One Identity Manager Reviews

We use One Identity Manager for identity governance.

One Identity Manager provides a single platform for enterprise-level administration and governance of user data and privileged accounts.

One Identity Manager provides a good user experience and intuitiveness.

After the training, basic configuration and customization are quite easy to do. For complex customization, we need to consult a consultant.

The business role's functionality is not that important at this time, but it will become more important as we grow using the application.

One Identity Manager makes provisioning easier, and it's a modern solution.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. This has made the process more automated.

We have started the process of closing the gap between privileged and standard users. As we progress along our roadmap, we will see the gap shrinking.

It helps streamline application access decisions.

One Identity Manager helps with application compliance and application auditing.

One Identity Manager has helped us to achieve an identity-centric zero-trust model. This automates tasks and reduces manual steps, which leads to fewer errors.

I like the customer-facing portal because it is simple to use for end users. Some of the features are also easy to configure.

The customization process should be simplified.

I have been using One Identity Manager for four months.

The SaaS version has stability issues.

One Identity Manager is scalable.

The technical support team's response time needs to be improved.

Neutral

We previously used the legacy Sun Identity Management application, which was no longer supported. Therefore, we decided to switch to One Identity Manager.

The initial deployment was complex, primarily due to business needs, rather than One Identity Manager.

Configuring and testing took months, and we had a team of 20 people involved in the deployment.

We partnered with iC Consult.

iC Consult helped us implement and customize One Identity Manager.

iC Consult trained our staff. 

We are satisfied with their performance.

Our One Identity partner also helped with post-implementation support. We could not have deployed the solution without them.

One Identity Manager is fairly priced.

I would rate One Identity Manager seven out of ten.

We have it deployed globally. Currently, we have 100 people using the solution but it will eventually be used by 6,000 people.

The maintenance is completed by One Identity.

I recommend doing a proof of concept before implementing One Identity Manager.

We use it to manage the roles that everybody receives for our network. We use it to create an overarching business role and then we have individual, direct assignments to provide extra permissions where needed.

It definitely makes the overall structure extremely organized. It doesn't help to minimize gaps in governance, but it definitely helps the administrator see exactly where the gaps are so that issues can be resolved.

It also helps streamline aspects of application governance including application access decisions and application auditing. In terms of auditing, for every application we use, we undergo an audit, mainly for the number of roles we are allowed to give out and the access that everybody is allowed to have. With One Identity, we are easily able to pull up the individual roles and it tells us exactly who has a given role.

One of the valuable features is that it is relatively organized. I definitely appreciate that aspect. It is also relatively simple to use with a very easy flow to the GUI. The user interface is really top-notch. Whatever we need to do with it, we are able to see just how to do it right away.

Customization is also fairly easy. There really isn't a whole lot to it.

And one of the main things that we use it for is the creation and modification of business roles. That way, we can assign just one role to a user and they have all the permissions that they would need. We also use the solution to extend the governance to cloud apps. For users who need to work with the cloud on a daily basis, it makes assigning their privileges a lot easier.

There is a small area inside the administrator's GUI that could be a little bit more organized.

I have used One Identity Manager for about three years.

It seems pretty stable. I haven't seen it go down.

The scalability seems to be on par with what we need. We're able to add and remove exactly as needed.

The other solution that I used was Active Directory.

I was not involved in the deployment. But in terms of maintenance on our side, it is just the typical configuration of business roles and direct assignments.

One of the variables it really depends on is the replication time that is set for it to replicate and pull all of the new changes that have been made from the user GUIs. But I work with a relatively large network, so our replication time is different from that of an average company or user.

I have a very positive opinion of One Identity Manager. In all honesty, it's the best application that I've used. I give it my 100 percent recommendation.

We are a company in the health sector, with about 50,000 employees from six different health organizations. We use the solution to help automate all the processes around hiring and firing. We have automated as many processes as possible around user accounts and mailboxes, and file and folder administration. And with the IT Shop, customers can request permissions themselves.

Back in 2014, it took us six workdays to get an employee what they needed to do their work. The creation of the user accounts required two days, and the creation of the user mailbox and the assignment of permissions took another four days. Now, we get data from HR when a new hire begins and we have the user account, mailbox, and default permissions for the organization available approximately two hours later.

The initial setup process for an employee is straightforward. We set up processes for user accounts and we can add other processes to them. Our goal is to automate all user-permission and user-administration processes with One Identity and we are doing that more and more.

