One Identity Manager Reviews

We primarily use the solution for background management. It's used for provisioning and license management. 

The solution has helped a lot with compliance. We can review access and have recertification alerts that make governing very easy. 

It's very easy to roll out. They do have various defaults available, so you have a variety of rollout options.

It is very easy to handle complex requirements. It provides a very good user experience.

I like the user interface. I'd rate it three out of five.

The solution provides an attributes-based setup, a dynamic role setup, and many other features for enterprises. It provides a single platform for enterprise-level administration. 

It has an easy user experience. It's great. From an intuitiveness standpoint, I'd rate it three or four out of five. It tries to make it easy for administrators to fulfill requirements, even if it needs to be customized. 

The customization is top-notch. It's the best compared to any other tool we've used. It fulfills a lot of needs. I'd rate the level of customization three out of five. 

While I haven't really used the solution's business roles to map company structure for dynamic application provisioning, leadership has used it for this purpose. My understanding is that it is quite good.

The product does help minimize gaps in governance coverage for test development and production servers.

It's helped us to achieve an identity-centric zero-trust model.  We are able to set up dynamic rules centrally. 

The interface can be a bit complex for an administrator to manage. I've used it for a long time; however, for a bit, I was confused. They need to work to make it easier to understand more quickly.

I've been using the solution for a year and a half. 

The solution has great stability. I'd rate it eight out of ten. 

We had 20 to 30 resources involved in the solution. The scalability is very good. I'd rate the scalability seven out of ten. There are some slight challenges, moreso related to human error; however, beyond that, scalability is great.

Technical support has been responsive enough. We do use premium support. You get a great response time and it helps us manage things very smoothly. It also offers support for many different regions. They've helped a lot with integrations. 

Positive

I have used different solutions in the past, including CyberArk. This solution, however, is great for identity governance. 

There was no problem with the deployment process. It took around a week to implement - maybe less than that with planning in place. It usually takes about two weeks to deploy.

The product is fairly priced. 

I'd rate the solution eight out of ten. 

I'm a customer of the vendor. 

We used One Identity Management for 15,000 employees of a financial services firm. In addition to the IM functionality, we leveraged One ID for Identity Governance - including access certifications.

We had automated provisioning of users based on HR data. This automatically created 4-5 base accounts and birthright access for users. In addition to that, we leveraged the IT shop to request roles for users which, for the most part, automatically provisioned access to users.

In addition to this, we used the Attestation features of the product to aid in our User Access Reviews.

There were significant productivity benefits over our previous platform with the increased automation which took the process of onboarding staff down from days to minutes. It allowed user self-service for additional access. The approval process was tracked and auditable.

It also improved our security controls with tighter de-provisioning, where we would automatically terminate a user's access when they left the company. In addition, regular user access certification campaigns were undertaken to review staff access and to ensure staff only had the access required to perform their role.

As the team supporting the platform, one of the key features One Identity Manager has that was very valuable was the administration interface which allowed a quick easy overview of staff, their entitlements, and how they had were entitled to access.

Centralizing identity management allowed for a centralized governance model. 

The IT shop is a great tool that allows a simple interface for users to see their access, be able to request additional access, and view the workflow approval process to understand where their request is and what any hold-ups may be. 

The blessing and curse with One Identity Manager was its flexibility and the ability to solve business problems in a number of ways. We fell into that trap of over-customization which made upgrading the product difficult. An improvement would be to offer guides on how you should set up a base configuration. There should also be integration guides to key systems like Active Directory.

In addition to that, we had some slowness with the IT shop when we had significant amounts of data, users, etc., in the system and there were some slow database queries that needed to be optimized and patched. This caused some slowness when running Attestation campaigns. 

I used the solution for over 6 years.

Overall, the tool was stable. Our issues were mostly around customizations and bad data.

The tool is scalable and can include a number of the usual infrastructure scalability options.

Technical support was good, for the most part, especially when the local support team understood our level of expertise. If we were raising a problem it was a real problem and we were put through to the level 3 support quickly.

