We are using One Identity Active Roles to simplify our Active Directory administration, such as controlling delegation access and automating routine tasks including user management activities.

One Identity Active Roles offers many valuable features that function very smoothly, including delegation administration, automated user management, approval workflows, and auditing details. These are the best features based on my experience.

What stands out the most in One Identity Active Roles is its ability to securely delegate routine Active Directory tasks without granting full administrative privileges. Combining this with automation and policy-based control really helps us reduce manual efforts.

One Identity Active Roles has positively impacted many areas within our organization by simplifying Active Directory administration and reducing manual efforts. It improves operational efficiency with the help of automation and delegated administration, leading to very positive outcomes.

In terms of governance and security, One Identity Active Roles provides very valuable add-on features, offering strong governance while not being heavily AI focused. It helps us enforce least privileged access and improves accountability while mitigating the risk of unauthorized changes within our Active Directory environment.

The accuracy and reliability of output from One Identity Active Roles are very high, as it provides very accurate results.

We use the fine-grained permission control feature of One Identity Active Roles, which has been very effective in supporting our least privilege strategy. For example, help desk staff can perform password resets and account unlocks without receiving full Active Directory administrative rights, providing security and reducing the number of highly privileged accounts in the environment.

My impression of the automation capabilities of One Identity Active Roles has been very positive. User account creation, group membership assignments, and account updates can be automated through predefined policies and workflows, allowing the correct attributes, permissions, and groups to be applied automatically based on organizational requirements.

One Identity Active Roles helps improve our compliance processes by enhancing control, visibility, and accountability within Active Directory, strengthening governance, and simplifying the audit and compliance process.

I believe the initial setup could be more simplified to allow for better and faster deployment.

I have been using One Identity Active Roles for almost two years.

One Identity Active Roles is a stable solution.

One Identity Active Roles is a very scalable solution that can handle organizational growth over time.

Customer support for One Identity Active Roles is very responsive and effective. Whenever we face technical issues, we raise a ticket and they are ready to provide support.

I believe the initial setup could be more simplified to allow for better and faster deployment.

We are seeing a very good return on investment with One Identity Active Roles by reducing manual efforts, which in turn saves us time and money. This solution provides a significant benefit, allowing us to complete tasks forty to sixty percent faster than before.

My advice to any organization considering using One Identity Active Roles is to deploy it, as it will be a great decision. During the deployment phase, I recommend identifying the Active Directory tasks that consume the most administrative time and focusing on automating those processes while taking advantage of all the useful features. I rate One Identity Active Roles nine out of ten because it is a very powerful solution providing great features and a smooth operational process.

One Identity Active Roles streamlines Active Directory operation and maintains better control over user accounts, groups, and administrative commissions on a day-to-day basis.

Whenever a new employee joins the organization, changes departments, or leaves the organization, One Identity Active Roles helps automate account updates and access changes without requiring any manual intervention, which is helpful to keep user access accurate and up to date.

The best features One Identity Active Roles offers are centralized Active Directory administration, access delegation, and user life cycle management.

Centralized administration is helpful because from different tools, I can get visibility from a single console, and the access delegation capability is very useful.

Since using this solution, there has been a great positive impact within the organization, achieving simplified user administration, faster execution of access changes for employees, and very good visibility into administrative actions.

The faster execution has reduced errors because access changes are automatically done by the solution instead of being changed manually, which saves significant time.

One Identity Active Roles provides strong governance and security through rule-based administration and approval workflows, which ensures changes and control are audited.

In terms of accuracy and reliability of output, One Identity Active Roles provides consistent output, and the automated workflow and access management process work very accurately, helping to reduce manual errors.

Fine-grained permission control is helpful for implementing the principle of least privilege; an administrator receives only the specific information that is required for the job function instead of assigning broad administrator rights.

The ease of integrating One Identity Active Roles with existing IT infrastructure and directory services is very smooth; it is a process-by-process step, so there are no issues with this integration.

My impression of the automation capabilities provided by One Identity Active Roles is very positive; it addresses repetitive administrative tasks and maintains consistency. For example, when new employees join, it can automatically create the user account, assign the appropriate group members, and apply naming standards.