It has helped to simplify compliance. We are subject to compliance rules. Using the solution, a manager has the ability to check out which permissions an employee has and to make changes to the permissions.

We have also integrated One Identity with SAP. Every one of our customers uses SAP and we have the synchronization agent for SAP in different landscapes. The integration process between One Identity and SAP is simple. We don't have to do many steps to integrate SAP landscapes. We just have to start a new synchronization process and that's fine. The SAP integration gives us the ability to make rules for SAP accounts and SAP role assignments. And what is very impressive is the way it handles role assignments. We have more than 2 million role assignments for just one of our customer's employees.

Among the most valuable features of One Identity Manager are administration from Active Directory and Azure Active Directory, as well as administration from Exchange. These features enable us to have fully automated processes to create new accounts and new mailboxes. The most valuable option is the ability to design an automated route to give our customers permissions.

The solution is also very flexible. We can adjust all the standard processes that One Identity comes with and we can create new processes. We can always change whatever we need to change.

The web interface has room for improvement. It could be more performant and the design of the web interface is relatively complicated. It could be simplified.

I have been using One Identity Manager since 2013. I was formerly a consultant for Quest, beginning in 1998.

We don't have any problem with the stability of the solution. We have problems with the stability of our own processes and the systems that are behind One Identity.

We have 50,000 employees. That speaks for itself regarding the scalability.

One Identity support has been fine. We always have good, professional feedback and solutions, and the communication has always been okay.

Positive

As an organization, we started the deployment with one of our customers in 2010 and completed deployment for all of our customers in 2016. Every system requires different processes and knowledge. We were able to set up some things in a really short time. Others took more time because we needed to learn the system and how it works.

We are a team of four employees who design and customize the whole system. Our company has 80 support engineers on the help desk, and on our customers' sites there are between four and 10 employees who have read-only access for the One Identity system.

We have worked with One Identity and with their partners, including IPG and Devoteam. In 2014, we worked with One Identity in our environment to deploy the IT Shop.

APG provided training for me and my colleagues. It went very well. We were stronger in our skills after the training and it was done very professionally. They also helped us customize the solution for our particular needs, the first time. Now, we understand things and we can customize the system on our own. Their assistance, along with Devoteam, in customizing things was very helpful. They customized the whole system and we learned from them.

We have seen ROI due to the better performance we now have in getting employees working. That is very valuable. In addition, we have the self-service via the web interface. That helps with return on investment because every call to our help desk has to be paid for by our customers, but with the web interface they can do things on their own.

It's not cheap, but the pricing is okay. Other applications cost about the same.

Take your time in deploying the system and know the processes you want to support with it. Knowledge of the processes you want to support is the main thing.

As consultants, we use it for provisioning, for access management in SAP, for AD access management. In the future, we may use it for many other applications like SafePoint and Office 365.

It improves organizations because role requests are automated, as are provisioning and deprovisioning; all of that is automated. 

It saves time and improves productivity because otherwise, people would be calling the helpdesk. Productivity is improved because everything is automated. A user makes a request and a workflow is triggered. It sends mails to your manager or to the product owners for approval. If everything is working properly, productivity increases.

Even without any customization, if you install it, configure it, it's ready. We may do some small customizations afterward, but the product is really good as is. It's very powerful. Without any customization, it starts working.

There is also a new feature, the Sync Engine, which is very good. Before, without it, the initial onboarding of HR systems was very difficult.

The policy and role management features are good, but not well-implemented in many companies because it's not that easy. It takes time. We are starting to use attestation in our current project and to follow the company policies. It takes time, but the feature is good. The company policies feature is really good because in workflows you can check whether the policies are all working. It's a good feature, but I don't think it is very common in many companies.

In terms of privileged account governance, in all of our previous projects we created privileged accounts and, again, with the new projects, we are going to start managing privileged accounts through One Identity. This feature is good. The new features are really good.

Finally, the product is flexible. We can easily customize almost any part of the system, such as having logic code inside the templates, inside the tables. And we can create processes as well. The customization makes it really flexible.

One Identity has a self-service portal but many customers need a helpdesk where they can go in and request. To make that happen we need to do a lot of customization. Maybe that could be improved, but it can be implemented.

The current version we have is stable but there are bugs, of course. There are many bugs. Many customers may wait for somebody else to move their systems and after they get the feedback, only then will they move. Each time there is a new release, it takes time to become stable.

It's scalable.

Technical support depends on the level. Level-one is not as knowledgeable as level-two. But, overall, their level of knowledge is good.

