team?

We have used other partners to help with our own implementation. 

What was our ROI?

We're using it to monitor the customer environments, which has helped us increase employee productivity when it comes to provisioning users and systems.

It has helped to reduce help desk calls quite a lot, since not we are using the Access Manager which looks into our web services. 

What other advice do I have?

I think it's one of the best solutions on the market.

It is a big task to implement alone, so ask a lot of questions if looking to implement.

You can see and do a quite a lot. It is really open in that way, but going out and trying to do stuff which it isn't meant to do, that's much harder. I wouldn't go there. However, it's gives you a good framework to work and build on.

The policy and role management features work. They are getting better all the time. I don't really have a better experience from other solutions.

I am just learning the privileged account governance features and how they work.

We don't have SAP internally. We offer it as a service, as a company, to our customers, but we don't use it.

We are managed service providers, so we cannot have our own private cloud.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Umit Yilmaz
Owner at UY IAM Consultancy
Consultant
The policy and role management features are superb

Pros and Cons

  • "The policy and role management features are superb. If you have a customer who is willing to go somewhere with role management, then the possibilities are endless with the product. It is well-structured, and the architecture is well-defined."
  • "Some features aren't supported by the technical support. It is based on your own risk, which I can accept, but I would be happier if they would provide me some additional information about them anyway, e.g., deleting tables or columns."

What is our primary use case?

The primary use case for this solution is implementing them at the customer site, according to the customer's business needs. E.g., certain customers needs an attestation case. 

The reason for implementing this solution is the need to become somewhat more in control. There is also the ease of use for connecting products to target systems, like an Active Directory or Exchange.

How has it helped my organization?

I had an organization which had no idea of their user accounts and who owned them. It took me two weeks, and out of those two weeks, most of the time was spent waiting for the user accounts to connect to the Active Directory. Within two weeks, we knew exactly how many orphaned accounts that they had. This was a huge deal for the customer. They never realized that within such a short time frame that they could be able to better view their Active Directory, who owned which account, and how they could start cleaning it up. This is a very basic feature within the product, but to the customer, it is a huge leap.

What is most valuable?

The policy and role management features are superb. If you have a customer who is willing to go somewhere with role management, then the possibilities are endless with the product. It is well-structured, and the architecture is well-defined. I am quite content with it.

The solution is flexible. It is based on modules. Depending on the customer's needs, you can implement the different modules, which are accompanied with it. 

What needs improvement?

I would like better integration with cloud apps, but I just learned this week that there is already a pretty advanced cloud integration. So, what I would like to see is already implemented, but I just need to start using it.

When I first started using it, way before version 7, the manual wasn't comprehensive.

The UX design needs improvement, but I have noticed that people are working very hard behind the curtains to make sure that UX is designed in such a way that the end user is going to have a much easier time using the product in future releases. My ideal was a product designed by IT guys with an IT guy mindset, not without realizing thousands of people in an IT portal would be using the product. Therefore, it took my customers many hours to find the correct links to order something from the IT shop, but I know One Identity is working very hard to improve this as well. If they could improve the UX within the Manager tool, this would be another huge upgrade in just lowering the learning curve of how to use the product.

What do I think about the stability of the solution?

If well-implemented, the solution is extremely stable. What I have been confronted with is I am usually joining an ongoing project, which has been implemented quite messily: 

  • The basic features of the product usually aren't used. 
  • Customization is too spread out, and in a very inefficient way, making the product very unstable. 

It should be implement with the out-of-the-box features. When used with its features, it is extremely stable.

How are customer service and technical support?

With the technical support, I create a case, then within a few hours I receive a reply. So, I'm very pleased with the technical support. However, some features aren't supported. It is based on your own risk, which I can accept, but I would be happier if they would provide me some additional information about them anyway, e.g., deleting tables or columns. 

How was the initial setup?

You need a bit more knowledge than with the One Identity Manager product. You also need to be knowledgeable about servers and IIS servers for the web server. However, if you just follow the manual, you will get very far. Sometimes, you just need to Google somethings.

The SAP integration is extremely easy. The first time that I used it, I picked up the user manual, and typed in some user account system clients and passwords, then I was connected. It doesn't get any easier than that.

What about the implementation team?

Once you are past the learning curve of the product, the most valuable feature is the ease in which you can implement the product.

What was our ROI?

It has helped to reduce customer costs.

For the customers that I have worked with, this solution has helped increase employee productivity when it comes to provisioning users. For example, if someone joins the company, then someone else will need to realize a member has joined the company. They need to create a ticket or call someone they know within the Active Directory team. This usually takes at least three to four weeks before they are able to make someone work efficiently. With One Identity Manager, within a few months, you can reduce four weeks time to a few days or even hours.

What's my experience with pricing, setup cost, and licensing?

It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things.

What other advice do I have?

It isn't that hard of a product to use. It's actually very easy to set up. Your business case is much easier than you think, forget the word complex. Just use the product as it is meant to be used, and it will make your life easier. It will also make your customers much happier,  reducing the time to implement something or making the company grow. 

I have done some basic SAP integrations just using the out-of-the-box connectors. After connecting it, the customers with their own technical teams go in and clean up SAP.

The customers that I am working with haven't moved to the cloud yet or are just starting move to the cloud. I am pleased to see many steps are being taken to make cloud integration much easier from version 8 and up.

I am interested in finding more out about the privileged account governance features.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
KM
Principal Consultant at a tech services company with 1,001-5,000 employees
Consultant
It has many features which can be combined and configured in a great way

Pros and Cons

  • "It has many features which can be combined and configured in a great way, then put together in projects and ways that developers didn't think were possible, which has been great."
  • "The UI and user experience side of things needs improvement."

What is our primary use case?

We implement One Identity Manager for our customers.

How has it helped my organization?

It has helped to simplify compliance. We have multiple customers who now have a full overview of their accounts and users. They can use the reporting for GDPR compliance or accounts retention.

What is most valuable?

Flexibility: It has many features which can be combined and configured in a great way, then put together in projects and ways that developers didn't think were possible, which has been great.

The policy and role management features are very powerful and useful for our customers. You can do anything there.

The privileged account governance features are great from the overall governance look, the things which you can do with it, and the results that you can achieve from it.

What needs improvement?

The UI and user experience side of things needs improvement.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is very stable. It has been running for years (for our customers). Even if it bugs up at some point, it is rather fast to fix and easy to get going again.

What do I think about the scalability of the solution?

The scalability is very good. It scales well for companies, from small companies to very big ones worldwide.

How are customer service and technical support?

The German technical support is great. We are a German partner, and we find them knowledgeable and fast, as they do their thing.

How was the initial setup?

The complexity of the initial setup depends. While it's fast and easy to set up initially, the complexity can come once the solution starts to grow.

What about the implementation team?

We have implement the following for our customers:

  • SAP
  • Cloud IT strategy.

What other advice do I have?

Compare all the solutions and all the things that you can do on them: How easy you can set it up and how fast it can grow. Because identity management will grow with you, and you have to have a product which can grow with your organization.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
MP
Senior Product Manager for Identity & Access Management at a non-tech company with 10,001+ employees
Real User
We are creating, managing, and provisioning in SAP, as it is a fully integrated solution

Pros and Cons

  • "At the time of the onboarding, this is solution that we have interfacing with HR. On the same day an employee is hired, an account is created and available for the manager when the end user arrives. The opposite is true. The moment employment is terminated, the same day everything is disabled, then later deleted."
  • "The back-end, its capabilities, and workflows are very good."
  • "I would like it to have an easier integration with phones."

What is our primary use case?

We are managing the entire trend for our identity management, from HR hire until offboarding. We use it for managing all the IT accounts in the company, which has hundreds of thousands of identities.

