One Identity Manager Reviews

I implement One Identity for multiple use cases, including identity management, access assignment, and workflow automation. I also use it to migrate workloads from the admins to the business owners of the resources that are available in the IT shop.

One Identity increases security and decreases the provisioning time. Provisioning can be completed in a few minutes instead of days. That's a huge difference. It improves governance because you can deal with a problem account much quicker. You can fine-tune the roles to an employee's position in the company. You can give them the exact permissions they need and nothing more.  

It delivers a simple solution for assigning the correct permissions to the right person. One Identity helps us develop an identity-centric zero-trust model. The solution gives us one centralized entity for all the accounts in the connected systems, such as Active Directory accounts, email accounts, application accounts, SAP application accounts, etc. 

One Identity is simple to implement. About 90 percent of the implementation is configuration rather than scripting and creating the connectors. It's quite easy to customize the solution. 

There are too many different user interfaces. For example, one is the designer and another is the manager. There's also a web interface and an object browser. It would be helpful to consolidate all of those into a single administrator portal. 

I have used One Identity Manager for 10.

One Identity is a stable product.

One Identity is scalable. We deploy the solution for businesses of all sizes.

I rate One Identity support nine out of 10. Most of our customers use One Identity's premier support. The main advantage is that they offer 24/7 service, so you can call them on Sunday evening if you need help. 

I previously used SailPoint and OpenText.

Deploying One Identity is straightforward and only takes a couple of days. After installation, you have to onboard the servers, databases, Windows operating systems, etc. The number of people needed during the deployment varies, depending on the size of the project. It is typically deployed at two or three locations. 

One Identity requires some daily maintenance to ensure that everything is working fine. We need to review the logs and extend the functionality for the customer. Sometimes, the client needs to make changes like connecting a new hub system connected, adding applications, changing the workflow, etc. 

One Identity's pricing is similar to that of other products. It might be a little more expensive, but you save time and implementation costs. It's cheaper to implement One Identity compared to Sailpoint and other solutions.

I rate One Identity Manager 10 out of 10. I recommend doing a proof of concept before implementing the solution.

We are using One Identity Manager to manage user access requests. Then we manage the provision, as well as the provision of those users. We get the identities from SAP and then we provide them whatever access they are requesting.

The biggest improvement has been the auditing. Now we have a record of what the users have, what the users have requested and when, and when things were approved. It's all in the same system.

The most valuable feature is the fact that we don't need paper anymore. We came from a paper solution and getting rid of the paper is valuable.

The solution is also flexible. We have customized our IT shop. Because we have so many applications, the solution, out-of-the-box, wasn't good enough for us. So we have customized all our workflows for approvals and it's working fine.

I have some doubts, not about the stability but when they released version 8 we were unsure about the roadmap that they were going to follow. We are waiting for 8.1 before we upgrade.

There's no problem with the scalability.

We have opened a couple of cases and we've had a really good response from the team. Initially, we contacted Professional Services a couple of times, and their answers were pretty good.

We didn't have any solution previously.

The initial setup was complex.

We used a partner. Our experience with them was difficult because the project was really difficult. We had our ups and downs but, in the end, it was good.

For this or any other similar solution, make sure you have the maturity to go forward with an identity management project. If you are at that point, this solution is a good option to look at because it's really flexible. It makes it possible to do a lot of things.

We are getting comfortable with the solution. We're just at the very beginning. We are in production but not for the whole company, so we are not enjoying all the benefits of the solution. In terms of the privileged account governance features, we are not there yet. We are now investigating them and they look fine but, we are progressing slowly.

The solution has helped to simplify compliance, but not as much as we would like because we haven't implemented all the options, all the features yet. We are in the middle of that.

We have integrated the solution with SAP, we need to get identities from it. The integration process with SAP has been the worst. It has been really difficult because our SAP is really customized. The standard connector hasn't been enough, so we have had to create a new connector and it's been really difficult.

I would rate it at eight out of ten. It's pretty new but they are making a great effort to be the best and to focus on the user.

We mostly use One Identity Manager for the tasks of onboarding and offboarding business roles, assigning permissions, and ensuring that we have a record in auditing to fill out compliance needs.