For me, the setup is easy, because I have a background in Microsoft technologies. That makes it really easy.

We are currently working on integrating it with SAP, but we are customizing a lot of things to fit with the current company's requirements. Their requirements are quite different from the out-of-the-box settings. Next month is the first SAP system go-live.

After the SAP onboarding, we will look at the cloud. I have fixed some bugs in the code for the Office 365 onboarding earlier. That was a very early version with custom connectors to Office 365, version 6. But in terms of a cloud connector, we have not started to work on it yet, in the latest versions.

We use One Identity Manager to synchronize SAP inbound and outbound Exchange data. More generally, we aim to synchronize data between target systems, such as those used in banking or other companies, and One Identity Manager.

One Identity Manager includes a default SAP connector that we utilize. Its simplicity is evident in connecting to SAP sites through a straightforward click or by completing a connection filtering form. We can easily establish mapping and workflow for SAP sites, making it a streamlined process. While exceptions may exist for specific customers, we can accommodate their needs by customizing workflow mappings based on their requests. Overall, the SAP connector provided by One Identity Manager is remarkably user-friendly and accessible to all, in my opinion.

We've used the web designer module, but it won't be available next year. One Identity has transitioned from web designer to Angular web development, offering complete freedom to create custom web pages and websites. While Angular requires JavaScript knowledge, it provides unrestricted development capabilities, unlike the complex web designer module. New employees struggled with learning web design, but Angular's accessibility empowers developers to modify everything within the One Identity website and backend, including database interactions and custom code development. This flexibility makes One Identity Manager a powerful tool for connecting various systems and databases.

Business roles are crucial for our customers because they are an essential identity management tool. Without them, we'd need to manually authorize every employee and group. However, Business roles allow us to create and assign business roles automatically. This is vital for our customers as we develop best practices for business workflows. A key component is creating business websites, for which we establish job descriptions and roles. Subsequently, we automate role assignments based on organization or title, which significantly streamlines our processes.

One Identity Manager is user-friendly for the end user.

One Identity Manager significantly simplifies application auditing. The auditing site we use extensively is one of its most valuable features. One Identity Manager is remarkably effective for auditing because it empowers us to create and deliver new attestation or compliance tools. We can generate all these audits through both the website and Manager modules. The audit screen on the website is exceptionally user-friendly. Customers consistently praise the audit feature, and we have received no complaints about the auditing site. We are highly satisfied with using the audit site for One Identity Manager.

One Identity Manager's most valuable asset is the ability to customize its front-end website.

The One Identity Manager documentation could be improved. Despite using the solution for six years, I encounter difficulties understanding certain features due to unclear explanations in the documentation. Additionally, while the One Identity Manager community has the potential to be a valuable resource, the community site does not effectively assist all users.

The report site could be improved because while One Identity Manager offers around forty default reports, our customers find them insufficient for their needs. Consequently, we must create custom reports to meet their specific requirements. Although building custom reports within One Identity Manager is straightforward, enhancing the existing default reports would greatly benefit our users.

I have been using One Identity Manager for six years.

I would rate the stability of One Identity Manager nine out of ten. While all software products are prone to errors or bugs, I have encountered none, specifically in version nine. Compared to previous versions like eight and seven, which did experience issues that required resolution, version nine represents a significant improvement in stability and reliability, making it the best version of One Identity Manager thus far.

One Identity Manager is well-suited for large-scale environments, making it an ideal solution for enterprise clients.

We use Premier Support from One Identity Manager. They respond quickly to our tickets, and our customers are extremely happy with the support.

Positive

The deployment is straightforward and takes a week to complete.

Prices in Turkey are high due to inflation, a challenge we've heard about from our customers. We understand that European consumers may have different expectations, but we must reduce the pricing to attract customers.

I would rate One Identity Manager nine out of ten.

Generally, we don't utilize a governance site but instead rely on an identity management site. Initially, our customers define the SAP architecture or structure, outlining user roles that must be created and associated with specific rules. We then establish the SAP site's structure and architecture, focusing on user management before addressing roles. Subsequently, we incorporate the business side to enable dynamic role calculation for users by creating business rules for role management and assigning roles to users.

I highly recommend One Identity Manager to others. Its ability to develop everything within a single platform is incredibly valuable for customers. Many other products or software often encounter challenges or require custom development, but One Identity Manager offers a comprehensive solution. Its simplicity and customization options make it a standout choice. While I haven't used other identity management products extensively, I am familiar with some features of competitors like SailPoint. However, One Identity Manager's flexibility allows for modifications to accommodate specific needs, unlike some out-of-the-box alternatives.