The impact of One Identity Active Roles on compliance efforts is very positive; there is a compliance-ready environment because of good visibility, and every administrative action is tracked. Approval workflows help ensure that access changes follow established policies, making audits easier.

One Identity Active Roles has streamlined and simplified the complexity and workload of administrative tasks related to Active Directory because of its ability to automate routine tasks and provide dedicated administration.

My experience with the delegation of administrative tasks through One Identity Active Roles has made the process easier since most tasks are automated, allowing specific responsibilities to be assigned to different teams without giving them full Active Directory privilege, which has significantly improved security.

The initial setup of One Identity Active Roles could be simplified because it requires effort in designing workflows, delegation policies, and the administrative process, which necessitates expertise for this solution.

I have been using One Identity Active Roles for more than two years.

One Identity Active Roles is stable.

The scalability of One Identity Active Roles is very good; it is a very scalable solution.

The customer support for One Identity Active Roles has resolution within timeline.

One Identity Active Roles has been used since the beginning; there was no switch from a different solution.

The initial setup of One Identity Active Roles could be simplified because it requires effort in designing workflows, delegation policies, and the administrative process, which necessitates expertise for this solution.

There have been great money savings and time savings with One Identity Active Roles.

The experience regarding pricing, setup cost, and licensing is handled by a different team.

Other options were not evaluated before choosing One Identity Active Roles.

My advice for others looking into using One Identity Active Roles is to start with the POC, get hands-on experience with all feature sets, and after that, proceed with the solution. Before implementation, define Active Directory administration and delegation requirements, and start by automating repetitive tasks such as user provisioning and password resets. I would rate this product a 9.

My main use case for One Identity Active Roles is user provisioning and group administration, workflow automation, access management, and employee onboarding and offboarding processes. When a new employee joins, One Identity Active Roles automatically creates the account, applies the correct policies, assigns role-based security groups, and routes approval if required.

The main focus of how I use One Identity Active Roles is user management through onboarding and offboarding, lifecycle management, access control, and reducing manual administrative effort through automation.

The automation capabilities are one of the strongest features of One Identity Active Roles. I mainly use them for user onboarding, offboarding, group assignments, and access approval workflows. For example, when a new employee joins, the account creation and non-role-based group assignments happen automatically through predefined workflows, reducing manual work, improving consistency, and helping minimize provisioning errors, making identity management much more efficient and controlled.

The main use case is automation of processes such as employee user management, onboarding, and offboarding. The automation process makes these tasks smooth and fast, allowing administrative work to be reduced and time to be saved.

The best features One Identity Active Roles offers in my experience include workflow automation, delegated administrations, user provisioning, de-provisioning, role-based access control, auditing, and hybrid Active Directory management. A workflow engine is especially valuable because it automates repetitive tasks such as onboarding, offboarding, and access requests, which saves time and reduces manual errors. I also appreciate the delegated administration features because they allow teams to handle specific tasks without giving full AD privileges, improving both security and efficiency, while the auditing and reporting capabilities are very useful for compliance.

Workflow automation has reduced repetitive manual work through onboarding, access requests, and account management, while delegated administrations allow support teams to handle routine tasks without full AD access. This has improved efficiency, reduced bottlenecks, and strengthened security through better access control and auditing.

I would like to highlight the auditing and reporting features of One Identity Active Roles because they provide good visibility into changes and help with compliance and troubleshooting. The fine-grained delegation and centralized management across Active Directory and cloud environments are also very valuable in our day-to-day activity.

One Identity Active Roles has impacted our organization positively because the biggest benefit has been reducing manual administration through automation and standardized workflows. Tasks such as onboarding, offboarding, group assignments, and access requests are now much faster and more consistent than before, thus helping create a more structured identity management process across the organization.

There are several positive outcomes since implementing One Identity Active Roles. Overall, the biggest gains have been time saving, improved consistency, reduced manual error, and better operational efficiency rather than a direct headcount reduction.

There is room for improvement in One Identity Active Roles. Based on my experience using it for the last two years, I see potential for a more modern UI, simpler workflow customization, and easier reporting. While the product is very capable, managing complex workflows and hybrid environments can sometimes require deeper expertise than expected, so better cloud integration and troubleshooting visibility would also be valuable improvements.