It allows us to do a lot more tasks in an automated way. Previously, we had to do a lot of things manually. Because of the automation, it allows us to assign a resource. We just have to name a resource. This allows us to transfer some tasks to the first line of the service desk, allowing our IT to concentrate more on other tasks and the needs of the business.

The most valuable feature is the configuration of users, especially onboarding and offboarding SAP roles. It is very important this is done in a fast way, especially in connection to the SAP HR system, where we can get a user onboarded as soon as they have the information recorded in HR.

Connections with more clouds systems is already planned. The more that we can use One Identity to connect with other systems to manage all the applications accessed throughout One Identity, the better. I would expect to have more connections and setups to other systems.

Visually, I would like it to be more user-friendly. Version 8 looks visually like version 6, so this still needs improvement in later versions.

The performance is quite bad, but this is because we have a very old version.

We only use the privileged account governance to identify the type of the account where there are no functions designed behind it. This will probably be something that we will develop more in version 8. Because in our current version, we don't want to add more functions with the performance already being poor.

It is not an all or nothing scenario. It's very good that you can choose exactly what fits your business.

We used a partner. So, we don't use the support service directly from One Identity. All the support that we need is done through our partner.

We didn't have a solution to manage identities previously. The need to have an identity management system came from auditing, our SAP needs to have monitoring, and the need to control SAP accounts and roles.

One of the main reasons, in the beginning, to go with One Identity Manager is to have integration with SAP. It's very important to have our business roles and privileged access monitor always up-to-date, especially if you have privileged users and firefighters. You need to monitor their access very carefully.

For version 6, the SAP integration out-of-the-box can be quite exceptional. The configuration might be a bit harder to do in the beginning, but then the functionality and the way it works is very easy and straightforward to use. 

We have reduced about 60 percent of our help desk calls, especially for onboarding and simple tasks that do One Identity automation.

The solution has helped us increase employee productivity when it comes to provisioning users and systems. Now, we have standardization for all countries, where we are in 36 countries, presently. It is very important to be standard in the way you work with the solution. 

Because we have implemented automation to our tasks, we have probably reduced time from a few days to a few hours.

The product is quite flexible. In my previous company, I worked with Microsoft products. Now, I am using One Identity. Its functions are easier to use and more intuitive. You also have more functions available to businesses.

Check the big picture and what exactly the company needs. 

Choose the partner wisely. It's always important to make a successful implementation. 

One Identity Manager is good because it allows you to choose at a granular level exactly what you need for the business.

This is not how it's implemented currently with us, but especially in compliance GDPR and privacy settings, you can have more granular permissions on privileged accounts and be able to monitor who makes changes on the accounts in IDN.

We only have very basic functions now. However, the solution will have an impact on the roadmap of the company and on our company's roadmap of IT solutions to come.

We are tech consultants who deploy One Identity for our clients. Our clients use One Identity for provisioning and deep provisioning users. It is also used for the recertification process and access review. We have integrated One Identity for 15 to 20 clients. Soon, we expect to deploy it for another five to 10. 

The performance could be better. I also think One Identity could improve its documentation for developers. Many of One Identity's features aren't fully documented. We don't have enough information on how to use them.

I have used One Identity Manager for the past six years.

I rate One Identity nine out of 10 for stability.  We haven't seen any downtime. It has worked smoothly since it went into production. 

Deploying One Identity can be straightforward or complex depending on the environment. The time needed to deploy varies with the scope of the project.

We typically have some meetings with the client to understand what they need to integrate with One Identity. We develop custom connectors and move to the production stage if everything is working. 

I rate One Identity Manager eight out of 10. My recommendation to new users is to be patient because it's hard to understand without adequate documentation. It gets easier with time and practice. 

My company has a lot of use cases for One Identity Manager. In my previous company, I've been maintaining the tool, so I used to go to clients who needed improvements and support in terms of provisioning, and I provided those services. Now, in my current company, I'm in the Identity Management team, and my company is using its old Identity system with One Identity Manager, particularly for provisioning, access management, compliance, and certification, apart from identity management.