We use One Identity Manager to control what our users access.

Having a single platform helps streamline operations and connect to multiple systems, centralizing information for improved access and efficiency by eliminating the need for redundant software.

The UI is intuitive and user-friendly, so it doesn't require much training.

One Identity Manager has helped streamline our processes. Now we are all synced and data is not lost between teams.

One Identity Manager provides governance helping minimize the gaps within our test, dev, and production servers.

One Identity Manager provides governance helping minimize the gaps between privileged users and standard users.

One Identity Manager helps streamline application auditing.

The self-service functionality of One Identity Manager is arguably the most valuable feature. It allows us to easily initiate access requests for new hires through a user-friendly interface. This information is automatically sent to HR for review. Similarly, for departing employees, the intuitive interface enables us to import their details and trigger the termination process seamlessly.

I would like to have more advanced features and reporting added to One Identity Manager.

I have been using One Identity Manager for four years.

I have not experienced any stability issues with One Identity Manager.

One Identity Manager is scalable.

I would rate One Identity Manager a seven out of ten.

No maintenance is required on our end.

I recommend that organizations considering One Identity Manager ensure it aligns with their use cases and user base before implementation.

Our company hosts our on-premises application with this solution. It is not a complete SaaS product but rather a hosted environment in their tenancy. 

We have an internal team of four administrators and site developers who manage the solution and provide support to 2,000 employees. Our operational model includes contracting with professional services for new development, managing releases, and deployment. 

The solution is a typical, conventional IGA but the tool itself offers many options for customization. Some other products are easier to implement but don't have the same customization capabilities. 

The product must include SaaS in the future. 

The use of the administrative tools is cumbersome because too many are required for configurations. For example, the solution requires master usage of eight different client tools so it is excessive to manage the product. A small fix or deployment requires opening three or four different client tools that are not intuitive or easy to use.

The user experience and interface need additional improvements. Version 8.2 included improvements to the GUI and the inclusion of Angular JS which is better. However, the interface for 8.5 is a bit basic. 

Mastery of VB.NET is required to develop using the solution. Most developers use Java or .Net and VB.NET kills the vibe. We have to use VB.NET internally when working within the solution and that really needs to be modernized. To be honest, no developer is interested in learning VB.NET because it is a substandard language compared to newer options. 

I have been using the solution for six years. 

The solution is very stable and we rate it a twelve out of ten. However, reaching that stability is torture. 

We had issues and bugs because of customization requirements and it took us a year to go live. Too many custom processes cause issues even though the end result is stable. Gathering things to implement and install takes time. In our case, the implementation document for us to go live was 500 pages and that was a bit terrifying. 

The solution is scalable and the database is the key element in integrations. Everything connects to the central database which is a benefit because then the database becomes the central configuration management tool. If you upload DLL code to the database, it pushes it to other components. It is a well-designed central configuration approach. 

This approach can be a bit of a drain on performance because everything is connected to the central database. It is important to keep on top of database health with the solution.

Support needs to be better because this is a framework-style product and your own developer needs to be able to work efficiently with theirs. Sometimes a problem is in the development code, not the core product functionality. It takes too much time, as operational support to investigate and find the root cause. The solution offers amazing functionality for the framework, but if you didn't write the code yourself you are in trouble. 

For example, if a third party writes code and then their involvement ends, an issue in production that needs support won't get it because the third party's code error is an unsupported area. 

If your company's active management processes are not aligned with ISO or NIST standards, a lot of customization is required and this is the best solution. For ITSM, this is also the solution to use. 

If your processes are aligned then other solutions are appropriate. For a product like SalesPoint, the solution might be ServiceNow. 

The initial setup is very complex and I rate it a four out of ten. 

Deployment depends on the project scope. If the project is smaller, you can connect with Active Directory and auto RMS on the same day. However, if you want joiners, movers, or leaders to go live, it becomes more complex. 

The pricing is good and I think more money is made out of selling professional services than the product itself. 

Developers who have worked with the product won't need the assistance of professional services. It is easy to implement once you are accustomed to the product. 

Someone new to the product would need 20-30 days of services a year and in that scenario, it is expensive to develop and maintain. 

I rate this solution a six out of ten. 

We use One Identity Manager for every need. We use it for provisioning, cataloging, approvals, connecting to systems, and also for trying to figure out what's going on, governance, reporting, and provisioning changes. It's also for leavers, joiners, and movers. The solution is for everybody.