In terms of needed improvements, I would like to see enhancements around the reporting dashboard and cloud-focused management features. While the core functionality is strong, most of the improvements I would like to see are around usability, visibility, cloud management, and making advanced features easier to configure and maintain rather than major gaps in the product itself.

I have been using One Identity Active Roles for the last two years.

One Identity Active Roles is stable.

One Identity Active Roles is definitely scalable. I purchased this for its scalability and have seen its ability to handle increasing numbers of users, groups, access requests, and administrative tasks without major issues. The automation and delegation administration features help a lot because they reduce the workloads on administrators.

Customer support is quite good.

Before switching to One Identity Active Roles, user and access management was mainly handled through native Active Directory tools, manual processes, and a few scripts. As the environment grew, those methods became hard to manage and audit, so I adopted One Identity Active Roles to automate routine tasks, improve delegations, strengthen governance, and reduce manual effort.

I would say the integration of One Identity Active Roles with our existing IT infrastructure and directory services was very straightforward overall, especially because our environment was already based on Active Directory and Microsoft services. The initial integration with Active Directory was relatively smooth, and One Identity Active Roles fit well into our existing identity management process, designed to work across AD, Entra ID, and Microsoft 365, which helped simplify administrations in our hybrid environment.

I did not purchase One Identity Active Roles through AWS Marketplace, as I use AWS as a part of our hybrid cloud environment, but the licensing and procedure were done directly through our organization's standard software procurement process rather than through the AWS Marketplace.

I have seen a positive return on investment mainly through time savings and operational efficiency. While I do not have exact financial figures, a good example is onboarding and user provisioning. Before One Identity Active Roles, creating accounts, assigning groups, and validating permissions was largely manual work, taking around twenty to thirty minutes per user, but with automated workflows, that process now takes just a few minutes for standard requests.

I have utilized the fine-grained permissions control and delegated administration features quite extensively. One of the biggest impacts has been supporting the least privileged principle by allowing users and teams to perform only the specific administrative tasks they need without giving broad Active Directory access. For example, help desk teams can handle password resets and account unlocks, while application owners can manage only their own groups and resources.

In my experience, the pricing is at an enterprise level, but the setup and licensing were justified by the automation and governance features. Setup required planning and configuration, but licensing was straightforward, and the long-term operational benefits provided good value.

I evaluated Microsoft Native Active Directory tools, ManageEngine ADManager Plus, and some identity governance platforms such as SailPoint. I selected One Identity Active Roles because of its automation, delegation administration, auditing, and strong Active Directory management capabilities.

For others considering One Identity Active Roles, my advice would be to first check your user management process and how onboarding and access management would be taken care of before deployment, starting with key automation use cases. If implemented properly, One Identity Active Roles can save a lot of administrative effort while improving security and compliance, so it is important to clearly define your governance model, roles, and approval processes before deployment.

My experience with delegated administration has been very positive. Before One Identity Active Roles, most routine requests had to go through senior Active Directory administrators, which often created delays and bottlenecks. Now, with delegated administrations, I can assign specific responsibilities to help desk teams, application owners, or business units without giving them full AD privileges. For instance, help desk staff can handle password resets and account unlocks, while certain teams can manage their own group's membership, significantly improving workflow because routine requests are resolved faster, reducing the workload on senior administrators and controlling access more securely through the least privilege model.

One Identity Active Roles offers automation capabilities that are among the strongest features available. I mainly use them for user onboarding, offboarding, group assignments, and access approval workflows. For example, when a new employee joins, the account creation and non-role-based group assignments happen automatically through predefined workflows, reducing manual work, improving consistency, and helping minimize provisioning errors, making identity management much more efficient and controlled.

This review has received an overall rating of eight out of ten.

My main use case for One Identity Active Roles is automating and controlling AD user lifecycle management with delegated administrator. When a new employee joins, instead of an admin manually creating the ID accounts, assigning groups and setting permissions, One Identity Active Roles automatically takes care of the request from the HR system or service ticket, applies the naming convention and password policies, and sends approval workflows if elevated access is requested.

Integrating One Identity Active Roles with my existing IT infrastructure and directory services is a plug and play solution. I need to enter the credentials inside the AD.