How has it helped my organization?

At the time of the onboarding, this is solution that we have interfacing with HR. On the same day an employee is hired, an account is created and available for the manager when the end user arrives. The opposite is true. The moment employment is terminated, the same day everything is disabled, then later deleted.

We have integrated it directly with SAP, since our HR source of information is SAP and more than 80 percent of our business is run on SAP. Therefore, we have the largest SAP installation in the world. It's fully integrated, so we are creating, managing, and provisioning in SAP, as it is the core of our business. We are synchronizing for SoD, so it's working well. We are using different aspects of the integration.

What is most valuable?

The overall capabilities of the identity governance and administration (IGA) solution for identity management.

The flexibility of the solution: We are able to use what is out-of-the-box, customize and prioritize it, then further develop it to meet our needs. Our use for it is very complex, but we are able to achieve success with One Identity.

The back-end, its capabilities, and workflows are very good.

What needs improvement?

I would like a more friendly web UI. This is something that they are already starting to work on. 

Because of our volume, the monitoring of the solution, several job servers, and DBQs has been very time consuming for us.

I would also like it to have an easier integration with phones.

What do I think about the stability of the solution?

With the current version, the stability is very good. With the previous version, it was not good. We are now in version 8, and it's really stable and performing.

What do I think about the scalability of the solution?

Without this solution, because of our sheer size, we cannot manage our own house.

How are customer service and technical support?

We are paying for premium support, which is expensive. However, we do receive very good, fast support.

How was the initial setup?

What we implemented is very broad. We implemented basic identity management: workflow, self-service, and shopping for roles. We also implemented SoD. To implement all of this and because of our size, we had to work with partners and One Identity, which was a complex process.

What was our ROI?

We have seen a little ROI when there was a restructuring reduction in the market for user management teams, but not enough to cover the cost of the project. The focus was on security compliance, not on return on investment.

This solution has helped to reduce help desk calls. We are a very big company, so we have implemented thousands of role-based access controls which give rights to the users. Based on their movements, we are removing or assigning access. We also have the entire onboarding process fully automated. We have removed more than 90 percent of all manual requests for accounts.

This solution has helped to increase employee productivity when it comes to provisioning users. E.g., We can give users access in under a day. It is now based on how long it takes for HR to perform the action to onboard the employee.

Which other solutions did I evaluate?

We started an RFP in 2013 or 2014. Then, the end of the process was in 2015, we selected One Identity Manager by comparing it against many other vendors.

What other advice do I have?

Define what you are researching. Write down use cases you need. Then, ask for a demo with you data, so you can see actual results.

We are working on our IT cloud strategy. We are starting to do cloud provisioning integrated with our identity management.

We use it for compliance, but not directly for GDPR.

We are using the policy and role management features.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
BF
VP at a healthcare company with 10,001+ employees
Real User
This solution helps with compliance by having a way of controlling an audit trail, but it is not really scalable

Pros and Cons

  • "This solution is quite flexible. We have a lot of customization since we have our own business processes."
  • "This solution helps with compliance by having a way of controlling an audit trail, knowing how things are done, and knowing how to control who has access to what."
  • "The policy and role management features are a bit hard to scale. The whole model for who can do what and how to set it up is not so well-governed for a larger organization. The demos are always shown for a 100 or a 1000 people, but when it is a large number, it is quite difficult to maintain."
  • "Their technical support's attitude is a bit strange. Quite often, we have to prove that there is a problem with the product rather than having them prove that there is not a problem with the product."

What is our primary use case?

The primary use case is managing business applications.

How has it helped my organization?

We have centralized a large number of access management functions. Therefore, you have one place where you can have control and have automated on/off boarding processes for people joining and leaving. We have done a lot of things, covering a lot of applications.

This solution helps with compliance by having a way of controlling an audit trail, knowing how things are done, and knowing how to control who has access to what.

What is most valuable?

  • Publishing capabilities
  • Connectors
  • This solution is quite flexible. We have a lot of customization since we have our own business processes. 
  • We use it to manage our users in SAP.

What needs improvement?

Maybe it is going this way with the angled frame work, but we really want to be able to watch and control things, so we can change things and know what the impact will be. 

Most importantly for automatic testing and rollouts, we need an easier way of connecting applications and an easier way of onboarding applications. At the moment, the process is very technical. People associate this as a technical and development thing. In the end, onboarding applications should be a business problem, not a development problem. They have take the technical work out of it. That is why we have to completely custom build a framework. Our work is not about connecting 20 or 50 target systems, as we have to connect thousands, which is difficult to do one-by-one. 

The end user experience needs improvement. One of the things the end users complain most about is the shopping cart, because they are not really on eBay or Amazon buying things. They just need access to business applications. Why do they have to click so many times? We probably have around 20 calls a day because a user hasn't got access, not realizing they haven't completed the shopping cart. So, I would recommend removing the shopping cart.

What do I think about the stability of the solution?

Stability has been a challenge. With version 8, especially post go-live, we had a lot of problems. We were doing care everyday on One Identity Manager for a good month and a half, just fixing things. Therefore, stability was not great at that time.

What do I think about the scalability of the solution?

It is not really scalable. We had to put in a lot of customization to make it scalable. We ended up putting in a lot of instances to build it up to our scale, not only for performance capability, but for change capability. Therefore, if you have to scale for a large amount of people with several different themes, changing the configuration in One Identity can be hard to coordinate. Everyone has to have their own environments to work in; you cannot work in a joint environment easily.

The policy and role management features are a bit hard to scale. The whole model for who can do what and how to set it up is not so well-governed for a larger organization. The demos are always shown for a 100 or 1000 people, but when it is a large number, it is quite difficult to maintain.

How are customer service and technical support?

The technical support lacks the knowledge on custom deployments. They have good knowledge on the base product, but they lack the knowledge on the custom deployments. 

Their attitude is a bit strange. Quite often, we have to prove that there is a problem with the product rather than having them prove that there is not a problem with the product.

Which solution did I use previously and why did I switch?

We had some audit issues. We had a distributive access management landscape (fragmented landscape) that we wanted to centralize, because we had a lot of in-house built tools (very narrow scope of tools) that only did one thing. It was expensive to run a lot of different tools, and we wanted to replace it with one tool.

How was the initial setup?

The initial setup was complex. There are a lot of processes, which have to be covered, with a lot of users. Everyone is affected in the organization. It is not an easy thing to standardize, so it is quite complex. Then, we have five different port identity systems working together. This also makes it quite complex with the data replication between them. Therefore, it was not a straightforward thing to do. However, access management isn't a straightforward thing to do.

The SAP integration is quite cumbersome and long. It took many years. With the new addition of the SAP client to the new system, it is not so difficult anymore. However, there are some challenges with the new SAP technologies where they are not really supported by the One Identity tools.

What about the implementation team?

We have used several consultants for the deployment. We used One Identity Professional Services, Data Consulting, Mphasis, Microsoft, and other smaller ones, which usually come through an umbrella company.

What was our ROI?

We have improved our security.

It has increase employee productivity when it comes to provisioning and controlling access in the system. It previously used to be distributed between a lot of things. Now, we can do them all in a central way. We are now more automated. End users know where to go to access critical business applications. In the past, it was email-based, textile-based, phone calls, and service tickets, so it was hard to know how to get access.

Which other solutions did I evaluate?

We have a different product for privileged account governance.

What other advice do I have?

Evaluate how you can do the rollout, how will you approach the rollout, and if you have other application. Check how you are going to do the rollout and plan for it, then evaluate the products against it.

