One Identity Manager Reviews

We utilize One Identity Manager for several key processes. Primarily, it manages the entire employee lifecycle, including joiners, movers, and leavers, for identity management. Additionally, we use its attestation module to conduct bi-annual recertification campaigns, validating existing access rights. Recently, we expanded its use to manage cloud entitlements, including EntraID.

We manage user and access management  for over 20 SAP systems using One Identity Manager and do not handle any disconnected SAP accounts.

One Identity Manager governs SAP accounts by linking them to employee identities, ensuring access is managed throughout the identity life cycle. This direct link enables automated processes, such as terminating SAP accounts and associated assignments when an employee is terminated.

One Identity Manager, certified by SAP, delivers specialized workflows and business logic through a dedicated connector for SAP R3 and native support for HANA systems, enabling direct connection to HANA databases. It offers numerous out-of-the-box templates for SAP, automatically loading schemas for users, roles, and assignments upon SAP module activation. While most use cases are covered by these templates, customization is possible for specific needs.

With a tool like One Identity, our organization can manage accounts across multiple target systems from a central identity management solution. This centralized data allows for flexible governance reporting, including custom SQL queries and pre-built reports, to validate information. Governance practices vary between companies but often involve specific access controls, timely re-certifications, and validations by data owners. For example, some companies implement frameworks with defined views, access levels, and re-certification processes to ensure data integrity and security.

The ease of customizing One Identity Manager depends on the user's skill set. Compared to three similar products, One Identity Manager is more straightforward to customize, particularly when modifying VB.NET code or writing SQL statements for reports. While some coding knowledge is necessary, the tool's predefined templates and SDK samples offer helpful references and starting points.

The user experience of the legacy web portal is unsatisfactory due to limited customization options and occasional slowness, especially during backend processes like attestation. However, One Identity is moving towards an Angular-based portal in version eight dot two and newer, which offers greater flexibility, customizability, and improved performance. This new portal may provide a more satisfactory user experience overall.

One Identity Manager helps manage the company structure for dynamic application provisioning. Our IAM system reads the company and department structures to automatically assign entitlements. Based on this structure, users are created, and permissions are assigned.

The business role functionality of One Identity Manager is crucial for businesses, especially from an audit and SOC perspective. Whether utilizing One Identity, SailPoint, or another tool, a solid IAM solution should include comprehensive audit trails, streamlined request processes, detailed approval workflow history, and other essential functionalities to ensure compliance and security.

We have begun extending governance with EntraID and are evaluating the Starling connector which provides access to many other SaaS-based applications.

Over the time we've used One Identity Manager since 2017, it has significantly improved our organization by automating the joiner, mover, and leaver process across all target systems. No more manual account management tasks are needed, which include account creation, updates, or termination when a user leaves the company. It has substantially reduced manual role assignments and made processes fully automated. The major benefit is the attestation process, conducted once or twice a year based on requirements, which ensures no unauthorized or unwanted accesses are left unchecked. It also provides clear reports on user statistics, such as active users, new joiners, and leavers.

We initially started with a small scope but have since expanded to connect numerous systems, automating the mobile egress process. Tasks like account creation, updates, and termination are now fully automated through IAM solutions, eliminating manual intervention. This automation also removes the need for teams to assign roles manually. A significant benefit is the ability to conduct periodic access attestation campaigns, ensuring only authorized users have access. One Identity Manager facilitates this process and provides comprehensive reporting, giving management clear visibility into user activity, including the number of active and inactive users, new hires, and departures.

One Identity Manager helps minimize governance gaps across our testing, development, and production environments. We utilize a three-tiered setup with a transport mechanism to move changes from the development environment to the quality assurance environment and finally to the production environment.

One Identity Manager enhances privileged governance to mitigate security risks associated with privileged users. A custom solution within the One Identity framework allows users to link multiple secondary identities to their primary identity for tasks requiring elevated privileges. This framework provides a robust privilege access management system within the One Identity environment.

One Identity Manager streamlines application access, compliance and auditing. It supports the SOX audit process conducted twice or thrice yearly. For applications connected to the One Identity Manager, governance is managed through the IAM solution itself. Instead of checking the target system, administrators use the One Identity Manager to validate requests, approvals, denials and assignment periods for connected applications.