In terms of what the most valuable feature of One Identity Manager is, that would be hard to say because the tool is great overall. There's not really one feature you'd prefer over other features, but what's really great, in my opinion, is the fact that the provisioning is really stable and accurate, and it's a process my company trusts. This means that without a lot of maintenance, I can be pretty sure that as soon as my alternative source gives a new identity or gives new information about a particular identity, everything will be transformed and executed the right way. My company has tried other solutions and there's always a struggle with the provisioning system in terms of knowing what systems work, but with One Identity Manager, this issue doesn't happen. It's also a really stable system which I like.

Having new features for web developers in the One Identity Manager shop is an area for improvement. Another area for improvement in the tool is its ServiceNow connection as ServiceNow is a major ITSM system player, but the current out-of-the-box feature proposed by One Identity Manager can only make simple incident requests to the system. My company is now in full ICL design, so it prefers for all concerns or requests to be sent properly to ServiceNow, so my company can have better control over the incident requests and be able to sort those out.

The tool fits all my needs today, except for the ServiceNow connector. That's the only additional feature I'd like to see in the next release of One Identity Manager.

I've been using One Identity Manager for three and a half years.

Stability is one of the main qualities of One Identity Manager. It could run even if people go on a holiday for weeks, and nobody would be worried about the tool breaking down. One Identity Manager could work for months even if you don't look at it or check it. It's a well-designed tool.

One Identity Manager is a scalable tool and its scalability is one of the reasons why my company chose it. The tool is capable of evaluation, and it has a lot of different connectors that come out of the box, so as soon as you know what you're doing, it's easy to extend the parameter and add new target systems to it. With One Identity Manager, you can have systems ready for future use. My company has never reached a point where it says: "Okay. There's nothing more you can do with this tool."

I've contacted the support team for One Identity Manager several times. For level one support, particularly when something is broken and I need help, the team's been really quick and accurate. Most of the time, I get the first answer or first contact resolution in less than half an hour as written in the contract, and the support team has really found a quick solution. Every time I face an incident, the team finds a solution to it within an hour. Sometimes it could take a few hours to resolve which is when the One Identity Manager support team provides new patches to implement, for example, the issue started at seven at night and patching would be done at eight in the morning the next day.

For major incidents, I would rate support a five out of five, but if it's just a little incident that does very little harm and is in development, issue resolution would take longer. The support team for One Identity Manager handles major incidents perfectly, so I have no complaints, but if you just have a little incident that appears on your development system and is not really that important, it could take days and days before a technician is sent onsite. This is why my company prefers to work with a partner that is more open to decision, and though the One Identity support team is really there to save your life, it's not there for every incident or situation that you come across.

My company decided to use One Identity Manager because of the large variety of connectors available that lets you connect everything you need, even for future use, as well as the reputation of One Identity Manager in terms of stability. Another reason for choosing the tool is the online forum and YouTube channel that allow engineers to learn more about One Identity Manager without the need to ask a partner each time, so you can be independent of the vendor or partner. The support you get is also another reason my company went with the tool.

Whether the initial setup for One Identity Manager is easy or difficult is hard to say because of other systems that have less functionality but are easier to deploy, and you won't face the same challenges that you'd face when setting up One Identity Manager. It's recommended for you to have knowledgeable engineers who can support you during the setup, especially if you don't have the knowledge on how to set the tool up. Setting up the tool may not be as easy, but considering all the things One Identity Manager can do for you, it's not such a big deal.

If you just want to basic features to be up and running with One Identity Manager, deployment could take a few weeks, for example, if you just want to use an authoritative source and have provisioning, active directory, exchange, and other basic features set up in your company. For a company that has really stable jobs to provision, with role mining that isn't difficult, the tool could be ready and working within a few weeks, but for a large company with a really, really large variety of jobs and regulations, deployment of One Identity Manager could take a few months.

You can get ROI from One Identity Manager. It's worth the money because my company wants to be agile, and if tomorrow, the head of the company says, "Okay, let's open a new area," with One Identity Manager, I can say, "Okay. If you say there'll be three hundred people, tomorrow, I'm able to create accounts with the rules needed for those to work, and it won't be a mess."

With One Identity Manager, even inexperienced people in the team can easily understand how each role works, and if you have a great conception of each role, you can just hire or transfer within days without being worried about whether or not each person has everything he needs to work.