It has increased our help desk calls a lot. We probably have between 60 and 100 access calls related to access management processes in One Identity Manager a day.

One Identity Manager has not impacted our cloud strategy and its management.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Marta Dern
Analyst at Grifols
Real User
Facilitated the customization of all our workflows for approvals

Pros and Cons

  • "The biggest improvement has been the auditing. Now we have a record of what the users have, what the users have requested and when, and when things were approved. It's all in the same system."
  • "The initial setup was complex."

What is our primary use case?

We are using One Identity Manager to manage user access requests. Then we manage the provision, as well as the provision of those users. We get the identities from SAP and then we provide them whatever access they are requesting.

How has it helped my organization?

The biggest improvement has been the auditing. Now we have a record of what the users have, what the users have requested and when, and when things were approved. It's all in the same system.

What is most valuable?

The most valuable feature is the fact that we don't need paper anymore. We came from a paper solution and getting rid of the paper is valuable.

The solution is also flexible. We have customized our IT shop. Because we have so many applications, the solution, out-of-the-box, wasn't good enough for us. So we have customized all our workflows for approvals and it's working fine.

What do I think about the stability of the solution?

I have some doubts, not about the stability but when they released version 8 we were unsure about the roadmap that they were going to follow. We are waiting for 8.1 before we upgrade.

What do I think about the scalability of the solution?

There's no problem with the scalability.

How are customer service and technical support?

We have opened a couple of cases and we've had a really good response from the team. Initially, we contacted Professional Services a couple of times, and their answers were pretty good.

Which solution did I use previously and why did I switch?

We didn't have any solution previously.

How was the initial setup?

The initial setup was complex.

What about the implementation team?

We used a partner. Our experience with them was difficult because the project was really difficult. We had our ups and downs but, in the end, it was good.

What other advice do I have?

For this or any other similar solution, make sure you have the maturity to go forward with an identity management project. If you are at that point, this solution is a good option to look at because it's really flexible. It makes it possible to do a lot of things.

We are getting comfortable with the solution. We're just at the very beginning. We are in production but not for the whole company, so we are not enjoying all the benefits of the solution. In terms of the privileged account governance features, we are not there yet. We are now investigating them and they look fine but, we are progressing slowly.

The solution has helped to simplify compliance, but not as much as we would like because we haven't implemented all the options, all the features yet. We are in the middle of that.

We have integrated the solution with SAP, we need to get identities from it. The integration process with SAP has been the worst. It has been really difficult because our SAP is really customized. The standard connector hasn't been enough, so we have had to create a new connector and it's been really difficult.

I would rate it at eight out of ten. It's pretty new but they are making a great effort to be the best and to focus on the user.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AC
Lead Technology Manager at a financial services firm with 10,001+ employees
Real User
Enables us to customize the user interface and the workflow processes

Pros and Cons

  • "Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes."
  • "The support for DevOps could be improved with quick delivery cycles and multiple delivery streams."

What is our primary use case?

We use it for meeting compliance requirements.

How has it helped my organization?

We were able to clear up some audit actions by providing evidence we have a proper, controlled approval process.

In addition, One Identity Manager has helped to increase employee productivity when it comes to provisioning users and systems.

What is most valuable?

Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes. It helps us set up the correct approval processes.

What needs improvement?

Better support for version control and multi-threaded development would be helpful additional features. 

The support for DevOps could be improved with quick delivery cycles and multiple delivery streams.

What do I think about the stability of the solution?

We do have performance problems, but outside of that, it seems stable.

What do I think about the scalability of the solution?

We have some performance problems, so pushing to scale is a challenge.

How are customer service and technical support?

The technical support is acceptable. We get responses when we raise queries, but maybe not as fast as we'd like.

What about the implementation team?

We worked with a third-party vendor, TCS. Our experience with them was okay but it was difficult to get skilled resources.

What was our ROI?

We have seen return on investment.

What other advice do I have?

Think about what the out-of-the-box features are in the product and how those map into your business requirements. Perhaps look at revisiting the business requirements to better fit with the product.

We integrated the solution with SAP, given that we already had a significant SAP deployment for our financial services. Because I wasn't involved in that I can't comment on how that process went.

In terms of our cloud strategy, One Identity Manager hasn't impacted it. The solution will fit within that strategy.

I would rate it at eight out of ten. It meets most of our business requirements. We can deliver functionality the users want, but it does need some improvements, in the performance and support for a DevOps-type quick SOC release.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PL
Supervisor at Hartmann AG
Real User
We have reduced about 60% of our help desk calls, but the performance is poor on our older version

Pros and Cons

  • "We have reduced about 60% of our help desk calls, especially for onboarding and simple tasks that do One Identity automation."
  • "The performance is quite bad, but this is because we have a very old version."
  • "Visually, I would like it to be more user-friendly."

What is our primary use case?

We mostly use One Identity Manager for the tasks of onboarding and offboarding business roles, assigning permissions, and ensuring that we have a record in auditing to fill out compliance needs.

How has it helped my organization?

It allows us to do a lot more tasks in an automated way. Previously, we had to do a lot of things manually. Because of the automation, it allows us to assign a resource. We just have to name a resource. This allows us to transfer some tasks to the first line of the service desk, allowing our IT to concentrate more on other tasks and the needs of the business.

What is most valuable?

The most valuable feature is the configuration of users, especially onboarding and offboarding SAP roles. It is very important this is done in a fast way, especially in connection to the SAP HR system, where we can get a user onboarded as soon as they have the information recorded in HR.

What needs improvement?

Connections with more clouds systems is already planned. The more that we can use One Identity to connect with other systems to manage all the applications accessed throughout One Identity, the better. I would expect to have more connections and setups to other systems.

Visually, I would like it to be more user-friendly. Version 8 looks visually like version 6, so this still needs improvement in later versions.

What do I think about the stability of the solution?

The performance is quite bad, but this is because we have a very old version.

We only use the privileged account governance to identify the type of the account where there are no functions designed behind it. This will probably be something that we will develop more in version 8. Because in our current version, we don't want to add more functions with the performance already being poor.

What do I think about the scalability of the solution?

It is not an all or nothing scenario. It's very good that you can choose exactly what fits your business.

How are customer service and technical support?

We used a partner. So, we don't use the support service directly from One Identity. All the support that we need is done through our partner.

Which solution did I use previously and why did I switch?

We didn't have a solution to manage identities previously. The need to have an identity management system came from auditing, our SAP needs to have monitoring, and the need to control SAP accounts and roles.

One of the main reasons, in the beginning, to go with One Identity Manager is to have integration with SAP. It's very important to have our business roles and privileged access monitor always up-to-date, especially if you have privileged users and firefighters. You need to monitor their access very carefully.

How was the initial setup?

For version 6, the SAP integration out-of-the-box can be quite exceptional. The configuration might be a bit harder to do in the beginning, but then the functionality and the way it works is very easy and straightforward to use. 

What was our ROI?

We have reduced about 60 percent of our help desk calls, especially for onboarding and simple tasks that do One Identity automation.

The solution has helped us increase employee productivity when it comes to provisioning users and systems. Now, we have standardization for all countries, where we are in 36 countries, presently. It is very important to be standard in the way you work with the solution. 

Because we have implemented automation to our tasks, we have probably reduced time from a few days to a few hours.

Which other solutions did I evaluate?

The product is quite flexible. In my previous company, I worked with Microsoft products. Now, I am using One Identity. Its functions are easier to use and more intuitive. You also have more functions available to businesses.

What other advice do I have?

Check the big picture and what exactly the company needs. 

Choose the partner wisely. It's always important to make a successful implementation. 

One Identity Manager is good because it allows you to choose at a granular level exactly what you need for the business.

