Please share with the community what you think needs improvement with One Identity Active Roles.
What are its weaknesses? What would you like to see changed in a future version?
The ability to send logs to a SIEM would be very beneficial.
For the AAD management feature, it needs to improve the objects that we can manage and the security. I know that they have everything in road map, so they probably will include everything in a year or a year and a half. I would like them to support a cloud solution. This is important for us. They have it on their roadmap. For now, they only have basic options for cloud-delivered services. We are in the prospect of looking for a customer who wants a cloud-only solution, but will wait for the new features, which will probably be available in one year. The should try to move everything to a web interface. More solutions are trying to use a web interface. They need batch processing, but that is in the road map, and that's okay. They need better language support. While they have a language pack, it's not always available at the same time as the product. Sometimes, when we install it in other countries, they don't have the language pack, then our customers complain about this.
For what we use it for, there are no additional features it would need.
Active Roles allows policies and there are a lot of example policies that come with it. It has Access Templates and there are a lot of Access Template examples in it. It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task but that are not enabled. I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch.
* Web console – it should have more customization options in terms of look and feel of the landing page * Workflow policies – Additional policies for folder access provisioning * Bring back attestation – Attestation feature is dropped from ARS. This should be brought back