My impression of the automation capabilities provided by One Identity Active Roles is positive, based on the user onboarding process automation. HR sends the request to the ticket service team, which gives the integration with One Identity Active Roles. HR alerts the support ticket administrator, who starts the process that will assign One Identity Active Roles automatically for a user based on this justification, which helps very easily.

The best features One Identity Active Roles offers include fine-grained delegated administrator, RBAC policies, lifecycle management, hybrid managed identity management, policy-based administration, and auditing, tracking, and changes.

If I have to select one feature, lifecycle management has the biggest impact because it automates user onboarding, role changes, and offboarding, making access updates faster, consistent, and less error-prone while reducing the risk of orphaned accounts.

One Identity Active Roles has positively impacted my organization by speeding up the user provisioning, reducing manual AD tickets, strengthening the security through consistent access control, and improving compliance.

Based on our analysis, the solution saves around 30 to 60 minutes of time. Ticket reduction is around 50%, and I have seen fewer access errors.

I am very happy with the solution provided by One Identity Active Roles, so there is no need for improvement at this time. In the future, there will definitely be opportunities for improvement.

I have been using One Identity Active Roles for almost one year.

Regarding One Identity Active Roles's AI capabilities, I think its governance and security are very good. If they use a third party as an AI, the security may be compromised. However, if they are using their inbuilt assistance, it gives a very good result.

Regarding One Identity Active Roles's AI capabilities, I cannot rely on the AI totally. At this time, it is 50-50 for me to give the answer because sometimes it gives me a really good answer and sometimes not the script that I have to check with them. It is very difficult to rely on the AI as well, so it is 60-40.

I haven't used the fine-grained permission control feature of One Identity Active Roles, but it is in my license. In the future, I will be deploying this solution. I rate this product an 8 out of 10.

One Identity Active Roles is used in our environment primarily for managing Active Directory operations such as user provisioning, password reset, account locks, group management, and delegated administration access.

User provisioning is a heavily utilized function, where new employee onboarding includes automatic account creation, OU placement, group membership, and permission assignment based on department or role. The service desk team manages group membership requests and access changes through delegated administration without requiring full domain admin rights, which reduces manual efforts and improves security control.

After implementing One Identity Active Roles, clear operational improvements are evident, including user provisioning time reduction from hours to minutes, a 40 to 50% drop in service desk workload, faster resolution of password reset and account-related requests through delegated administration, and fewer manual errors in group assignment and permission management.

The best feature of One Identity Active Roles is automation combined with delegated administration, which reduces repetitive Active Directory work such as user provisioning, group assignment, and account management while allowing the service desk team to handle routine tasks without granting full domain admin access.

Automation simplifies daily operations by eliminating repetitive manual Active Directory tasks including user creation, group assignment, password reset, and account disablement. Onboarding and offboarding processes become much faster because account permissions and group membership are assigned automatically based on role or department.

One Identity Active Roles has positively impacted productivity and user satisfaction by reducing delays in account provisioning, password reset, and access requests. Previously, many AD-related tasks were manual and heavily dependent on senior administrators, but after implementing automation and delegated administration, requests are completed much faster and with fewer errors.

One area where One Identity Active Roles can improve is simplifying complex workflow and approval management in large enterprise environments. Troubleshooting permission inheritance, synchronization issues, or customized workflows can still require considerable time and experienced administrator involvement.

The UI experience, easier workflow customization, and better troubleshooting visibility for complex AD and hybrid identity environments require improvement. Identifying permission inheritance issues or synchronization problems still sometimes requires manual investigation.

Complex workflow management and troubleshooting simplification in large enterprise environments remains an area for improvement.

I have been using One Identity Active Roles for two years.

One Identity Active Roles has been very stable, with no major outages or performance problems experienced during normal operation.

One Identity Active Roles handles our large Active Directory environment efficiently as the number of users, groups, and delegated administration tasks increases.

Customer support for One Identity Active Roles is generally good, with the support team demonstrating strong technical knowledge, particularly regarding AD integration.

Before implementing One Identity Active Roles, native Active Directory tools, manual administration, and PowerShell scripting were primarily used.

A good ROI was achieved with One Identity Active Roles through measurable operational improvements, including a 40 to 50% reduction in routine service desk workload.