This is not how it's implemented currently with us, but especially in compliance GDPR and privacy settings, you can have more granular permissions on privileged accounts and be able to monitor who makes changes on the accounts in IDN.

We only have very basic functions now. However, the solution will have an impact on the roadmap of the company and on our company's roadmap of IT solutions to come.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Kars Wittens
Service Owner at Rabobank
Real User
Workflow feature is key for us, but the solution needs to improve on integration

Pros and Cons

  • "Workflow management is an important feature. With other identity management products, there was no workflow management so we had to build it ourselves."
  • "I would like to see a lot more integration with our platforms, more on the connector side."

What is our primary use case?

We use it to give the right access to the right resources.

How has it helped my organization?

It has made us much more effective and efficient in providing access to users and in managing certain processes. It has definitely helped to increase employee productivity when it comes to provisioning users and systems. It's difficult to estimate how much their productivity has increased because we already had some identity management systems. I don't know how much this solution has helped us compared to the other systems, but it has definitely helped.

What is most valuable?

Workflow management is an important feature. With other identity management products, there was no workflow management so we had to build it ourselves. That's one of the reasons we selected One Identity.

We have also found the solution to be flexible. We can customize a lot of things and arrange most things within the product.

It has also definitely helped simplify compliance.

What needs improvement?

I would like to see a lot more integration with our platforms, more on the connector side. We are still using version 7.1. There are a lot of new features in 8.1, so we will look forward to using that.

What do I think about the stability of the solution?

The product is good, it's stable.

What do I think about the scalability of the solution?

I'm relatively new in this role and I haven't figured out how scalable it is. That's one of the use cases I'm working on with my engineers right now.

How are customer service and technical support?

Technical support is good.

Which solution did I use previously and why did I switch?

We were using several solutions for access and we finally selected One Identity as the best solution for our purposes. We had a home-grown identity management solution, but because of the complexity of it we selected One Identity Manager as our future-looking identity management product. 

How was the initial setup?

The setup was complex but it was mostly because of our environment. We have a very complex environment. We have a lot of ancient systems.

Which other solutions did I evaluate?

All the big ones were on our list. We chose One Identity because of the possibilities that were already present in the system. There were more than in the other ones.

What other advice do I have?

It's a good product which provides great opportunities.

Regarding the policy and role management features, I hear they're good. I don't know that part as well, but I have heard from the engineers they're pretty okay.

We have integrated One Identity Manager with SAP, but we're moving from SAP as an HR system to the Workday system. We're in the middle of that integration right now. The original integration with SAP was done before I started using the product, but I from what I heard it was pretty okay. But you have to have a lot of knowledge of One Identity Manager before you can start implementing it, and knowledge of it is a bit of a problem.

The solution hasn't yet impacted our cloud strategy because we are not working hard on cloud strategy right. We're thinking about moving some pieces but we have not yet implemented it.

We know that version 8 is much better than the version 7 we use. But the version we use is about a seven out of ten because we have had some real difficulties with the integration part, from the old systems.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
DP
Solution Designer at a pharma/biotech company with 10,001+ employees
Real User
It helps us save on licenses for applications because we are following the account lifecycle

Pros and Cons

  • "The most valuable features of this solution are its handling and that it is easy to maintain and manage the data."
  • "It would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes."

What is our primary use case?

The primary use case for us is to follow the identity lifecycle, starting from feature improvement up to many accounts along with targeted systems.

How has it helped my organization?

It has improved the way of operations functions. 

It has partly helped with GDPR, especially with HR.

What is most valuable?

The most valuable features of this solution are its handling and that it is easy to maintain and manage the data.

The solution is flexible in connection with the controls. For example, it's easy to implement, easy to handle, and understandable to configure.

The user interface needs improvement.

What needs improvement?

I would like a secondary account approach out-of-the-box, as this would be really useful. Additionally, it would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes. 

What do I think about the stability of the solution?

The stability has improved over time. 

What do I think about the scalability of the solution?

It is easy to scale up. However, obtaining additional resources additional are an issue.

How are customer service and technical support?

We have not been much in touch with their technical support, which is a good sign for the product, since it mostly working.

Which solution did I use previously and why did I switch?

Our previous solution (IBM) was outdated.  

How was the initial setup?

The complexity of the initial setup varies. The Active Directory may be considered less complex then connecting a SAP system.

What about the implementation team?

We have a consultant, who helps us in wrapping up solutions and connecting the current systems to one another.

What was our ROI?

This solution helped us to increase employee productivity when it comes to provisioning users or systems. It is what the solution was designed for. In some cases, it has gone down from days to hours/minutes.

To a certain extent, it has helped us reduce help desk calls by five to ten percent.

What's my experience with pricing, setup cost, and licensing?

It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation.

Which other solutions did I evaluate?

We had a shortlist of three vendors: SailPoint IdentityIQ, IBM, and One Identity. We looked at functionalities, what came out-of-the-box with each product, and what needed configuring.

What other advice do I have?

The product is a nine out of ten because 80 to 90 percent of our requirements are out-of-the-box.

Consider the speed of implementation, amount of customization, and the authentications if you are comparing between tools. Operations is also a topic: Is it easy to operate and is there a dedicated operational team? 

We have integrated with SAP because SAP has connected systems.

I like the integrated approach of the privileged account governance features. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Tadej Grebensek
IT Engineer at Gorenje
Real User
Our employees get everything that they need the day that they start

Pros and Cons

  • "The solution is flexible. You can customize it a lot. You can can build connectors, connecting them to a new application, and so on."
  • "The initial setup was quite complex because you run into some existing policies that the company already had. There was some trouble with some inconsequential policies."

What is our primary use case?

We use it to manage identities, We have around 12,000 employees who need to be managed, which is a lot of people worldwide. It is sort of stressful to manage proactively unless you have automated systems.

How has it helped my organization?

We have an SAP connector since we have integrated the solution with our HR database.

What is most valuable?

Simulation mode of One Identity Manager for company policies, station policies, business roles, etc.

The solution is flexible. You can customize it a lot. You can also customize parts of it. You can can build connectors, connecting them to a new application, and so on.

What needs improvement?

There are some good things about the policy and role management features, but you can't really use them to their full potential. A lot of customizing that we have to go through to implement new processes and new customized policies could be better. Though, overall, it is great.

They need to implement a lot of best practices for this solution.

What do I think about the stability of the solution?

The stability is okay. It really depends on if there have been changes made on the database where you are trying to obtain your data.

How are customer service and technical support?

I haven't had much contact with the solution's tech support. My partner contacts them.

Which solution did I use previously and why did I switch?

Our company didn't have any of this type of solution before, so it's a totally new process that we're going through at this very moment.

How was the initial setup?

The initial setup was quite complex because you run into some existing policies that the company already had. There was some trouble with some inconsequential policies.

What about the implementation team?

We used our partners, who are an integrator. Everything is in one box.

What was our ROI?

The solution has helped us increase employee productivity when it comes to provisioning user interface systems. Our employees get everything that they need the day that they start.

What other advice do I have?

Build a strong team for this solution because there will be a lot of issues that you will have to go through, especially on your HR database. Build a team that knows how to listen and how to act.

The SAP integration process was quite interesting. You have to search for the answers in the right department with the right people. After that, it becomes easy.

We are currently not on the cloud.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Samo Srebernjak
Head of User Support at MEGA M, Informacijske Tehnologije, d.o.o
Real User
There is a lot less help desk paperwork, which has increased employee productivity

Pros and Cons

  • "We no longer keep users who shouldn't exist."
  • "It is flexible with APIs and the customizing of a portal."
  • "I would like to have more extensive out-of-the-box reports."