We had a previous Identity Management Solution and we swapped it out as the old solution had little investment in its user interface and we needed a better interface for our users to be able to self-service effectively.

It was a complex setup process, however, it was the first time it was done in the country 7 years ago. Getting the product installed was straightforward. It would be important to follow a proper SDLC with requirements being a key initial piece of the puzzle to help you maintain costs.

We used a mix of vendor and in-house resources on the project. Like the in-house resources, the vendor at the time had no prior knowledge of the tool so it was a learning journey for both sets of resources.

When we started the journey 7+ years ago, there was a limited skill set in the market, and that is still the case today. 

Like all Identity Management projects, setting firm requirements upfront is important to maintain costs.

We did evaluate other options, however, I wasn't involved in that process.

Look to limit customizations where you can; it can be easier to customize the tool in the short term, however, it can result in significant technical debt and effort in the future.

My primary use case for the solution for the last several years was migrating from version 6 or older to version 7 or 8. Most of the time, we implement new features, optimize existing features, or do project management for the customer.

Our customers have a higher degree of automation and compliance. The product has a good self-service portal, which makes the IT processes a lot better and easier for the end customer.

We have integrated the solution with SAP. Our customer wanted us to do the implementation for web-based administration. They wanted to have easier access to provision their accounts into their system. Because until then, most of the customers were inputted manually. Now, they can automate it, which makes it a lot easier. They can monitor the segregation of duties, such as the financial aspects of it, in SAP.

There are so many different connectors out-of-the-box, and the solution works fine. Overall, the product works well and is very good tool, which functions well.

It's pretty flexible because you can use it in almost every way you want. It is very open. It provides good insight on all the basic job chains, and you are free to use, extend, or change it.

I am waiting to see the new API for the web.

There are several smaller parts of the tool that have room for improvement. One Identity currently is in the development process of fixing these issues.

It is quite stable if you know how to use it right. If you have a good implementation, it is really robust. 

The technical support is pretty good because we can reach the right person directly. We also get escalated quickly, if necessary, to the development team. So far, it has been a good experience.

There is a good support team if you have issues. There is a really nice path to get in touch with them.

The initial setup was pretty straightforward because the documentation is really good. It was even easy to train junior employees in our company since the documentation is easy to read and straightforward.

This solution has helped to reduce help desk calls for a lot of customers because of the password reset. People can now reset their own passwords. That is a great benefit for customers.

This solution has helped to increase employee productivity when it comes to provisioning users.

Look at one or two videos online on the One Identity YouTube channel. Get in touch with some of their people and possible get a short preview of their products. That is the easiest way, so you can set up a test environment pretty fast be shown how simple the processes work. 

One Identity has a very strong community combined with the tool. They also have a very good relationship between partners, customers, and themselves.

It is easy to extend the product for custom purposes. 

We are using One Identity Manager to manage user access requests. Then we manage the provision, as well as the provision of those users. We get the identities from SAP and then we provide them whatever access they are requesting.

The biggest improvement has been the auditing. Now we have a record of what the users have, what the users have requested and when, and when things were approved. It's all in the same system.

The most valuable feature is the fact that we don't need paper anymore. We came from a paper solution and getting rid of the paper is valuable.

The solution is also flexible. We have customized our IT shop. Because we have so many applications, the solution, out-of-the-box, wasn't good enough for us. So we have customized all our workflows for approvals and it's working fine.

I have some doubts, not about the stability but when they released version 8 we were unsure about the roadmap that they were going to follow. We are waiting for 8.1 before we upgrade.

There's no problem with the scalability.

We have opened a couple of cases and we've had a really good response from the team. Initially, we contacted Professional Services a couple of times, and their answers were pretty good.

We didn't have any solution previously.

The initial setup was complex.

We used a partner. Our experience with them was difficult because the project was really difficult. We had our ups and downs but, in the end, it was good.

For this or any other similar solution, make sure you have the maturity to go forward with an identity management project. If you are at that point, this solution is a good option to look at because it's really flexible. It makes it possible to do a lot of things.