My experience with pricing, setup cost, and licensing is generally positive for an enterprise environment, as the initial investment can feel high but provides long-term value.

Before choosing One Identity Active Roles, Microsoft Identity Manager and other tools were evaluated, with One Identity Active Roles selected for its strong integration with our existing Active Directory environment.

Fine-grained permission control in One Identity Active Roles had a strong impact on least privilege implementation in our organization, as only specific tasks and privileges were delegated to users based on their job responsibilities.

Integration of One Identity Active Roles with our existing infrastructure is relatively smooth because our environment is already heavily based on Active Directory and Microsoft technology, although the main challenge came during complex workflow customization.

The automation capabilities of One Identity Active Roles are very positive, as they reduce repetitive tasks such as automatic user account creation during new employee onboarding.

One Identity Active Roles reduces the complexity and workload of Active Directory by automating repetitive administrative tasks including user provisioning, group management, password resets, and account maintenance.

Delegated administration through One Identity Active Roles is a very positive experience because it reduces dependency on senior administrators for routine tasks.

One Identity Active Roles was purchased through another channel.

I would rate this review a 9 out of 10.

My main use case for One Identity Active Roles is centered on Active Directory automation and delegated access management. It helps reduce manual AD administration, control, automated onboarding, offboarding, and simplifies compliance and auditing across the organization.

One specific example of how I use One Identity Active Roles for automation or delegated access management in my daily work is automated employee onboarding. When HR adds new employee details, One Identity Active Roles automatically creates their AD account, assigns them to the correct OU group membership, and applies permissions based on the department or role. This reduces manual effort and provisioning time significantly.

The best features One Identity Active Roles offers are automation, delegated administration, role-based access control, approval workflow, and centralized auditing. For me, automation and delegated administration made the biggest difference because they reduce manual Active Directory workload and improve security by limiting unnecessary privileged access.

One area where One Identity Active Roles has positively impacted my organization is through automation and delegated administration. For example, instead of giving full domain admin rights to our service desk team, I delegate only specific tasks such as password reset, account unlock, or group management through our RBAC policies. On the automation side, when the employee leaves the organization, One Identity Active Roles automatically disables the account, removes group membership, and updates access policies, which reduces manual efforts.

Areas for improvement in One Identity Active Roles include UI modernization, workflow customization, flexibility in reporting, and troubleshooting visibility. This is particularly important in large environments when managing complex approval workflows.

I have been using One Identity Active Roles for about four to five years.

One Identity Active Roles has been stable in my environment. Even with a large Active Directory environment and multiple delegated administration workflows, I did not face major stability issues. Most operational challenges were more related to workflow complexity or synchronization troubleshooting rather than product outages or crashes.

One Identity Active Roles scales well in large enterprise environments. It can efficiently manage thousands of users, groups, OUs, and Active Directory administrative tasks through centralized automation and delegation. In my environment, with a large AD structure and multiple workflows, it scales reliably. Although in very complex hybrid environments, workflow performance and synchronization tuning can sometimes require additional tuning and planning.

The support for One Identity Active Roles has generally been good in my experience. The support team has been technically knowledgeable, especially for Active Directory integration, RBAC, and workflow-related issues. For normal operational issues, the support team has been responsive and helpful, but for complex enterprise cases or advanced support, the escalation and resolution could sometimes take longer, depending on the environment complexity.

I would rate customer support for One Identity Active Roles around 7 out of 10. The technical knowledge of the support team is good, especially for Active Directory and RBAC related issues, but sometimes response and escalation times for complex enterprise problems could be slower than expected.

Before implementing One Identity Active Roles, I mainly relied on native Active Directory tools, manual administration, and some PowerShell scripting for user provisioning and permission management. As the environment grew, managing users, groups, and delegating permissions manually became time-consuming and harder to track from a governance and compliance perspective, which is why I moved to a more centralized and automated solution.

Integrating One Identity Active Roles with my existing IT infrastructure was moderately easy overall. Since my environment was already heavily based on Active Directory and Microsoft technologies, the core integration was straightforward. The more challenging part was configuring complex workflows, delegated permissions, and integrating hybrid or customized environments, which required careful planning and testing.