I'm unable to discuss licensing costs for One Identity Manager.

I'm using the latest version of One Identity Manager.

In my company, the tool is still in the deployment stage, but within a few months, all people in the company will be users of One Identity Manager, particularly the portal. There'll be about five thousand users of the tool within my company.

My advice to anyone using One Identity Manager for the first time is to make an audit on your company with an independent partner to be sure if you need the tool because One Identity Manager won't be worth it for every company. You have to match it to your needs, or else you'll never get your money's worth. For example, in a stable company or one that has similar jobs, the tool won't be used a lot. If you have three to ten job types and all of those would be the same after many years, One Identity Manager won't be the tool you need. You can just go for a cheaper tool that can do the job for you, but if you have a complex company and you have to face a lot of regulations, and if you want to adapt more quickly, One Identity Manager is a good choice.

I'm rating One Identity Manager nine out of ten because it fits my need, and though it's complex, it's a learnable product. It also helps my company become more agile and also helps it face new challenges. One Identity Manager is the tool I need, and I like it. The tool helps my company and also helped the previous company I worked for, so I have no complaints about it. It's a tool I like working with.

I didn't give One Identity Manager a perfect score because the connection with ServiceNow isn't there yet, so that's an area for improvement. When you send in an incident or put in a request that's not a standard request on One Identity Manager, you have to make an exception in the way your company should work, and this is another area for improvement in the tool that I also don't like. My company came up with a workaround or a solution to this, but a company such as One Identity should be able to propose a solution out-of-the-box.

My company is both a customer and a partner of One Identity Manager. I say partner because a representative from One Identity comes to my company every two months and listens to feedback about the pros and cons of the tool. I say customer because my company pays for the One Identity Manager license, and if there's an issue, my company makes a request and lets the support team know what makes us unhappy.

We had several tools over time to try to gain control of IAM, but none of them were capable enough for our needs. We simply had too many systems to work with. We wanted one digital identity for each user and a comprehensive view of each user’s entitlements.

Before the implementation, it was necessary to create user accounts to give access to every single information system and application. A lot of resources were needed for development, implementation, support and control of identities and their entitlements. Employees had up to ten credentials for various applications. Now, our users have just one digital identity for all of our systems.

One Identity Manager provides one digital identity for each of the university’s 20,000 users. It also unifies and automates all processes in staff’s and student’s lifecycle by interfacing with other university systems. IAM is now more transparent to IT, students and staff, and helps reduce risk by automatically controlling access according to a user’s status.

This new approach to IAM has created huge efficiencies for IT, especially when it comes to managing more than 300,000 rights. Compared to the situation we had before, IT staff now spend less or almost no time for managing identities and rights.

We are located in Europe, so GDPR is a must for us. So, One Identity solution is helping  with this topic too.

• It gives the best user experience, enabling us total transparency in user access rights.
• We unified business processes for students and staff at enrollment/hiring/graduation/termination of contract in all organizational units of the university.
• It reduced risks by granting adequate access rights to users.
• The best feature is that HR finally took responsibility of it, so not everything is on IT.
• The policy and role management features are important for identity management.

Improve the implementation of additional One Identity Manager’s features. This we are going to focus on after an upgrade to release 8.1 will be finished.

Generally speaking, the solution has great stability, modularity and scalability. We have not had many stability issues until now. However, my opinion is there is still some space to improve performance. Sometimes synchronizations take too long.

We had several tools over time to try to gain control of user accounts and their privileges. But none of the solutions were capable enough to cover all our our needs. We simply had too many disparate systems to work with. We wanted one digital identity for each user and a comprehensive view of each user’s entitlements. Plus, we needed to ensure we could control those entitlements easily.

We noticed that One Identity Manager was positioned well in Gartner’s Magic Quadrant for User Administration and Provisioning, based on its evaluation of One Identity Manager.

The initial setup was complex. We have a lot of different systems. But, we started step by step with connecting active directory for employees to the IAM system and with data and business processes consolidation. Then, we used the same approach for all our students’ identities and related processes. Many processes we had to redesign, but the main benefit is the processes are much more simplified now. Yes, the journey from introducing One Identity Manager solution to joining all the systems was difficult, but we have reached our final goal.