One Identity Manager empowers application owners and business managers to make independent application governance decisions, eliminating the need for IT involvement and siloed teams. Once applications are onboarded to One Identity self-service model allows users to request roles and the defined approvers to approve them, streamlining the process and removing complexity for application owners. They no longer need dedicated teams for identity and access management or manual user access reviews for compliance requirements as One Identity Manager automates these functions. This simplifies operations and centralizes control, improving efficiency and reducing administrative burden.

Zero Trust is a broad security framework with varied implementations. Currently, our Zero Trust implementation focuses on identity and access management, specifically for privileged roles. To prevent unauthorized or accidental access, a three-stage approval process is required for privileged role requests. This ensures that multiple stakeholders validate the access, embodying the Zero Trust principle of never trust, always verify. While this is just one aspect of Zero Trust, it significantly enhances our security posture by preventing unauthorized access to sensitive systems and data.

Having worked with SailPoint and other identity management tools, I've found One Identity Manager to be quite handy, especially after seven years of experience with it. The framework is robust and flexible, allowing companies to easily adopt and extend the schema as needed. Unlike other tools I've used, One Identity Manager offers a high degree of customization. Even if the out-of-the-box templates or processes don't meet our company's specific requirements, we can readily adapt them, modify them, and build our own processes and templates.

The One Identity Manager web portal needs simplification. While a new Angular portal was introduced with version 8.2, the knowledge base lacks sufficient information and resources. Even with an Angular developer or a One Identity specialist, a knowledge gap exists due to the combination of AngularJS and One Identity schema expertise required. This makes it difficult to find resources that can effectively utilize the portal, highlighting the need for a more user-friendly interface.

One Identity Manager currently offers Long Term Support only for version 9.0. All other versions have a two-year lifecycle with extended support. For organizations managing a complex environment with numerous connected systems, users, and assignments, upgrading every two years is impractical. Extending support for regular versions by one or two years would benefit clients in this situation.

I have been using One Identity Manager for almost seven years.

One Identity Manager is stable, although there have been bugs. Sometimes product versions are released with many bugs, which affects stability. There is a need for extended support for regular versions, especially in large-scale environments where upgrades every two years are not feasible.

I would rate the stability of One Identity Manager eight out of ten.

I would rate the scalability of One Identity Manager nine out of ten.

We sometimes face delays in response from the technical support of One Identity. While we use premier support, the experience can be inconsistent, prompting us to sometimes engage technical and success managers for faster resolutions.

We used SAP IDM before switching to One Identity Manager. The scope with SAP IDM was limited due to its inability to connect multiple systems except Active Directory and SAP system. We looked for a solution that provided greater flexibility in terms of cloud adoption and custom connectors, which SAP IDM did not offer at that time.

While the technical deployment of One Identity Manager can be completed in approximately one month, the true challenge lies in its organizational integration. Developing and connecting the system to existing infrastructure is a complex process that can take several months. Furthermore, ongoing maintenance and onboarding of new applications require continuous effort, making it an ongoing project rather than a one-time deployment.

We worked with a partner for customization but not for training. The partnership was effective, and we continue to engage with them for custom developments that are not handled in-house.

The return on investment was evident in the company's decision to automate processes using the One Identity Manager solution. Previously, separate application teams with dedicated personnel performed specific tasks, leading to higher costs and inefficiencies. With the implementation of the One Identity Manager tasks became automated, resulting in significant cost savings and streamlined processes.

One Identity Manager is fairly priced.

While we evaluated several solutions, we ultimately decided on One Identity Manager for its long-term benefits and flexibility compared to other tools.

I would rate One Identity Manager eight out of ten.

I would recommend One Identity Manager to companies, especially those that might lack prior expertise in identity management. Its predefined framework and comprehensive set of templates make it adaptable and easy to implement.

Our system is distributed across multiple locations globally, with various components and load balancers deployed in each location, including our disaster recovery sites. We have over 50,000 users.