I saw a good ROI with One Identity Active Roles. This was through reduced manual administration, faster user provisioning, and lower service desk workload. Routine tasks such as password resets, account unlocks, and group management became more automated, which saved significant operational time. I also saw fewer manual errors and better compliance visibility.

Pricing, setup, and licensing for One Identity Active Roles were generally good for an enterprise environment. Although the initial setup and licensing can be high for a smaller deployment, it requires proper planning around the AD architecture, RBAC design, and workflow configuration. It reduced significant manual administration work and operational efficiency for tasks and compliance.

Before choosing One Identity Active Roles, I evaluated options such as Microsoft Identity Management and SailPoint IdentityQ. I selected One Identity Active Roles mainly because of its strong Active Directory integration, delegated administration capabilities, automation features, and easier RBAC management for my environment.

My impression of the automation capabilities provided by One Identity Active Roles is positive, especially for organizations heavily dependent on Active Directory administration and governance. The automation, delegated administration, and RBAC capabilities reduce significant manual operational work and improve security controls. At the same time, in large environments, workflow complexity and troubleshooting can still require experienced administrators. Proper planning and documentation are important for successful implementation.

One Identity Active Roles has had a positive impact on my organization's compliance efforts by improving centralized auditing, enforcing RBAC and least privilege access, and providing better visibility into AD changes and administrative activities. Earlier, tracking permission changes and user activity was more manual and time-consuming, but One Identity Active Roles made audit and compliance reviews much easier through centralized reporting and approval workflows.

One Identity Active Roles has had a strong impact on Active Directory operations by reducing manual administrative workload, improving access governance, and standardizing provisioning and permission management procedures. It also improved security because privileged access became more controlled through RBAC and delegation instead of using broad domain admin permissions for routine tasks.

One strong feature in One Identity Active Roles is fine-grained permission control and least privilege implementation. Instead of giving full domain admin rights, I delegate only specific tasks such as password reset, account unlock, or group management to our service desk based on our RBAC policy.

My advice to others considering One Identity Active Roles is to first design the RBAC model, delegation structure, and approval workflows properly before implementation. One Identity Active Roles gives strong automation and governance capabilities, but if the AD structure and access processes are not organized, complexity can increase later. I would also recommend starting with a phased rollout and involving both security and AD administrator teams early, especially in large enterprise environments. I would rate this product 8 out of 10 overall.

One Identity Active Roles is mainly used for AD administrator and identity lifecycle management in my network. One Identity Active Roles is primarily used for identity lifecycle management, such as automatic user management.

Whenever a new employee joins, HR creates employee information, and One Identity Active Roles detects a new user and automatically creates an AD account, mailbox, home folder, and other necessary resources. Once login syncs the AD identity, the user automatically gets access.

The most tightly used automation feature in my network is that it automatically creates AD accounts, assigns department-based groups, applies naming conventions, sets permissions, and triggers downstream provisioning.

The best feature of One Identity Active Roles is centered around AD automation, delegated administration, governance, and hybrid identity management. These are the main features that One Identity Active Roles provides.

Delegated administration combined with automation is the feature I find most valuable in my day-to-day work because it solves two major enterprise problems simultaneously. For example, too many AD manual tasks and too many users with excessive admin rights make this feature best for me.

One Identity Active Roles has had a positive impact by empowering automation security across identity management processes. Some of the biggest improvements are faster user onboarding, reduced administrative workload, and better security through delegations. Previously, I was handling a 100 percent workload, but after using One Identity Active Roles, 70 percent of my load has been resolved.

One Identity Active Roles does not require many improvements, but for upcoming or new users, there should be an easier initial setup and configuration. One Identity Active Roles is powerful, but deployment is somewhat complex. Common challenges include policy design, delegation setup, and synchronization tuning.

While I appreciate most aspects of One Identity Active Roles, a few things need improvement. One is easier initial setup and configuration, and another is reporting and analytic enhancements that can be performed on the product.

The ease of integrating One Identity Active Roles with my existing IT infrastructure and directory services is moderate.

The overall impression of the automation capabilities provided by One Identity Active Roles is good. It is typically seen as reliable and enterprise-grade, deeply integrated with AD, governance-focused, and described as controlled identity automation with governance built in.

One Identity Active Roles typically has a major simplifying effect on Active Directory administration, especially in large or hybrid environments. The effect is usually felt in two areas: task complexity reduction and overall workload reduction.