What is our primary use case?

We have this process of provisioning and non-provisioning users, depending on our SAP HR database.

How has it helped my organization?

The most important thing is that we don't have bad users in our systems anymore.

What is most valuable?

We no longer keep users who shouldn't exist.

It is flexible with APIs and the customizing of a portal.

What needs improvement?

I would like to have more extensive out-of-the-box reports.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

The stability is great. We haven't had any problems. It keeps on working.

What do I think about the scalability of the solution?

We can expand as much as possible. It will meet our needs going forward. We have already expanded a lot of times. The only issue with expansion is the cost of licensing.

How are customer service and technical support?

I have only had one experience with the technical support, and it was okay.

Which solution did I use previously and why did I switch?

We were not using another solution prior to this one (not in this scope).

How was the initial setup?

The initial setup is mostly straightforward, but you still need to customize some things.

What was our ROI?

It has helped to reduce the paperwork of the help desk. There is a lot less paperwork, which has increased employee productivity, allowing them to be assigned to additional projects. 

Which other solutions did I evaluate?

We were also looking at the Microsoft Identity Manager. However, we decided on One Identity Manager because it has a wider coverage of different products.

What other advice do I have?

Implementation and integration with SAP went well from the Identity side, but we have had internal problems with the data. However, we have been solving that for four years now.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Samuel Paul
IAM / IGA Architect - Associate Director at PRIZM
Real User
All our lifecycle processes have been improved

Pros and Cons

  • "For the recertification and segregation of duties, it's easier to know all the information about our employees. If we need to delete some information, we can do it from a central point, then it can be deleted on all our searches. This is very good for GDPR."
  • "The product is quite scalable, except for the database which is not highly available. This is where scalability could be improved."

What is our primary use case?

We have chosen the product, especially for its governance for all the processes of the company, onboarding of employees, and lifecycle processes.

How has it helped my organization?

All our lifecycle processes have been improved. Some processes used to last around five days. Now, there are about one day or a couple of hours. This is very good for the user experience of our workers.

We are very satisfied of the privilege account governance feature, because we implemented a lot of processes around privilege account management that we didn't have before, which is a very good thing.

For the recertification and segregation of duties, it's easier to know all the information about our employees. If we need to delete some information, we can do it from a central point, then it can be deleted on all our searches. This is very good for GDPR.

What is most valuable?

The most valuable features of the product are the recertification, segregation of duties, and user experience.

The simplicity of the policy and role management features make it easy to use for implementing policies and configuring them.

What needs improvement?

When you see the product for the first time, it seems very complicated, but it's not. To improve the product, it should be made to seem simpler when you see it for the first time.

What do I think about the stability of the solution?

For the moment, we don't have any problems in production. Therefore, it is a good product.

What do I think about the scalability of the solution?

The product is quite scalable, except for the database which is not highly available. This is where scalability could be improved.

How are customer service and technical support?

We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support.

How was the initial setup?

The initial setup is straightforward and easy to install. If it's your first time with the product, it can be very complicated because there are about 40 to 50 executables. However, when you know the product, it's simple.

The product is quite flexible. In the beginning, the product is an enormous solution. Then, after some training and experience, it becomes easier to implement.

What was our ROI?

It has helped to increase employee productivity.

What other advice do I have?

We are satisfied with the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AM
IT Business Process Specialist at a consumer goods company with 5,001-10,000 employees
Real User
The web front-end needs improvement, but it is very helpful for managing the Joiner/Mover/Leaver process

Pros and Cons

  • "With this product, we been able to bring together HR, IT, and lifecycle management. It is very helpful for managing the Joiner/Mover/Leaver process. We also use it for compliance on all the audits which are around."
  • "The tool is like a big Lego in which you can use the parts that make sense for your organization."
  • "The technical support is non-existent. It is not worth talking about."

What is our primary use case?

We want to bring our on-premise systems under our control, then our cloud solutions under our control.

How has it helped my organization?

With this product, we been able to bring together HR, IT, and lifecycle management. It is very helpful for managing the Joiner/Mover/Leaver process. We also use it for compliance on all the audits which are around.

We have integrated the solution with SAP, which has governance. We need to manage the Visual Administrator and One Identity Manager. The integration is pretty straightforward. There were some bugs with version 6 which are being removed with version 8, which is good. The platform is progressing. Though, some parts of SAP are not covered yet, like GRC.

What is most valuable?

The tool is like a big Lego in which you can use the parts that make sense for your organization.

It has several components out-of-the-box.

The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price. 

What needs improvement?

I would like the sync editor to be able to change labels because currently our concurrent development cannot work on this.

Self-service is important for our end users. However, after three years, people continue calling the help desk, and the help desk is using this solution to make its requests.

The web front-end definitely needs improvement.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Once the solution is configured, the stability is good.

What do I think about the scalability of the solution?

We are an organization with 10,000 employees. This means 100,000 accounts or an account in group tables or approximately one million. We are not really big. It works okay for us as long as we fine tune some parts in the web design. 

How are customer service and technical support?

The technical support is non-existent. It is not worth talking about.

Which solution did I use previously and why did I switch?

We used a homemade solution, which was AD-based. It was a layer on top of AD with Java and Oracle Database in the background, but we had to move to something that can also manage could cloud, which was why we switched.

How was the initial setup?

If you have consultants who do not know the solution nor the target systems, the initial setup is hard. It is my impression that if you are some very huge organization. One Identity will send the best people. If you are unimportant, then you get people who are seeing this application for the first time. This is the only way that I can explain what happen to us in the past.

What about the implementation team?

We used someone at first, who was definitely not good. Then, we used Deloitte France, who was also not good. Then, we use Deloitte Germany, and the solution finally worked. That was three attempts. It was really hard to find good people.

What was our ROI?

On deprovisioning, when somebody leaves the organization, it allows us to better cut access to everything that they had.

Which other solutions did I evaluate?

The finalists were SailPoint IdentityIQ and One Identity. The reason that we chose One Identity was due to the logic of the connectors that they have. From those, we understood that this solution contained expertise on target systems.

What other advice do I have?

If you want real-time management, it can be done within three to five working days with this product. That is how we do things today, so we have a process in place and do it with internal resources.

Bring your processors in under your control. Define what you want and when it works in Excel, then you are ready to buy the solution. It doesn't really matter which solution you would buy, as long as you have things under control.

The policy and role management features are very powerful, but it is hard to make the organization use them in the proper way.

We have not implemented the privileged account governance features.

From the back-end perspective (provisioning engine), I would give it a nine out of ten. However, from the web front-end, I would give it a five out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
DC
Identity Access Management Specialist at GSL Consulting Gmbh
Real User
Privileged account governance, template customization, and Sync Engine are key features

Pros and Cons

  • "Even without any customization, if you install it, configure it, it's ready... It's very powerful. Without any customization, it starts working."
  • "The company policies feature is really good because in workflows you can check whether the policies are all working."
  • "One Identity has a self-service portal but many customers need a helpdesk where they can go in and request. To make that happen we need to do a lot of customization. Maybe that could be improved..."

What is our primary use case?

As consultants, we use it for provisioning, for access management in SAP, for AD access management. In the future, we may use it for many other applications like SafePoint and Office 365.

How has it helped my organization?

It improves organizations because role requests are automated, as are provisioning and deprovisioning; all of that is automated. 

It saves time and improves productivity because otherwise, people would be calling the helpdesk. Productivity is improved because everything is automated. A user makes a request and a workflow is triggered. It sends mails to your manager or to the product owners for approval. If everything is working properly, productivity increases.

What is most valuable?