One Identity Manager requires maintenance across its various components, including the tool itself, the database, the job server, and the web component. This maintenance ensures the environment remains operational and efficient. Maintenance requirements vary by component. For instance, web nodes undergo weekly restarts and cache clearing, job servers require service restarts, and other servers need periodic cache cleaning. Different elements have different maintenance schedules: weekly for some monthly for others, and weekly for the database. Overall, maintenance plans are tailored to the specific needs of each component.

My main use case for One Identity Manager is to develop projects from the start that begin from the base installation, including employee lifecycle management such as Joiner Mover Leaver, attestation, access request, and integration with target applications such as databases and Safeguard. I also completed integration with Safeguard, HR systems such as SuccessFactors for cloud applications, and worked with Starling as well.

The integration with target applications is mainly for API applications that we configure with custom scripts to read from the APIs, then save the data either directly to the database or to CSV files. We then have a sync project to read from the CSV file so we can leverage more features from the sync project, including logs, simulation, mapping everything, and previewing the data that will be stored.

I believe the sync project is a great feature that allows us to preview everything before it gets stored in our database. There is also a feature that helped one of my teammates significantly, which was the limited process that could be triggered for job queue.

We use the sync project every day. The job queue is valuable when anything needs to run a process that would execute without a workflow closure or would run against a huge number of rows, which was very useful in some cases. For customers in the Middle East, they are requesting to have the portal in Arabic. One Identity Manager does not support Arabic yet in the web portal. In some cases, we have had to add the localization files ourselves and edit the entire Angular web views, which is a real challenge. The last version 10 does not support Arabic language for the web portal, and I think that would be very useful for the tool if it could be supported.

One Identity Manager impacts my organization positively. We use it for most of our customers that we configure the tool and install it for.

One of the improvements concerning One Identity Manager that I mentioned before is that we need to add the Arabic language for the web portal and APIs.

The Arabic language is the main thing that affects me directly with my customers right now.

I have been using One Identity Manager since day one.

I chose a rating of seven for One Identity Manager because I think it is related to performance. When we try to read a huge number of records, such as from SuccessFactors HR with the Starling connector, the sync project sometimes lags. This occurs even though it is not a huge number of employees—only 800 users. The sync project could take several seconds to open a single record, and the process itself takes a considerable amount of time to finish.

Regarding One Identity Manager support, I think they need to be more accountable. When I describe a technical issue and raise a case with it, they take several days to clarify things that are already clarified in the description I added to the case. When it comes to scheduling a session with support, it takes a long time. However, I think that should be the second solution because it really helps to have direct contact with support to share the screen and show everything from the inside of the environment, rather than just describing things in words.

Neutral

I think that implementers should take deep training from One Identity before they dive into it because there are a lot of features in One Identity Manager, but not all users or implementers know all the features that One Identity Manager is capable of. My overall rating for One Identity Manager is seven out of ten.

We use One Identity Manager for classic identity management tasks like provisioning and de-provisioning. It is employed for user requests and identity governance. It supports a comprehensive setup that includes user access, requesting functionalities, and identity governance measures.

One Identity Manager has improved our organization by providing a centralized identity management solution. It allows us to connect various systems like Active Directory, SAP, and cloud applications, offering a more comprehensive and streamlined view of user identities and access. 

As an administrator, I can see the benefits immediately on deployment because now I have a visualization. Compliance officers also see the benefits quickly. However, for the people I supervise, it's hard to adjust to the idea that everything you do is exposed. Application administrators aren't happy because I can see what they're doing. 

The stakeholders and senior leadership will see the impact only if the people below them can produce good reports. Many reports are out of the box, but you have to deploy them, and people must subscribe. The benefits are immediate for people who deal with the product daily. 

One Identity Manager helps minimize coverage gaps among test, dev, and production servers. The transport feature lets you move whatever you did in development into the test and production. Let's say you need to develop a new workflow in a developer environment. You can move every object related to that workflow to the test and, ultimately, to production. All of that is smooth and clean. 

One Identity helps you streamline application access if there is a policy. A policy can be implemented through the policy engine if a company has a policy. How can they do this without a policy? I won't decide who's supposed to access what for the company. Anything related to access controls starts with the policy and ends with the implementation. It's easy if the company has a policy. 

Application compliance is the same story. Someone has to define what it is. One Identity does not provide tons of compliance already implemented in the workflow. There's no preset for SaaS or HIPAA compliance. 