We are getting comfortable with the solution. We're just at the very beginning. We are in production but not for the whole company, so we are not enjoying all the benefits of the solution. In terms of the privileged account governance features, we are not there yet. We are now investigating them and they look fine but, we are progressing slowly.

The solution has helped to simplify compliance, but not as much as we would like because we haven't implemented all the options, all the features yet. We are in the middle of that.

We have integrated the solution with SAP, we need to get identities from it. The integration process with SAP has been the worst. It has been really difficult because our SAP is really customized. The standard connector hasn't been enough, so we have had to create a new connector and it's been really difficult.

I would rate it at eight out of ten. It's pretty new but they are making a great effort to be the best and to focus on the user.

The primary use case for us is to follow the identity lifecycle, starting from feature improvement up to many accounts along with targeted systems.

It has improved the way of operations functions. 

It has partly helped with GDPR, especially with HR.

The most valuable features of this solution are its handling and that it is easy to maintain and manage the data.

The solution is flexible in connection with the controls. For example, it's easy to implement, easy to handle, and understandable to configure.

The user interface needs improvement.

I would like a secondary account approach out-of-the-box, as this would be really useful. Additionally, it would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes. 

The stability has improved over time. 

It is easy to scale up. However, obtaining additional resources additional are an issue.

We have not been much in touch with their technical support, which is a good sign for the product, since it mostly working.

Our previous solution (IBM) was outdated.  

The complexity of the initial setup varies. The Active Directory may be considered less complex then connecting a SAP system.

We have a consultant, who helps us in wrapping up solutions and connecting the current systems to one another.

This solution helped us to increase employee productivity when it comes to provisioning users or systems. It is what the solution was designed for. In some cases, it has gone down from days to hours/minutes.

To a certain extent, it has helped us reduce help desk calls by five to ten percent.

It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation.

We had a shortlist of three vendors: SailPoint IdentityIQ, IBM, and One Identity. We looked at functionalities, what came out-of-the-box with each product, and what needed configuring.

The product is a nine out of ten because 80 to 90 percent of our requirements are out-of-the-box.

Consider the speed of implementation, amount of customization, and the authentications if you are comparing between tools. Operations is also a topic: Is it easy to operate and is there a dedicated operational team? 

We have integrated with SAP because SAP has connected systems.

I like the integrated approach of the privileged account governance features. 

The out-of-the-box connectors (SAP, LDAP, MS Active Directory, CSVs, etc.), and the one-stop-shop portal for user requests and authorizations which can be customized to display corporate logos and color schemes.

Additionally, certain “out-of-the-box” features can be configured to not be displayed or affect specific behaviors through the Project Configurator.

Additional customization requiring coding is possible, but requires additional planning, coding, and testing and is out of scope for this project.

In D1IM there are different ways of connecting with targeted systems. Out-of-the-box Connectors could be with:

• Connected system modules which allow interaction between D1IM and third party systems, with their specific schema extensions, dedicated synchronization templates and business logic. They allow deeper out-of-the-box target system management.
• Connectors which are predefined synchronization interfaces, developed by Dell, and are highly configurable but cannot be customized!

Interfaces are developed during IdM projects as an additional, customer specific feature of D1IM. This enables the connection of more proprietary or less common systems. Interfaces are easily changed in their functional behavior and implementation.

With this tool, you can easily orchestrate automation user access provisioning and implement multiple layers of authorizations (4 eyes or 6 eyes principles).

• Implementation of skip logic in user access request forms - this topic cannot been explained easily because it requires a deep dive within the functionality of the Web Portal.
• Lack of integration with RestAPI - the lack of out-of-the-box RestApi connectors creates some difficulties in integration running infrastructure as code, with DevOps operation (CI, CD, VCS etc.) and managing On Premise and external clouds.

We have been using this solution since 2006.

We have not encountered any stability issues. The system is rock solid.

We have not encountered any scalability issues.

The Dell technical support is good enough.

The D1IM gives a rare opportunity to integrate multiple authorizations and authentication platforms into a single portal.

The configuration is complex and requires a good understanding of your existing infrastructure and related protocols for communications.