I would advise enterprise companies to use One Identity Active Roles. It is truly useful for AD tasks.

One Identity Active Roles is used for automation, on-boarding, off-boarding workflows, managing group membership and permissions, role-based access control, auditing, and compliance in our hybrid AD environment with approval workflows.

A practical example we are currently using is as follows. When HR creates a new employee record, One Identity Active Roles automatically creates the AD account, assigns the correct OU based on the department location, adds predefined security groups, applies mailbox and licensing policies, and sets manager attributes and naming standards. For access control, we use dedicated administrators so the L1 helpdesk team can reset passwords or unlock accounts without receiving full domain admin rights. Access is restricted through role-based permissions and approval workflows, which improves security and reduces the risk of unauthorized AD changes.

This use case fits our organization well.

One Identity Active Roles offers workflow automation, role-based access control, dynamic group management, hybrid AD and Microsoft 365 management, approval workflows, policy enforcement, and auditing.

The feature that stands out and has had the biggest impact is the dedicated administrator combined with workflow automation. Before implementing One Identity Active Roles, routine AD tasks required senior administrators with elevated privileges. Now L1 and L2 support teams can safely handle tasks such as password resets, account unlocks, group modifications, and basic user provisioning through controlled RBAC policies. This helps us by reducing dependence on domain admin access, lowering the risk of accidental and unauthorized changes, speeding up user on-boarding and support requests, standardizing AD operations across teams, and reducing manual efforts and workload. Onboarding previously took around thirty to forty minutes, and now it takes just two to three minutes.

One Identity Active Roles has improved our organization by automating AD tasks, reducing manual errors, improving security through dedicated access control, and speeding up user onboarding and off-boarding. It has also helped reduce admin workload and improved our compliance tracking.

One Identity Active Roles is very strong for AD automation, dedicated administration, and governance, especially in a large enterprise environment. The main areas that could be improved are UI modernization and reporting flexibility. These improvements could help the product achieve a higher rating.

I have been using One Identity Active Roles for almost a year.

Based on our analysis and reporting, there is approximately fifty to seventy percent reduction in manual effort. Onboarding time has been reduced from twenty to thirty minutes to five minutes. There is a significant decrease in configuration errors due to the automation workflow templates.

One Identity Active Roles currently satisfies my use case, and I am happy with the solution. There is no need for improvements right now. However, when time passes, I will conduct research and development with other competitors as well. When I determine that the product needs improvement, I will update my feedback accordingly.

The features that stand out are currently working as expected. One Identity Active Roles is performing as anticipated. My overall rating for this product is eight out of ten.

My main use case for One Identity Active Roles is automation.

One specific example of how I use automation with One Identity Active Roles is through automated employee onboarding, where when HR shares new employee details, the system automatically creates an Active Directory account, assigning it to the correct OU, group membership, email attributes, and permission based on the employee's department or role. This significantly reduces manual efforts, provisioning time, and configuration errors.

Using One Identity Active Roles, we consolidate multiple manual Active Directory administration processes and native management tools into a single, centralized platform for user provisioning, delegation, RBAC, automation, and auditing.

The best features of One Identity Active Roles are automation, delegated administration, role-based access control, approval workflows, policy enforcement, and auditing, as these features simplify Active Directory management, improve security, reduce manual efforts, and enhance compliance.

The feature that has made the biggest difference for me in One Identity Active Roles is automation, especially automated user provisioning and de-provisioning, because it significantly reduces manual Active Directory tasks, minimizes errors, improves consistency, and accelerates onboarding and off-boarding processes.

Additionally, the delegated administration and auditing features in One Identity Active Roles are very valuable as they improve security by limiting excessive privilege and provide centralized tracking of Active Directory changes for compliance and governance.

One Identity Active Roles positively impacts our organization by reducing manual Active Directory administration, improving security through delegated access and RBAC, speeding up onboarding and off-boarding processes, reducing service desk workload, and enhancing compliance.

One Identity Active Roles can be improved with a more modern and intuitive user interface, better reporting and analytics, simplified workflow customization, enhanced troubleshooting tools, and stronger cloud and hybrid identity integration capabilities for large enterprise environments.