It can tell you who is a member of an AD group, but it doesn't tell you what application this AD group controls. This information is supposed to come from an application owner, who can say you need to be a member of a specific group to access this application. We can see what happens inside the application if it allows us to do that, but we cannot audit if that person has any business in the application.

One Identity Manager helps us achieve an identity-centric zero-trust model in conjunction with a combination of something like OneLogin or any other access management product. We can control what's happening, but we cannot apply it to the application layer until we have an access control product. 

One of the most valuable features is the ability for business people to input their knowledge about business processes directly into the product. It's a good tool for anyone familiar with business or technical administration. The shopping cart capability for requests and the catalog features were also initially valuable.

It's the best product for providing an enterprise view of logically disconnected SAP accounts. Sometimes, it's doing better than the SAP IG, which probably got discontinued or will be. One Identity Manager helps us connect SAP accounts to employee identities under governance. It is critical because there's no such thing as just SAP, and you want to centralize. You have Active Directory, SAP, and all the cloud applications. Every product has its user accounts, and One Identity allows you to connect them all in one place.

One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP. It lets you do many different things and go as deep as you want. The solution has a whole library of specialized SAP workflows for provisioning. 

You can build a customized web interface that you can do whatever you want with. The out-of-the-box interface for administrators or anybody else can take a little time to understand. It depends on the user's maturity. You must understand what's happening before touching the product. If you have experience using Identity Manager or similar tools, it's highly intuitive. It has so many features that it takes time to adopt, but that's not because it's difficult. 

The business roles are fundamental to role-based access controls. If you don't know how to build roles, it's very hard to do. One of the advantages of this particular product is that you don't have to be a technical person to build the role. You can log in as a business owner with a newly created project and add entitlements, users, or criteria. You can do it manually or using a formula. It's easy to do without any code. 

The client application should transition to a web-based interface to improve administration flexibility. Improvements are also needed in the analytics, peer comparison, and recommendation features, as these areas were added later and require more development. More flexibility in the portal is needed for multi-tenant environments.

I have been using One Identity Manager since 2009, back when it had a different name, Active Entry. I've seen the product evolve over time.

One Identity Manager is a very stable product. The only potential issue could arise from database management, particularly with MS SQL clustering, but with competent support and management, this is not a problem.

One Identity Manager is highly scalable. Its ability to deploy agents across various locations and integrate seamlessly into multi-country operations ensures it can grow alongside business needs without issues.

I rate One Identity support nine out of 10. Premier support offers fast responses, which is critical for banking operations to minimize downtime. The professional and quick handling of issues adds significant value to the investment.

Positive

I have used Oracle, Fischer, SailPoint, Saviynt, and Omada. Omada is particularly notable for its governance capabilities, while Saviynt offers speed in implementation and support. SailPoint is dominant in the market, particularly for compliance capabilities.

If there is no existing database, you must install and configure SQL, which can be time-consuming. However, with a database, the installation is fast, taking about half an hour.

One Identity Manager is priced in the middle range but offers good value due to lower implementation time compared to competitors. Total cost of ownership is crucial where the main expense is in implementation, not licensing.

Other solutions considered were Oracle, Fischer, SailPoint, Saviynt, and Omada. IBM was not used.

One Identity Manager is not for beginners due to its extensive functionality, so it requires prior experience or maturity in identity management to fully utilize its capabilities.

My main use case for One Identity Manager is role management, automated onboarding, and off-boarding processes, which helps centralize user identity management.

When a user employee joins the organization, One Identity Manager helps automate the onboarding process by creating user accounts with automated user provisioning, managing role-based access, and reviewing permissions for managing user identities.

One additional aspect I appreciate about One Identity Manager is how it centralizes identity access management across different systems and simplifies compliance and audit activities by maintaining proper visibility.

One Identity Manager has positively impacted our organization by improving identity governance and automating user lifecycle management, along with enhancing security and compliance by providing better visibility into user access and role-based permissions.

The platform has improved visibility into user permissions and helped mitigate user access-related security risks by enforcing role-based access control and automated governance processes.