We have no specific advice about licensing issues.

We evaluated Ping One Identity, SAP IDM, Oracle Access Manager, Net IQ Identity Manager, and RSA Access Manager.

Clarify what level of automation is needed in a user access request. Authorization and provisioning is achievable while comparing company needs and objectives.

We want to bring our on-premise systems under our control, then our cloud solutions under our control.

With this product, we been able to bring together HR, IT, and lifecycle management. It is very helpful for managing the Joiner/Mover/Leaver process. We also use it for compliance on all the audits which are around.

We have integrated the solution with SAP, which has governance. We need to manage the Visual Administrator and One Identity Manager. The integration is pretty straightforward. There were some bugs with version 6 which are being removed with version 8, which is good. The platform is progressing. Though, some parts of SAP are not covered yet, like GRC.

The tool is like a big Lego in which you can use the parts that make sense for your organization.

It has several components out-of-the-box.

The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price. 

I would like the sync editor to be able to change labels because currently our concurrent development cannot work on this.

Self-service is important for our end users. However, after three years, people continue calling the help desk, and the help desk is using this solution to make its requests.

The web front-end definitely needs improvement.

Once the solution is configured, the stability is good.

We are an organization with 10,000 employees. This means 100,000 accounts or an account in group tables or approximately one million. We are not really big. It works okay for us as long as we fine tune some parts in the web design. 

The technical support is non-existent. It is not worth talking about.

We used a homemade solution, which was AD-based. It was a layer on top of AD with Java and Oracle Database in the background, but we had to move to something that can also manage could cloud, which was why we switched.

If you have consultants who do not know the solution nor the target systems, the initial setup is hard. It is my impression that if you are some very huge organization. One Identity will send the best people. If you are unimportant, then you get people who are seeing this application for the first time. This is the only way that I can explain what happen to us in the past.

We used someone at first, who was definitely not good. Then, we used Deloitte France, who was also not good. Then, we use Deloitte Germany, and the solution finally worked. That was three attempts. It was really hard to find good people.

On deprovisioning, when somebody leaves the organization, it allows us to better cut access to everything that they had.

The finalists were SailPoint IdentityIQ and One Identity. The reason that we chose One Identity was due to the logic of the connectors that they have. From those, we understood that this solution contained expertise on target systems.

If you want real-time management, it can be done within three to five working days with this product. That is how we do things today, so we have a process in place and do it with internal resources.

Bring your processors in under your control. Define what you want and when it works in Excel, then you are ready to buy the solution. It doesn't really matter which solution you would buy, as long as you have things under control.

The policy and role management features are very powerful, but it is hard to make the organization use them in the proper way.

We have not implemented the privileged account governance features.

From the back-end perspective (provisioning engine), I would give it a nine out of ten. However, from the web front-end, I would give it a five out of ten.

We use it for meeting compliance requirements.

We were able to clear up some audit actions by providing evidence we have a proper, controlled approval process.

In addition, One Identity Manager has helped to increase employee productivity when it comes to provisioning users and systems.

Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes. It helps us set up the correct approval processes.

Better support for version control and multi-threaded development would be helpful additional features. 

The support for DevOps could be improved with quick delivery cycles and multiple delivery streams.

We do have performance problems, but outside of that, it seems stable.

We have some performance problems, so pushing to scale is a challenge.

The technical support is acceptable. We get responses when we raise queries, but maybe not as fast as we'd like.

We worked with a third-party vendor, TCS. Our experience with them was okay but it was difficult to get skilled resources.

We have seen return on investment.

Think about what the out-of-the-box features are in the product and how those map into your business requirements. Perhaps look at revisiting the business requirements to better fit with the product.

We integrated the solution with SAP, given that we already had a significant SAP deployment for our financial services. Because I wasn't involved in that I can't comment on how that process went.

In terms of our cloud strategy, One Identity Manager hasn't impacted it. The solution will fit within that strategy.

I would rate it at eight out of ten. It meets most of our business requirements. We can deliver functionality the users want, but it does need some improvements, in the performance and support for a DevOps-type quick SOC release.