One Identity Active Roles is used in our day-to-day operations to manage Active Directory in a controlled and automated way. The solution handles user accounts, groups, and permissions effectively.

In a real scenario, when a new user joins our organization, we use a template in One Identity Active Roles, and the user automatically receives the correct groups and permissions. When an employee leaves our organization, their account is automatically disabled.

One Identity Active Roles offers multiple best features that provide a good experience in our real-time environment. The delegation of admin tasks is a primary feature. Instead of giving full access to everyone, we assign specific permissions based on roles. For the IT team, we do not need to provide full access.

Since we have implemented One Identity Active Roles, we have seen significant improvements. The process is truly helpful and has positively impacted our environment. We have experienced faster user management, better control over Active Directory, reduced errors, and improved security.

One Identity Active Roles is a very powerful and effective solution that helps us in a positive way. The initial setup took almost one month, and reducing this timeframe further would be beneficial for implementation.

I have been working in my current field for more than two years.

One Identity Active Roles is very stable.

The initial setup took almost one month.

We have not evaluated other options before choosing One Identity Active Roles.

One Identity Active Roles enables faster user management because the user account is automatically fetched from HR tools, eliminating manual intervention from the IT team. This has resulted in a fifty to sixty percent reduction in manual time compared to our previous process. Human errors have been reduced by ninety-nine percent as there is no longer human error in the process.

My advice for those looking to implement One Identity Active Roles for centralized Active Directory management with user control is to consider this solution, as it will significantly help your organization. I have provided this review a rating of ten out of ten.

One Identity Active Roles is used primarily to enforce policy-based control on Active Directory objects, which ensures all changes follow defined rules and workflows, helping us maintain data integrity and governance across our entire architecture.

Policy-based management enforces rules on Active Directory operations such as user creation, modification, and deletion, ensuring that naming conventions and mandatory attributes are applied, which helps us prevent misconfiguration.

One Identity Active Roles offers strong role-based access control and delegation capabilities that improve security by limiting admin privilege, supports automation, and has a powerful policy engine for enforcing standard policies, ensuring consistency across Active Directory operations, which reduces misconfiguration. It also provides comprehensive audit and reporting features that improve visibility into changes.

Compliance with the Active Directory environment has really helped us with audit and reporting capabilities.

One Identity Active Roles has positively impacted our organization by increasing efficiency through automating routine tasks and improving governance through approval workflows, making our Active Directory management workload more structured.

We have seen that it has reduced manual work and we have noticed a reduction in human errors along with a decrease in time efforts, so our team is now able to handle more workload than before.

One Identity Active Roles is working well for our environment and we have not seen anything that needs to be improved as of now. However, the initial setup and configuration can be complex for a new engineer or new organization, requiring Active Directory expertise, which increases deployment effort. The initial setup could be simplified.

I have been using One Identity Active Roles for more than four years.

One Identity Active Roles is stable.

Scalability-wise, there is no issue, and it matches our organization's growth.

I have interacted with the customer support team multiple times, and they are ready to support at any time whenever we raise a ticket, providing concrete solutions for any kind of challenge.

From day one, we have been using One Identity Active Roles and have not used any different solution.

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful and happy with the support provided by the vendor sales team.

We have seen a good return on investment because the automation feature has reduced manual efforts by around thirty to fifty percent and improved efficiency with reduced workload, saving our engineers time.

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful and happy with the support provided by the vendor sales team.

We have not gone for the evaluation of other options.

One Identity Active Roles is a great solution to consider for Active Directory management and for enforcing policies, central management, and great visibility, which will be helpful for any organization. I would also advise starting with defining the roles and whatever policies need to be implemented to ensure smooth deployment. I rate this product a ten out of ten.

I am an implementer for the product. I install Active Roles for companies.

Active Roles helps my clients by reducing erroneous privileged accounts, often cutting them in half. It also reduces IT administrators' time spent on these tasks by 5 to 10 percent.

My clients can save money on licensing. We can bundle Active Roles with other IGA solutions and save on overall service renewal. The solution improves user experience for most users. The end-users generally only use the self-service portion, which they like. It's easy for them to use. Unfortunately, there is one annoying setting that they initially set, but that could easily be remedied in the future. For IT users, it's a mixed bag. Administrators love it. I think it's wonderful. Depending on how the administrators deploy it, the help desk users either think it's great or hate it because they want to use a console.