The best features One Identity Manager offers include role-based access control and access governance, strong integration with Active Directory, cloud, and enterprise applications, self-service access requests and approval workflows, risk analysis, and policy-based access control.

The self-service access request and approval workflows help my team day-to-day by identifying unusual user behavior through the identity threat detection feature, which reduces manual effort, improves monitoring, and helps maintain better security and compliance across the environment.

The AI-assisted reporting and identity threat detection feature in One Identity Manager helps simplify daily security and compliance tasks, and I wish there were more advanced features available.

I believe report customization and dashboard usability could be improved in One Identity Manager.

It would be helpful to have more simplified automation templates and faster synchronization for very large environments in future versions of One Identity Manager.

I have been using One Identity Manager since last year.

One Identity Manager is stable.

One Identity Manager is highly scalable and works well for medium and large enterprises; it supports hybrid environments and cloud integration, with a standout ability to manage complex onboarding.

The customer support for One Identity Manager is good.

I did not previously use a different solution before One Identity Manager.

My experience with pricing, setup costs, and licensing for One Identity Manager has been generally positive; the initial licensing is flexible and usually depends on the number of user-managed identities and the modules or features being used.

From a security perspective, automated governance and role-based access control in One Identity Manager help reduce the risks of unauthorized access and orphan accounts, indicating a positive return on investment.

Before choosing One Identity Manager, I did not evaluate other options.

I would advise organizations considering One Identity Manager to first clearly understand their identity governance requirements, as well as their onboarding and off-boarding processes. I rate this product a 9.

My main use case for One Identity Manager is company-wide identity and access management and administration. I use One Identity Manager for company-wide identity and access management by implementing data-based automated creation of user accounts and access management.

From my point of view, the best features that One Identity Manager offers are its synchronization in the web portal. I find the standard connectors particularly helpful in the synchronization in the web portal.

One Identity Manager has positively impacted my company by minimizing manual effort. The minimization of manual effort has specifically affected my team by providing time savings, efficiency, and data integrity.

Since it is company-wide, an estimate of how much time my team saves with One Identity Manager is rather difficult, but it definitely has a very large impact.

From my point of view, One Identity Manager could still be improved with a cleanup of legacy. In terms of cleanup of legacy, I would like to see improvements to the form framework, among other things.

I have been using One Identity Manager for four years in the company.

In my experience, One Identity Manager is stable in day-to-day operation, and I would rate it eight out of ten.

I would rate the scalability of One Identity Manager as very high.

The customer service of One Identity Manager is something I would rate six out of ten.

Positive

I have not previously compared or used One Identity Manager with another solution.

Before deciding on One Identity Manager, I evaluated One Identity Active Roles, which was functionally limited to AD administration.

I would not like to add anything else about the features of One Identity Manager. My advice for others who are considering One Identity Manager is to definitely invest in training courses and watch One Identity Manager's YouTube channel online, as the product and this solution are very powerful.

I found this interview to be generally good, but there were some questions where the AI engine got stuck, and I think that could be improved for future conversations. I have rated this review with an overall rating of eight out of ten.

One Identity Manager is a software tool specifically designed to manage and govern employee identities throughout their entire lifecycle within a company. Similar to other governance tools, it ensures employees have the right access to data and applications based on their role, from the moment they are hired until they leave the organization.

One Identity Manager is a centralized platform for managing user access to all enterprise applications. It focuses on governing regular user identities and access permissions, but it does not handle privileged accounts. If we need to manage privileged accounts, we'll need a separate Privileged Access Management solution in addition to One Identity Manager. One Identity Manager can handle all our other identity governance needs, but privileged accounts require a different approach.

Our customization of One Identity Manager has been relatively straightforward so far. This is likely because we took the time to establish a solid architecture upfront. By defining a clear vision and utilizing standard use cases, I believe I played a key role in minimizing the need for extensive product customization. One Identity Manager also appears to scale well to our needs, further reinforcing my satisfaction with our choice.

One Identity Manager's business role feature simplifies access management by reflecting your company's structure. When you move between departments, like from marketing to finance, your access permissions automatically adjust based on your new role. This eliminates the need for manual updates, ensures you have the right access for your job, and streamlines access governance for your organization. Overall, it's a valuable tool for scaling access management across different departments and scenarios.