Even without any customization, if you install it, configure it, it's ready. We may do some small customizations afterward, but the product is really good as is. It's very powerful. Without any customization, it starts working.

There is also a new feature, the Sync Engine, which is very good. Before, without it, the initial onboarding of HR systems was very difficult.

The policy and role management features are good, but not well-implemented in many companies because it's not that easy. It takes time. We are starting to use attestation in our current project and to follow the company policies. It takes time, but the feature is good. The company policies feature is really good because in workflows you can check whether the policies are all working. It's a good feature, but I don't think it is very common in many companies.

In terms of privileged account governance, in all of our previous projects we created privileged accounts and, again, with the new projects, we are going to start managing privileged accounts through One Identity. This feature is good. The new features are really good.

Finally, the product is flexible. We can easily customize almost any part of the system, such as having logic code inside the templates, inside the tables. And we can create processes as well. The customization makes it really flexible.

What needs improvement?

One Identity has a self-service portal but many customers need a helpdesk where they can go in and request. To make that happen we need to do a lot of customization. Maybe that could be improved, but it can be implemented.

What do I think about the stability of the solution?

The current version we have is stable but there are bugs, of course. There are many bugs. Many customers may wait for somebody else to move their systems and after they get the feedback, only then will they move. Each time there is a new release, it takes time to become stable.

What do I think about the scalability of the solution?

It's scalable.

How are customer service and technical support?

Technical support depends on the level. Level-one is not as knowledgeable as level-two. But, overall, their level of knowledge is good.

How was the initial setup?

For me, the setup is easy, because I have a background in Microsoft technologies. That makes it really easy.

What other advice do I have?

We are currently working on integrating it with SAP, but we are customizing a lot of things to fit with the current company's requirements. Their requirements are quite different from the out-of-the-box settings. Next month is the first SAP system go-live.

After the SAP onboarding, we will look at the cloud. I have fixed some bugs in the code for the Office 365 onboarding earlier. That was a very early version with custom connectors to Office 365, version 6. But in terms of a cloud connector, we have not started to work on it yet, in the latest versions.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
TS
Product Owner at DmTech Gmbh
Real User
Its huge toolkit allows for customization and flexibility

Pros and Cons

  • "This solution has helped to increase employee productivity when it comes to provisioning users in our systems. This solution has been really been effective with our retail workers. It wouldn't be possible to onboard and manage our 40,000 store employees without it. The management of the solution is pretty automated."
  • "It's a huge toolkit, and you can do a lot of stuff with it. You can extend nearly everything, so if you want to build something that may not have been though of by the vendor. Compared with other distributors who design their products to certain specification, you can put in your own processes, because not all companies function the same. You can write what you want, and the process should be like that."
  • "They could make the product more user-friendly. It takes a lot of work to build technical and business cases with the product. The solution is more complex than you think to use."
  • "They could improve the support. Sometimes, you make a service request and don't get an answer. Then, sometimes, we don't get a response that we want, and it's frustrating."

What is our primary use case?

We manage companies identities and different legal bodies in it from all over Europe.

How has it helped my organization?

With One Identity Manager, we were able to get a lot of processes digital. A few years ago, we started to give all of our colleagues who were working in the retail stores their own smartphones, so they could use some of these processes. For this, it was key to have a good identity management system, where they could do all that. 

Before that, we were using this tool for shared account management. We were able to do that pretty smoothly, and get everyone a personal account, which was pretty impressive.

We have integrated the solution with SAP. All our retailers can order their own goods for their stores and have access rights. Without this, it wouldn't be possible for everyone to manage their own stuff. We are local decentralized. We are only able to do this because we have the role management input and access rights in the SAP systems.

With GDPR, a lot of colleagues in my company were using this product last May. Especially for GDPR, things weren't that clear, so we built stuff that wasn't really necessary. 

This solution has helped reduced help desk calls. We still could get way better; perfect.

What is most valuable?

It's a huge toolkit, and you can do a lot of stuff with it. You can extend nearly everything, so if you want to build something that may not have been though of by the vendor. You can do this with a partner, as we have done in the past. There is also support for these processes. Compared with other distributors who design their products to certain specification, you can put in your own processes, because not all companies function the same. You can write what you want, and the process should be like that.

The policy and role management features are huge. We have had some problems getting our colleagues onboard using these features. They are used to IT setting up everything. The features in the software are good, but there is a lot of transition you have to do inside a company to get these features working.

The solution is flexible. You can customize everything. You can do what you want in it. Sometimes, it is not unwise to do everything on your own, but you can.

What needs improvement?

We had to customize some stuff in the SAP system, because over the years there has been a lot of customizing in the Identity Manager. It works well, but some features that we would want or that our colleagues are operating and running with the SAP system, we can't really provide, or we have to develop on our own, with One Identity Manager. SAP works well with it, but it could be better.

I would like them to add some lifecycle management features. 

They could improve the support.

When you look at the connectors to Microsoft Edge, we think that maybe it could work. However, when we build a hybrid environment, you can't really use the tools that One Identity Manager is providing. 

They could make the product more user-friendly. It takes a lot of work to build technical and business cases with the product. The solution is more complex than you think to use.

The API server needs improvement.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

The stability is mostly pretty good. Now, we are having some issues with the version 8, where we can get the system to a stage where its not really working anymore. We wonder sometimes, why this box still in the software, and are we the only customers that are using it? Sometimes, we feel as if we are the first one using this product in production. Then, we speak with other customers, and they'll say that they have the same issues. Identity Access Management is middleware and should be top-notch. It can't fail. It has to work on peak performance at the times. When you find errors in the box, then it is a big problem. Even if it's not that important. Our standards are really high for a solution like this.

What do I think about the scalability of the solution?

Before the tooling there were around 80 peoples in IT at the company. Now, we're over 800. In IT and workers everywhere, identities have grown enormously, so there are more help desk calls, but there are now a lot of more identities.

How are customer service and technical support?

Sometimes, it's really good and fast. Sometimes, you make a service request and don't get an answer. Sometimes, you have to use management to get support for a really urgent problem. So that's not always good. Overall, its pretty good, but when you work with the product, you find bugs, and normally, they're fixed. Sometimes, we don't get a response that we want, and it's frustrating. I also see peak times, where it is pretty slow, then the support is really good and pretty fast.

How was the initial setup?

The initial setup was ten years ago. Back then, we had to do a lot of stuff on our own. Therefore, it was not that easy. I think it never is, because a lot of business policies have to change. 

If you were to take the software, and start with it, in a company where you don't really have anything, then I believe it would be pretty easy.However, in a global company, that is using an SAP system or an AD for around 10 years or longer before you even think about getting One Identity Manager, then it gets really hard.

What about the implementation team?

We have had a lot people over the years, like Computer Center and IGF. Some experienced, and some who were not so experienced.

What was our ROI?

This solution has helped to increase employee productivity when it comes to provisioning users in our systems. This solution has been really effective with our retail workers. It wouldn't be possible to onboard and manage our 40,000 store employees without it. The management of the solution is pretty automated.

What other advice do I have?

Don't work too much in the beginning. Focus on what's really necessary and important. Forget the luxuries you have. There are old processes that are really great for some people and look like pieces of artwork. However, the maintenance of them is really expensive. So, know what you really need, what is your business case, and what is important for you. Keep it simple and structured. Then, you will be happy with a solution like One Identity Manager. 

You have to understand the concepts of the software. Then, you can be productive and be happy with it.

We were able, with this solution, to go pretty fast from an on-premise AD and Exchange environment to a hybrid setup with a lot of stuff in the cloud. 

