We performed a comparison between One Identity Active Roles and SAP Identity Management based on real PeerSpot user reviews.
Find out in this report how the two User Provisioning Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"It gives us attribute-level control and the AD management features work very well."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"Rather than implement a basic SSO, this solution assisted us with setting up two-factor authentication."
"What I found most valuable in SAP Identity Management is process automation. The solution also gives transparency about what is happening and why which I find beneficial. Another feature I found valuable in SAP Identity Management is integration. It has very good integration."
"The most valuable feature is the user experience for managing information."
"What's most valuable in SAP Identity Management is that it's easily an out-of-the-box solution for connectivity with SAP applications. We do not have to do any customizations, and this makes the solution very compatible with most SAP applications. SAP Identity Management is also very user-friendly."
"What I like about SAP Identity Management is that it's stable for experienced users and suitable for access management, not just for SAP accounts, but for Active Directory, including file sharing and process sharing."
"The most valuable features of SAP Identity Management are business roles and automated user provisioning."
"The tool's most valuable features are its access control and approval of access requests. The self-service password reset feature is efficient. Role management capabilities streamline user access by assigning and revoking roles."
"It provides basic automatic user administration and role provisioning to save time."
"The solution needs an attestation process that includes certification and recertification attestation."
"Most of the time it just works."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The way you can search groups could be better."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"The ability to send logs to a SIEM would be very beneficial."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"It needs to have the SSO for the HANA modules that SAP is releasing."
"The pricing could be better."
"SAP Identity Management can improve risk analysis and authority checks."
"I have encountered issues with the host authentication feature."
"I find SAP Identity Management complicated to use. Maintaining it is also complex."
"What needs improvement in SAP Identity Management is its compatibility with third-party applications. We'd like to get connectors or plugin settings to make it easier to manage other applications, whether SAP or non SAP applications. As SAP Identity Management is not compatible with non SAP applications, some of the clients are looking for other IDM applications such as SalePoint and Saviynt, so this is an issue we've observed in the solution."
"Research and marketing need to be improved."
"A lack of startup connectors to different systems, and could have better connectors for SAP IDM."
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while SAP Identity Management is ranked 6th in User Provisioning Software with 13 reviews. One Identity Active Roles is rated 8.6, while SAP Identity Management is rated 7.8. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of SAP Identity Management writes "Allows for seamless integration and provides a unified login experience ". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager and Softerra Adaxes, whereas SAP Identity Management is most compared with SailPoint Identity Security Cloud, SAP Customer Data Cloud, Microsoft Identity Manager, Saviynt and Omada Identity. See our One Identity Active Roles vs. SAP Identity Management report.
See our list of best User Provisioning Software vendors.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.