In terms of what I found most valuable in  One Identity Manager, it's the only product where the workflow and the catalog can be configured on roles or by business people. You don't need to know the technology at all to configure that, so this is the product's biggest advantage as well as its strongest feature. One Identity Manager is also business-oriented and IAM administrator-oriented.

A room for improvement in One Identity Manager is its analytics. Though it's getting better from version to version, the analytics feature still needs improvement.

I would appreciate more analytical features in the next release of One Identity Manager, so I can do a better analysis. Another vendor, for example, has a self-certification system where you can send people, then create a type of profile or screen for each person, and the person can see his entitlement and the risks behind that entitlement, so then the person makes a decision on whether he wants to keep or let go of it, and that's an out-of-the-box feature that would be good to see in One Identity Manager.

Another feature I'd like to see in One Identity Manager that would be very interesting is integration with SIEM or any log collection product for both access and usage. For example, I'd be able to see that I have access to a particular application and also get information on how many times I've accessed it in the last year, last few months, etc. It's a feature that would be great to have in One Identity Manager.

I've been using One Identity Manager since 2008.

One Identity Manager is a very stable product. Because the product is Microsoft-based, it all depends on how good your Microsoft database administrator is. One Identity Manager is a product that sits completely in the database, so if your database cluster is administered right, you'll be fine.

Scaling up One Identity Manager is extremely easy.

I've contacted the technical support team for One Identity Manager, and the team was very helpful and very knowledgeable.

We previously used different solutions, particularly SailPoint and Saviynt. We compared those with One Identity Manager and we found out that among those three solutions, One Identity Manager has the best feature from a business management standpoint and from an identity standpoint, plus we're a Microsoft shop and One Identity Manager being a Microsoft based product also makes a big difference, especially as the solution has a natural integration with Active Directory and many other tools provided by Microsoft.

In terms of how easy it is to set up One Identity Manager, it depends on who you're talking to. For me, the initial setup is extremely easy and very self-explanatory, but I'm someone who has twenty years of experience.

How long the deployment of One Identity Manager takes would depend on your scope. The average deployment is between three to six months.

I've seen ROI from One Identity Manager.

The licensing for One Identity Manager is per user, per carbon life, specifically, it's per people, and not a per-identity licensing model. For example, if I have two hundred people, or if I have someone with several identities, I'm only paying for it once. I don't remember the exact cost of One Identity Manager because I wasn't the one who paid for the license.

We evaluated SailPoint and Saviynt apart from One Identity Manager.

I don't remember the exact version of One Identity Manager I'm using, but it's the latest supported version.

Everybody uses One Identity Manager in my company because everybody's making requests, but the average number of users of the product is between thirty thousand to forty thousand.

My advice for anyone who's interested to use One Identity Manager is to find a good partner who can help you go through the product because no matter what product you buy, you need someone who can guide you. You should also have dedicated people who can learn and administer the product from the get go, not just when it's live or in production, but from the time of installation and implementation, because One Identity Manager is a great product and you need to watch how it's configured. Unlike in SailPoint and Saviynt where there's a lot of code involved, One Identity Manager is a product that has a configuration you can still understand when you're sitting next to somebody configuring it, so it's best to start learning the product from day one. You should also take notes and write documentation about what you've learned and what you did, even if you found it easy to configure, so many different people can do configurations in your place, and for you to also keep track of the versions and who did what, what this particular workflow does, and what this configuration does because if you're not doing the configuration all the time, you're going to get lost on it without documentation that you can reference and follow.

I'd never give a solution a rating of ten out of ten because the perfect solution doesn't exist. I'd be rating One Identity Manager a nine, and the reason for this rating is that if you think about implementing any identity governance tool,  the biggest amount of money you spend is not on technology, and the biggest amount of time you spend is when you're talking to businesses to understand processes, then translate those into the actual implementation. That would take up the most time in terms of processes. One Identity Manager helps you make it shorter because people in business can, instead of describing what's going on, if you train people right and let them go into the product and configure it because there's no technology involved, you can save yourself plenty of time responsibility-wise and access-wise, and this is what makes One Identity Manager a nine out of ten for me.

My company is a customer and partner of One Identity Manager. I'm a consultant for companies that have the solution. I'm also a partner who installs and offers consulting around One Identity Manager along with other products. I'm also a partner of Saviynt, SailPoint, and Microfocus. I also have experience with Oracle and Fisher.