Many companies use pre-built solutions like SAP for specific needs. One Identity Manager acts as a central hub for managing identities and access across various cloud applications, similar to how companies connect to ServiceNow for service management or Workday for HR. This centralized approach simplifies identity governance for cloud-based applications, making One Identity Manager a valuable tool, though other competing products offer similar functionalities.

Choosing the right tool is crucial, just like picking the appropriate car. A regular car will perform well on city roads, but attempting off-roading with it will lead to breakdowns. Similarly, our company prioritizes on-premise hosting, so One Identity Manager was ideal. As One Identity itself offers on-premise updates alongside cloud features, we won't be reliant on solely cloud-based solutions for new functionalities. This ensures we stay current with identity access management advancements without being pressured to migrate to the cloud, unlike some competitors who prioritize cloud-based updates over on-premise versions. With One Identity Manager, we access all new features, giving our company a significant advantage. Ultimately, success depends on understanding your company's needs and tailoring your chosen tool accordingly.

Having separate test, development, and production environments creates challenges for managing a product. While the product itself can improve efficiency, companies need to invest in installing and maintaining it across all three environments. This can be expensive, especially for less-used environments like testing. However, if the product is installed according to best practices, it can offer significant benefits.

One Identity Manager streamlines procurement and licensing by consolidating identity management within a single platform. This is particularly advantageous because One Identity Manager is part of a broader suite of security products offered by Quest, allowing our organization to benefit from volume discounts and a unified security approach when using multiple Quest products.

One Identity Manager simplifies application governance by managing access decisions, compliance, and auditing. For access control, One Identity Manager determines a user's privileges within an application based on their overall permissions, allowing granular control over what each user can do. This same system facilitates auditing by tracking all access requests and enabling the creation of compliance certifications.

One Identity Manager empowers application owners and line of business managers to handle access governance without relying on IT. However, this requires upfront effort from the company to set up the data structure. For instance, if we don't have a process for assigning application owners, no tool can automatically create that mapping. The tool can only utilize existing data to enforce our desired workflows. This initial data setup might be challenging for our company as it's still under development.

One Identity Manager supports an identity-centric zero trust model, which assumes no inherent trust and relies on verification for every access attempt. This means every action must be audited and approved, requiring a well-structured data model. To fully utilize One Identity Manager's capabilities for identity governance, our organization will need a data engineer who can create this optimal data structure.

One Identity Manager stands out because it offers a wide range of features without requiring complex installation or ongoing maintenance. While many identity governance products necessitate external integration specialists, One Identity Manager's user-friendly interface allows internal staff with some IAM knowledge to manage it effectively after hands-on training. This is particularly beneficial because the product's pre-built lifecycle features, the core functionality of any identity governance tool, are comprehensive enough to address the needs of most companies, including larger organizations, without extensive customization.

One Identity Manager's usability could be better. While user experience isn't a top priority for enterprise applications unlike customer-facing ones where ease of use is crucial, there's still room for improvement within the industry standard. One Identity Manager is on par with competitors like SailPoint and Omada, but overall, enterprise applications tend to prioritize functionality over a sleek user experience.

One key area for improvement is implementing continuous integration and deployment. CI/CD automates deployment across environments, streamlining the process and reducing the manual effort currently required. This would move the company away from a slower, waterfall-style deployment process and improve overall efficiency.

The user interface for submitting IT requests could be more user-friendly. While there have been improvements to the look and feel since we purchased One Identity Manager, there's still room for a more customer-driven experience on the end-user portal.

I have been using One Identity Manager for two years.

One Identity Manager has been stable with no downtime experienced. While the current user and transaction load is low, the system has significant capacity for increased volume and hasn't undergone any formal performance testing. However, based on real-world production use, One Identity Manager appears to be functioning well.

We have premier technical support through the partner. We were not intelligent enough to envision this could be a problem in the future. Luckily, we have expertise in identity access management in-house. Otherwise, it would have been a problem if we didn't have local expertise internally and we bought something that we didn't know how to use and our partner wasn't efficient. 