Right now, we're not really using the privileged account governance features. It looks promising. In our organization, it looks promising, but we're not going to go there right now because its another responsibility for someone else in the company. So, while it looks good, we don't have the capacity to go there now.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Riyas Abdulkhader
Security Architect, InfoSec Consultant at Confidential ( Sensitive Industry)
Consultant
Top 20
Allows for large customization. Needs to provide a detailed solution document.

Pros and Cons

  • "Quest One IDM allows for large customization."
  • "Quest Software should provide notes and documents to customers before they buy the product and license."

What is our primary use case?

This was for customers identity management, where there were a huge number of domains and the customer had unnecessarily complicated the system with a lot of parameters and attributes. 

How has it helped my organization?

Larger customization has made the system complex and confusing. The people who deployed it initially did little to document it. This has had a negative, delayed impact on the overall project and solution. 

The good part is Quest One IDM allows for large customization.

What is most valuable?

  • Separated modules and integration allow for more capabilities 
  • Graphical and tabular interfaces
  • VB and SQL front-end and back-end

What needs improvement?

A detailed solution document to registered aspirants and interested people would help them achieve what they require before its tested and pushed to production. Quest Software should provide notes and documents to customers before they buy the product and license.

For how long have I used the solution?

Less than one year.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user725637
owner at Butschke IT Services
User
The Data Importer is a great tool to create an ETL, as it generates code

Pros and Cons

  • "The Data Importer is a great tool to create an ETL. It generates code which is easy to maintain later without the tool."
  • "Some internal structures are in place because of already depreciated functions back from the time when the solution was used for software deployment and as a help desk."

What is most valuable?

Everything (location, cost center, department, business role, etc.) is a role.

The Data Importer is a great tool to create an ETL. It generates code which is easy to maintain later without the tool.

The Attestation function lets you easily define grant/deny workflows based on constellations in the database.

How has it helped my organization?

We were able to connect 300+ SAP clients who were requesting access to SAP roles with the software. We also established an offboarding/onboarding process for SAP clients, as well as other target systems.

What needs improvement?

Some internal structures are in place because of already depreciated functions back from the time when the solution was used for software deployment and as a help desk.

For how long have I used the solution?

Four years.

What was my experience with deployment of the solution?

Versioning requires a lot of customizing effort.

What do I think about the stability of the solution?

No issues.

What do I think about the scalability of the solution?

Web Designer consumes a lot of memory based on certain queries that could let the IIS run short on memory. This could be mitigated with more memory.

How are customer service and technical support?

Customer Service:

Very good.

Technical Support:

Very good.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

No, it is wizard driven. If something went wrong we had to restart from the beginning.

What about the implementation team?

The vendor team had a mixed level of experience, but there were enough excellent engineers.

What was our ROI?

Unmeasured.

What's my experience with pricing, setup cost, and licensing?

Start with an operations team that is motivated to learn a lot in a short period of time. The longer you wait, the more expensive it will be to get the right level of expertise in this area.

Which other solutions did I evaluate?

I was not involved.

What other advice do I have?

Great product, which I would recommend. It has a huge learning curve, but could solve all your IAM challenges. Make sure to have a good team and support from the vendor.

Disclosure: My company has a business relationship with this vendor other than being a customer:
it_user666726
Directory Service Specialist at a tech company with 1,001-5,000 employees
MSP
The data can be manipulated using SQL queries and commands. There are too many configuration interfaces.

What is most valuable?

The data is easy to manipulate using SQL queries and commands.

How has it helped my organization?

The product was initially brought in to replace an unsupported solution. Later on, it became a partner self-service portal, reducing service desk calls to create accounts for business partners.

What needs improvement?

There are too many configuration interfaces. They could simplify the design to not require VB/PS coding to draw the workflows.

For how long have I used the solution?

I have used this solution for three years.

What do I think about the stability of the solution?

The initial connection to the domain and LDAP trees was painful. However, once configured, it was stable.

What do I think about the scalability of the solution?

The product scaled well. We had approximately 8000 users at the time of implementation.

How are customer service and technical support?

There is great technical support. No issues there.

Which solution did I use previously and why did I switch?

We used Novell's DirXML 1.1a. The client opted to migrate instead of upgrading.

How was the initial setup?

The initial setup was complex due to the customer’s complex environment. A third-party service provider was required for deployment.

What's my experience with pricing, setup cost, and licensing?

Licensing can be high. Quest usually bundles with other products, so you can get a better deal.

Which other solutions did I evaluate?

We only upgraded from the same vendor, Novell at the time.

What other advice do I have?

The product has its challenges, but when well configured, it can provide good results.

In Q1IM, at least the version I worked with, it wasn't very intuitive to create processes and you need to actually add code to the boxes in order to customize. I always compare with NetIQ/Microfocus as they have the designer which is easier to elaborate rules.

About the interface, they have multiple applications, such as report designer, webdesigner, designer, object browser, import tool, manager, identity manager, jobqueue info. Its a suit of apps. It takes time to get familiar with them and know which does what.


Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user589356
Senior IT Consultant at a tech consulting company with 51-200 employees
Consultant
A portal for user requests and authorizations which can be customized to display corporate logos and color schemes.

What is most valuable?

The out-of-the-box connectors (SAP, LDAP, MS Active Directory, CSVs, etc.), and the one-stop-shop portal for user requests and authorizations which can be customized to display corporate logos and color schemes.

Additionally, certain “out-of-the-box” features can be configured to not be displayed or affect specific behaviors through the Project Configurator.

Additional customization requiring coding is possible, but requires additional planning, coding, and testing and is out of scope for this project.

In D1IM there are different ways of connecting with targeted systems. Out-of-the-box Connectors could be with:

  • Connected system modules which allow interaction between D1IM and third party systems, with their specific schema extensions, dedicated synchronization templates and business logic. They allow deeper out-of-the-box target system management.
  • Connectors which are predefined synchronization interfaces, developed by Dell, and are highly configurable but cannot be customized!

Interfaces are developed during IdM projects as an additional, customer specific feature of D1IM. This enables the connection of more proprietary or less common systems. Interfaces are easily changed in their functional behavior and implementation.

How has it helped my organization?

With this tool, you can easily orchestrate automation user access provisioning and implement multiple layers of authorizations (4 eyes or 6 eyes principles).

What needs improvement?

  • Implementation of skip logic in user access request forms - this topic cannot been explained easily because it requires a deep dive within the functionality of the Web Portal.
  • Lack of integration with RestAPI - the lack of out-of-the-box RestApi connectors creates some difficulties in integration running infrastructure as code, with DevOps operation (CI, CD, VCS etc.) and managing On Premise and external clouds.

For how long have I used the solution?

We have been using this solution since 2006.

What do I think about the stability of the solution?

We have not encountered any stability issues. The system is rock solid.

What do I think about the scalability of the solution?

We have not encountered any scalability issues.

How are customer service and technical support?

The Dell technical support is good enough.

Which solution did I use previously and why did I switch?

The D1IM gives a rare opportunity to integrate multiple authorizations and authentication platforms into a single portal.

How was the initial setup?

The configuration is complex and requires a good understanding of your existing infrastructure and related protocols for communications.

What's my experience with pricing, setup cost, and licensing?

We have no specific advice about licensing issues.

Which other solutions did I evaluate?

We evaluated Ping One Identity, SAP IDM, Oracle Access Manager, Net IQ Identity Manager, and RSA Access Manager.

What other advice do I have?

Clarify what level of automation is needed in a user access request. Authorization and provisioning is achievable while comparing company needs and objectives.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user368094
Solutions Architect - IAM at a tech company with 11-50 employees
Vendor
It is easy to configure, as it is mostly UI based.

What is most valuable?

Some valuable features are:

  • Easy to configure, as it is mostly UI based
  • Reporting
  • Dashboard

How has it helped my organization?