I have been working in my current field for the last two years.

One Identity Active Roles is generally very stable and reliable in enterprise environments with consistent performance for Active Directory automation, delegated administration, and identity management tasks when properly configured and maintained.

One Identity Active Roles scales very well for enterprise environments and can efficiently manage thousands of users, groups, and Active Directory objects through centralized automation, delegated administration, and policy management without significant performance issues.

Customer support for One Identity Active Roles has been generally good with knowledgeable technical teams and effective assistance for deployment, troubleshooting, and Active Directory integration issues, although response time for complex escalations can sometimes be slower.

Before implementing One Identity Active Roles, we mainly used native Active Directory tools and a manual administration process along with basic PowerShell scripting. We switched because One Identity Active Roles provides centralized management, automation, delegation, RBAC, and better compliance and auditing capabilities.

I assess the integration of One Identity Active Roles as moderately easy, around a four out of ten in difficulty, because the core integration with Active Directory and existing Microsoft infrastructure is straightforward.

Before selecting One Identity Active Roles, we evaluated options such as Microsoft Identity Management and SailPoint IdentityIQ, but we chose One Identity Active Roles because of its strong Active Directory integration, automation, and delegated administration.

We achieve a strong ROI with One Identity Active Roles through approximately a forty to fifty percent reduction in service desk workload, faster user provisioning from hours to minutes, fewer manual administration errors, and improved compliance and audit efficiency.

My experience with pricing, setup cost, and licensing with One Identity Active Roles has been generally positive, as the license is enterprise-based and setup requires moderate effort for Active Directory integration and workflow configuration, but the solution provides strong value through automation and delegation.

Before selecting One Identity Active Roles, we evaluated options such as Microsoft Identity Management and SailPoint IdentityIQ, but we chose One Identity Active Roles because of its strong Active Directory integration, automation, and delegated administration.

My advice to others considering One Identity Active Roles is to carefully plan the RBAC model, workflow, and delegation structure before deployment, start with a pilot implementation, and fully utilize its automation and auditing features to improve Active Directory, security, compliance, and operational efficiency. I would rate this solution an eight out of ten.

A specific example of One Identity Active Roles implementation is automating employee onboarding where new users are automatically created with correct organizational unit placement, group membership, permission assignments, and policies based on their department or job roles.

The automation capability in One Identity Active Roles helps reduce manual Active Directory tasks by automatically handling user provisioning, deprovisioning, group assignment, and policy enforcement, which improves efficiency, consistency, and security.

One Identity Active Roles has positively impacted our organization by reducing manual Active Directory administration, improving security through role-based access control and delegated access, speeding up onboarding and offboarding processes, and enhancing compliance and audit visibility.

Using One Identity Active Roles, we reduced our user provisioning time from hours to minutes, lowered service desk workload by approximately 40 to 60 minutes, reduced manual administration errors, and improved audit and compliance efficiency.

One Identity Active Roles helped us implement fine-grained delegation and access control by assigning specific administrative permissions based on roles and department, which improves security, reduces excessive privilege, minimizes manual errors, and made Active Directory management more controlled and compliant.

One Identity Active Roles integrated well with our existing IT environment, especially with Active Directory and Microsoft infrastructure, which made adoption easier without major changes to current systems or operational processes.

I was impressed with the automation capability in One Identity Active Roles, especially automated user onboarding and offboarding where accounts, group memberships, and permissions were assigned automatically based on department or roles, significantly reducing manual effort and provisioning time.

One Identity Active Roles has significantly reduced compliance effort by centralizing auditing, enforcing role-based access control and policy management, tracking Active Directory changes, and simplifying access reviews and reporting for audits.

One Identity Active Roles reduced the complexity and workload related to Active Directory by automating repetitive tasks, simplifying user and group management, enabling delegated administration, and centralizing policy and access control management.

Delegated administration in One Identity Active Roles positively affected our operations by allowing service desk teams to handle routine Active Directory tasks such as password resets, user creation, and group management without full domain administrator rights, which improved security, reduced workload on senior administrators, and sped up request resolution.

I did not rate One Identity Active Roles at the highest level because areas such as user interface modernization, workflow complexity, troubleshooting experience, reporting capabilities, and cloud integration still have room for improvement.