Our company is currently undergoing a split into two separate entities. Due to this unique situation, we haven't fully transitioned to a single solution. Our original company continues to utilize Omada Identity Governance, while the newly formed company will be implementing One Identity Manager. This transition process reflects the upcoming separation into two independent companies, requiring us to adapt our systems accordingly.

Our initial on-premises deployment of One Identity Manager was straightforward because we handled the two-tier installation ourselves. However, for the cloud version, there's no installation needed since it's pre-configured as a Software-as-a-service offering. Regardless of the deployment method, the most crucial tier is the database, which needs robust security as it stores sensitive information. Both Windows and Linux installations are supported, though Windows is generally preferred.

The actual deployment process can be completed in as little as half an hour, but that's only if all the preparatory work, like opening network ports, is done beforehand. In the worst-case scenario, where you need to do all the setup from scratch, the entire deployment could take half a day.

The implementation was completed in-house with the help of an external system integrator and a consultant from One Identity.

To an extent, we have seen a return on investment.

One Identity Manager's pricing is competitive and in line with what other companies offer. While we may have received a different pricing model due to the multiple Quest products we purchased compared to only One Identity Manager, the overall cost is considered average.

We bought the One Identity Manager license from a partner, but they weren't able to assist with implementation because they lacked experience with the product and even tried to steer us toward a different solution.

One Identity Manager stands out for its on-premise deployment option, allowing full internal hosting, unlike most competitors who push cloud-based SaaS solutions. While cloud offers convenience, our critical infrastructure necessitates on-premise control. One Identity Manager also delivers feature parity between cloud and on-premise versions, avoiding the typical delay where new features go to the cloud first. This flexibility caters to companies with strict security requirements or those who prefer a full cloud migration, making it a truly adaptable solution. The potential downside lies in its architecture, where heavy reliance on a single database creates a single point of failure. However, other drawbacks are yet to be discovered through further use.

I would rate One Identity Manager seven out of ten.

We don't use SAP connectors. One Identity Manager's SAP connector isn't unique; it allows connection to SAP systems like many other identity management products. While it simplifies SAP user provisioning within a centralized system, this functionality is common among competitor offerings.

There's a key distinction between privileged and normal business users. While some privileged use cases can be created, an identity governance tool like One Identity Manager, Omada, Okta, SailPoint, or Aviant alone won't handle them all. These tools focus on general identity management, and for comprehensive privileged access management, we need a dedicated privileged identity manager or privileged access manager alongside them.

Due to the partner's lack of experience with the solution, we received no training or post-implementation support. This highlights a challenge faced by organizations in Denmark, a small country with limited options, particularly in the area of identity access management.

Our One Identity Manager partner hasn't provided the value we expected. While choosing them may have been limited due to licensing restrictions, the consultants they sent weren't helpful enough. It seems our experience might have been better with a different product or a more capable partner for the specific solution we implemented.

Our company has a workforce of approximately 5,000 employees and utilizes roughly 1,000 applications, though not all are fully onboarded. This number is respectable considering the size of our country.

When choosing an identity access management solution, there's no one-size-fits-all answer. It's crucial to understand your specific needs first. Consider factors like your current IAM maturity e.g., do you need privileged access management yet?, scalability requirements, deployment options cloud vs. on-premise, and partner support. Don't be swayed by what others use; focus on what works for your business and regulations. One Identity Manager can be a good option for mid-to-large companies lacking internal IAM expertise, though it may have fewer partner integrators compared to competitors like SailPoint. However, it can be a more cost-effective choice.

My main use case for One Identity Manager is to manage the lifecycle of all people, including internal, external, business partners, and external personnel. We are currently in further development and are connecting several applications automatically to One Identity Manager, which is our main use case.

The best features that One Identity Manager offers include relatively no limitations when it comes to connecting, and if there is ever no API interface, you can create one yourself and write it in.

By using my own solutions such as scripts or email integrations, I can give an example of how I use this flexibility in everyday work. Currently, for an application called Fluency Direct, a custom PowerShell script was created for the automatic creation and setup of users and assignment of groups within Fluency Direct.

One Identity Manager has positively impacted my company through cost reduction and less effort in the individual departments for the technicians who used to manually create users in Active Directory, which now all happens automatically.

One Identity Manager could be improved by better prioritizing and processing bugs when tickets are submitted.