The best part of this Active Roles is the workflow engine. It features an industry-leading workflow automation feature. It's a visual PowerShell that allows task interruption.

It offers single-pane-of-glass management to a degree. Right now, the Azure side can only be done from the web UI, not the console. The administrative side can only be done from the console, not the web UI.

Conditional access works well. Combined with RBAC, it always works well with Active Roles because Active Roles can do access based on dynamic implementation.

The permission management feature is also excellent, clearly showing delegated permissions. Active Roles tells you when any permissions are done without going into this crazy fine-grained permission strategy that is horrible compared to Active Roles' template-based permissions. You can design on your own. It easily shows where all the permissions are delegated.

Unfortunately, you can't do much with zero trust and Active Roles at the moment unless you combine them with Safeguard. It lines up with using zero trust if you combine a couple of different workflows together.

Active Roles can fix many little problems that have never been resolved and have lingered for years, continuing to annoy people. For example, you can't search by object GUIDs. The manual says you can, but it hasn't worked in five years.

I have been using Active Roles for about 15 years.

I would rate the stability of the Active Roles eight out of 10. It's a fairly stable product but not perfectly reliable.

Active Roles is super easy to scale.

I rate One Identity support 10 out of 10. Customer service and support are fantastic. The support team is very responsive. I love those guys.

I have used KAOSoft and AD Access previously. Active Roles has PowerShell modules and a whole PowerShell backend that none of the other solutions do. That's where they lose the most. PowerShell makes a considerable difference compared to those other applications.

The initial setup is generally straightforward. It takes a week or two for an inexperienced organization to set it up, but I can do it in a day or less. It could involve multiple teams, depending on what you're doing. For example, if you're integrating Exchange, you need Exchange admins to be involved.

Active Roles always saves my clients money, mostly in licensing and service renewal.

The pricing for Active Roles is expensive but not as expensive as other solutions like Okta.

I have evaluated KAOSoft, AD Access, and Okta, among others.

I rate One Identity Active Roles 10 out of 10. Managing singular identities without a management suite is difficult. Active Roles is not an identity and access management solution. It's an Active Directory management suite.

We use Active Roles to bring our decentralized environment into a single pane of glass. Our entire customer base is in a single directory, and they can manage their objects without interfering with other entities in our environment.

We saw benefits immediately. We must have these roles in place in our environment, or we'd be in big trouble. The solution improved our operational efficiency. Instead of manually applying permissions in Active Directory to thousands of OUs, we can do it in five minutes with a command in PowerShell.

It prevents us from erroneously assigning permissions. Active Roles improves our security posture by ensuring permissions are consistent and applied to the correct target every time. By taking the manual work out of the equation, we ensure we don't have any credential leaks.

Active Roles is easy to configure. It isn't a plug-and-play solution, and you need expertise to set it up. However, once you have your templates, it's easy to deploy in a highly decentralized environment. The custom configuration for our customers is fantastic, especially the web interface.

The solution gives us granular control, allowing us to build highly customized roles and apply them across our environment. We have 500,000 separate OUs.

Active Roles could add more options for web customization. Our requirements are exceedingly specific. We'd like to get the web interface down to just five buttons, but in some cases, we can only get to six. The web interface in the current version is less customizable than in the previous one.

We have used Active Roles for 10 years over two periods.

We've had no issues with crashing, but we've had problems with the web interface lagging. We're not sure if that's the infrastructure.

One Identity is pretty scalable. We have SQL on the back end so that we can spin up a VM and bring up a new web interface. It has a new feature where a workflow can run on a dedicated server, and we don't need to use our frontend servers for workflow activities.

I rate One Identity support nine out of 10. We are happy with the quality of One Identity's support team. We get a response within one or two days. Our unique organization has uncommon problems, so we typically need tier 2 or 3 support. The good thing about One Identity is that we don't need to spend a few days convincing them to escalate.

Deploying Active Roles was easy. We had prior experience, and help from professional services made it easier. Our environment is unique, and their professional services helped tremendously with our odd use cases. You can stand up an out-of-the-box deployment in a couple of days. We had one primary engineer and two assistants on the deployment team.

I wasn't involved in purchasing the solution, but I get the impression from management that it's priced about the same as other products, and we get more value from it.

I rate One Identity Active Roles 10 out of 10. My suggestion to future users is to map out your roles with as much granular precision as possible.

We're trying to solve the same problems with fewer products. We're not there yet, but we plan to consolidate, and our customers are happy with One Identity products.