It has improved the user life cycle operations and IT shop functionalities for our organization.

What needs improvement?

There is a need to improve the use case documentation and coding templates. This product has some limitations when it comes to use case documentation. Generally, when we have any different scenario, we need to post in the blog and only then we will get answers.

For how long have I used the solution?

I have been using this product for the last two years. I have been using the Quest One Identity Manager (version 7.0, 7.1), Authentication Services (latest version), Password Manager (version 5.6.3), Privileged Access Management (latest version).

What do I think about the stability of the solution?

I have not encountered any stability issues.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How are customer service and technical support?

Technical support replies within 1-2 business days. The Quest blog is very useful where the experts will answer the queries mostly on the same day.

Which solution did I use previously and why did I switch?

Previously, we were using more complicated solutions.

How was the initial setup?

The initial setup, installation and basic configuration are straightforward.

What's my experience with pricing, setup cost, and licensing?

The pricing/licensing policy is less when compare to other leading other solutions.

Which other solutions did I evaluate?

We evaluated other options such as SailPoint, CA and Oracle.

What other advice do I have?

This product is very effective and has more capabilities than any other.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Senior Identity and Access Management Specialist at a tech vendor with 10,001+ employees
MSP
The GUI is clean. JobQueueInfo tracks all processes. WebDesigner allows customizations to be added to the web project.

What is most valuable?

  • The GUI is very impressive and clean (even cleaner and minimalistic in v7).
  • JobQueueInfo does an amazing job tracking all processes.
  • Synchronizations are easy to set up.
  • Reporting capabilities are fantastic once you get the hang of using Report Editor.
  • WebDesigner allows a lot of customizations to be added to the web project.
  • Schema and table names are very logical. It is very easy to find something in the database just because of the fact that the naming convention in the schema is very logical and consistent.
  • It's a feature-rich product: a suite of very powerful tools with a lot of functionalities once you get the knack of them.

How has it helped my organization?

  • Auditing becomes easier from an admin perspective.
  • There is more control over everything.
  • Processes are much better defined.
  • People tend to take some functional roles much more seriously. There were some roles that were very old in the organization but the legacy implementations did not grant much value to them. Q1IM's implementation of those roles really enhanced the value and the role members had clear responsibilities/tasks defined that they had to abide by.

What needs improvement?

  • DBQueue processes can bottleneck the system at times. In v7, its apparently re-architectured, and is better. There can be too many of them and they process very slowly, causing actual processes to take a lot more time to complete.
  • There should be a way to define fail-over job servers in process steps. Job servers can become a single point of failure.
  • Better support for Oracle back end databases. SQL support is good and KBs are easy to find. The same level of support should be available for Oracle if the product claims to support it.
  • A better migration tool for v6 to v7 upgrade, especially for the Oracle back end.
  • There should be a way to separate out the front end (IT Shop) from the back-end processes. If the submission of a request through the web portal is done and it gets stuck computing something in the back end, the front end control should still be granted back so that the user can continue navigating freely across the site. Currently, if a request is submitted and it is taking time to process, the front end just gets stuck on a spinning wheel (loading wheel).

For how long have I used the solution?

I have used it for ~2 years.

What was my experience with deployment of the solution?

If the requirements can be met through product configuration, then issues don't arise as often. Customizations (depending on complexity) can be problematic at times.

Transporting change labels across environments can be confusing. It should be noted that the content contained in change labels should be documented right from the beginning of the project and all team members should be on the same page.

It's more about getting used to the correct way of working with the product rather than issues with deployment.

What do I think about the stability of the solution?

I have not encountered any stability issues.

What do I think about the scalability of the solution?

We implemented the tool in an environment with roughly 35,000 active employees and over 2,000 service accounts. A few things I noted were:

  • The web portal (IT Shop) tends to get a bit slow loading information for certain roles that have access to lookup all employees.
  • The admin tools can also get a bit slow while loading too much information at once. For example: Loading user account information under the Active Directory tab in Manager can take a long time.
  • We had various rules defined in our scripts for central account generation. One of those included a check in a history table to avoid granting a user name which has already been used in the past thus avoiding collisions. This caused our contractor account requests through the web portal to become extremely slow. Submitting a user account request from the IT Shop could take up to four minutes at times. We had all necessary columns indexed and the code to generate CentralAccount was written by the vendor team itself but the slowness could not be tackled.
  • There was always a direct relation between the slowness we faced and the number of employees the environment managed. For example: Account requests used to take roughly 20 seconds in our development environment which had roughly 15k users and almost 25k entries in the history table we maintained to avoid username collision. In our production environment, it took way longer since the number of employees increased to ~35k and entries in our history table exceeded 150k records.

How are customer service and technical support?

Customer Service:

Customer service was just average during implementation phase.

Technical Support:

Technical support is decent overall. However, some SRs took way too much time to resolve for the value they provided.

Some escalation engineers are very knowledgeable and troubleshooting sessions with them can be really worthwhile and informative.

Which solution did I use previously and why did I switch?

We previously used legacy scripts with Microsoft FIM as the backend. FIM was too old and not user friendly at all. It was ancient in terms of IDAM and there were far better products with a lot more capabilities.

How was the initial setup?

Setup was straightforward. Initial JobService configurations ends up being a bit confusing.

What about the implementation team?

It was a hybrid implementation: We had an in-house team and a vendor team during the time of development for the first phase of the project. The second phase was done purely in-house.

The vendor team was not good. It was just average. There were a lot of times when we felt communication was lacking from the vendor side and at times, there were mistakes in the implementation, also. We recognized some errors long after the product had gone live. Overall quality delivered during development was not up to the mark. Average experience during the first phase with the vendor caused us to stick to a complete in-house implementation for the second phase.

Vendor teams (at least in the US) should be trained more about the tool's capabilities. I have heard that European vendor teams are much better with a lot more knowledge about the product.

Which other solutions did I evaluate?

Before choosing this solution we also evaluated TIM, OpenIAM, OIM, and SailPoint. All had week-long PoCs with us. We chose Q1IM (at the time, D1IM). SailPoint was a close second.

What other advice do I have?

It is certainly a leading product in the IAM sphere.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user181518
Technical Support Analyst at a university with 1,001-5,000 employees
Vendor
Configuration & implementation was complex as we had complex requirements, but could quite easily be done simply.

What is most valuable?

  • GUI
  • Reporting capabilities

How has it helped my organization?

Allows the delegation of permissions related to identity management and also visual representation of the configuration as opposed to having to go through loads of scripts which was the case with our previous solution.

What needs improvement?

Job server engine -

  • Performance
  • Loadbalancing

For how long have I used the solution?

One year.

What was my experience with deployment of the solution?

Not yet.

What do I think about the stability of the solution?

Not yet.

What do I think about the scalability of the solution?

More than one job server cannot be allocated per target/source system which can be a performance bottleneck,

How are customer service and technical support?

Customer Service:

Good.

Technical Support:

Good.

Which solution did I use previously and why did I switch?

Previous solution was an in house written application. We switched due to support reasons as well as outdated technology and a lack of functionality.

How was the initial setup?

Configuration and implementation is a complex process as we had complex requirements, but could quite easily be done in a simple way.

What about the implementation team?

We implemented via a combination of an in house team and a vendor partner. Their level of expertise was very good.

Which other solutions did I evaluate?

Yes we chose Dell One over Oracle IDM, IBM, NETIQ, and MS FIM.

What other advice do I have?

Have a team of dedicated staff for the implementation who are given enough time to understand the many dimensions of the tool.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free One Identity Manager Report and get advice and tips from experienced pros sharing their opinions.