I have been using One Identity Manager for just under three years, as we set up the system almost three years ago.

One Identity Manager is stable in operation.

My experience with the scalability of One Identity Manager has been good.

One Identity Manager's customer support could be a bit faster, but otherwise it is acceptable.

Positive

I did not use another solution before One Identity Manager. I have only been working here for three years, and One Identity Manager has existed since I have been here.

Before deciding on One Identity Manager, I did not evaluate other solutions. One Identity Manager was already in place when I arrived and was then newly set up by us.

I would rate One Identity Manager an eight on a scale of one to ten. I chose an eight because it is very good, but there is still potential in small areas such as the usability itself for the admin within the interface. I find that everything is still not quite clear enough, especially with one or two things in Manager and Designer. You do not always quickly know where you have to click when you are looking for something, and you sometimes search a bit longer.

My advice to others who are considering One Identity Manager for themselves is to definitely hire people who have the skills and can quickly get to grips with an application that is relatively complex. My overall rating for this product is eight out of ten.

We use One Identity Manager for workforce identity and access management. We have implemented basic controls like joiner, mover, and leaver processes for our employees. 

We are integrating our most critical and important business systems and applications into it, handling the access management to those systems using One Identity Manager. 

I like the solution since it is very flexible, and I can basically do everything that I like and need with it. 

I appreciate its automation capabilities a lot. Through automation, we have been able to reduce the number of service requests and tickets to our vendor. We have also managed to reduce the cost quite drastically in that sense. 

Additionally, by automating the access reviews, we have saved considerable time for our business leaders, even talking about several full-time equivalent savings concerning access review automation.

It works well at an enterprise level. We use it as a centralized platform for the whole identity.

It is a flexible system and we can customize it the way we want.

We use the business roles to map company structure for dynamic application provisioning. This is a very important aspect of the solution. 

We use the solution to extend governance to cloud apps and this is very useful for us.

Through automation, we have been able to reduce the number of service requests and service tickets towards our vendor, and we have been able to reduce the cost quite drastically. By automating access reviews, we've been able to save quite a lot of time - up to several FTEs. When we launched the system, we had quite a wide scope and saw results immediately. 

The solution helps us achieve an identity-centric zero-trust model. As you are getting your identity only through a centralized system and also getting all the accesses attached to that identity and all the accounts attached to that identity through one system, then it is possible. We also handle access to any system through that one solution. When we do that, we have a full picture of the identities and what kind of accounts and entitlements they have. Having the full picture and having the governance of the whole entity when it comes to access management allows security to be tight. Also, the controls that we have in place then, for example, joiner, mover, leaver, that helps in maintaining that zero trust principle.

In regards to the front end, the portal that is offered to our users needs improvement. There is room for improvement on that side, particularly in user experience. It is not as intuitive as I would like. If there is something to improve in One Identity Manager, it is the end-user experience. 

The database structure is quite complicated. I don't know if it can be improved or if it can. It will probably be a long journey. The most important thing is to think of our customers, and then the user interface is the part of the system that needs some improvement.

We can customize it, however, we need skilled resources to do so. There aren't as many skilled people in the market.

We launched it in October 2023. However, we started implementing it in 2021.

We rely on vendor support, and I would rate it as ten. We mainly receive support through their partner. 

Positive

We did quite a large comparison when we chose this system, and I see that there are systems in the market which offer the same functionality. However, there are also a lot of systems that are more restricted in the functionality they offer. There are maybe a couple as large and with as many capabilities as One Identity Manager. One Identity Manager is one of the top systems in terms of capability offering. That's the reason why we chose it for our company's purpose.

Our experience was complex, however, it was not due to the system. It was due to the wrongly chosen partner who didn't have the needed skills to implement it properly. 

It also depends on the scope of what needs or is wanted to be implemented as the minimum viable product. I wouldn't say that it's complex, however, maybe not easy either, so maybe something in between.

We implemented via a partner. They are the ones doing the customization if we do any currently. Our partner organized the training, however, the training was given by One Identity itself.

We have been reducing costs and saving several full-time equivalents by using automation.

I would rate the solution overall as eight out of ten based on the bad user interface.