We have a valuable partner located in Slovenia, who is helping us with analysis and architecture. They advise us with many best practices and are responsible for the implementation and technical aspects of the solution.

This solution helped us to reduce help desk calls. Before the implementation, people were calling because they didn't have access to some systems, etc. After the implementation, we implemented the application access metrics - authenticated users may conduct only previously authorized transactions. Now, all our users have access to these applications when they get their digital identity. Thus, there are no more calls to help desk.

While our journey to find a solution was tiring and we invested a lot of work and knowledge, our expectations have been reached and even exceeded. It's really good to invest time and money in a solution which offers you something that all users, not just IT, can use.

Sometimes, the solution is flexible. However, the customer should sometimes be flexible to the solution, as well.

Those who worked on this implementation now spend less time on user rights, etc. While it lowered their workload with this solution, they are now working on something else.

We use it for meeting compliance requirements.

We were able to clear up some audit actions by providing evidence we have a proper, controlled approval process.

In addition, One Identity Manager has helped to increase employee productivity when it comes to provisioning users and systems.

Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes. It helps us set up the correct approval processes.

Better support for version control and multi-threaded development would be helpful additional features. 

The support for DevOps could be improved with quick delivery cycles and multiple delivery streams.

We do have performance problems, but outside of that, it seems stable.

We have some performance problems, so pushing to scale is a challenge.

The technical support is acceptable. We get responses when we raise queries, but maybe not as fast as we'd like.

We worked with a third-party vendor, TCS. Our experience with them was okay but it was difficult to get skilled resources.

We have seen return on investment.

Think about what the out-of-the-box features are in the product and how those map into your business requirements. Perhaps look at revisiting the business requirements to better fit with the product.

We integrated the solution with SAP, given that we already had a significant SAP deployment for our financial services. Because I wasn't involved in that I can't comment on how that process went.

In terms of our cloud strategy, One Identity Manager hasn't impacted it. The solution will fit within that strategy.

I would rate it at eight out of ten. It meets most of our business requirements. We can deliver functionality the users want, but it does need some improvements, in the performance and support for a DevOps-type quick SOC release.

The out-of-the-box connectors (SAP, LDAP, MS Active Directory, CSVs, etc.), and the one-stop-shop portal for user requests and authorizations which can be customized to display corporate logos and color schemes.

Additionally, certain “out-of-the-box” features can be configured to not be displayed or affect specific behaviors through the Project Configurator.

Additional customization requiring coding is possible, but requires additional planning, coding, and testing and is out of scope for this project.

In D1IM there are different ways of connecting with targeted systems. Out-of-the-box Connectors could be with:

• Connected system modules which allow interaction between D1IM and third party systems, with their specific schema extensions, dedicated synchronization templates and business logic. They allow deeper out-of-the-box target system management.
• Connectors which are predefined synchronization interfaces, developed by Dell, and are highly configurable but cannot be customized!

Interfaces are developed during IdM projects as an additional, customer specific feature of D1IM. This enables the connection of more proprietary or less common systems. Interfaces are easily changed in their functional behavior and implementation.

With this tool, you can easily orchestrate automation user access provisioning and implement multiple layers of authorizations (4 eyes or 6 eyes principles).

• Implementation of skip logic in user access request forms - this topic cannot been explained easily because it requires a deep dive within the functionality of the Web Portal.
• Lack of integration with RestAPI - the lack of out-of-the-box RestApi connectors creates some difficulties in integration running infrastructure as code, with DevOps operation (CI, CD, VCS etc.) and managing On Premise and external clouds.

We have been using this solution since 2006.

We have not encountered any stability issues. The system is rock solid.

We have not encountered any scalability issues.

The Dell technical support is good enough.

The D1IM gives a rare opportunity to integrate multiple authorizations and authentication platforms into a single portal.

The configuration is complex and requires a good understanding of your existing infrastructure and related protocols for communications.

We have no specific advice about licensing issues.

We evaluated Ping One Identity, SAP IDM, Oracle Access Manager, Net IQ Identity Manager, and RSA Access Manager.

Clarify what level of automation is needed in a user access request. Authorization and provisioning is achievable while comparing company needs and objectives.