My main use case for One Identity Active Roles is Active Directory user and group management with automation and delegated administration. For example, in daily work, I use it to automate user provisioning, deprovisioning, manage security group access, and enforce naming and compliance policies across AD environments.

The best features for One Identity Active Roles in my experience are automation, delegated administration, RBAC, dynamic group management, and policy enforcement. I also appreciate centralized management for AD and Entra ID, along with auditing and change tracking which helps significantly during compliance reviews.

One Identity Active Roles has made the biggest impact in automation and delegated administration. It reduced manual AD tasks, minimized provisioning errors, and accelerated user onboarding and offboarding significantly in day-to-day operations.

One Identity Active Roles has positively impacted our organization by improving AD administration efficiency, reducing manual errors, strengthening access governance, and helping to standardize user provisioning and compliance processes across the team.

Since implementing One Identity Active Roles, we have seen faster user provisioning and deprovisioning, a noticeable reduction in manual AD efforts, and significant time savings for routine administrative tasks. It also improved audit readiness through better tracking and policy enforcement.

One Identity Active Roles could be improved with a more modern and intuitive UI, faster performance for large environments, simpler reporting customization, and smoother integration with cloud-native identity platforms and APIs.

I have been using One Identity Active Roles for around a year, mainly for AD automation, user provision, group management, and access governance tasks.

One Identity Active Roles is very stable.

The scalability of One Identity Active Roles is strong in my experience. It handles large and complex Active Directory environments efficiently, supports multiple domain and hybrid setups, and maintains performance even with a high number of users and objects when properly configured. It is well-suited for enterprise-scale identity management.

Support for One Identity Active Roles is generally good. We have a positive experience with response time and technical assistance for both configuration and troubleshooting. Documentation and support portal resources are also helpful, though some complex issues may require escalations.

The integration of One Identity Active Roles with our existing Active Directory and IT infrastructure was fairly straightforward. I connected smoothly with our directory services, and most configurations were manageable with standard setup and policies. Some advanced customization required learning, but overall, the integration effort was moderate.

We have clearly seen the ROI for One Identity Active Roles. We reduced manual Active Directory administration efforts, improved provisioning speed, and minimized errors that previously required rework. While exact figures vary, the biggest gains were in the time saved for routine tasks and reduced workload on the AD team, allowing us to focus on higher value work instead of repetitive user management.

We found the pricing, setup cost, and licensing for One Identity Active Roles to be on the enterprise side, but justified by the capabilities. Initial setup, some planning, and integration effort with Active Directory and licenses are typically based on managed user objects. Overall, the cost made sense considering the automation, governance, and long-term reduction in manual administration.

My advice for others looking into One Identity Active Roles is to clearly define your Active Directory structure and governance model before implementing it. Invest time in designing roles and workflows properly, as most of the value comes from there. Also, plan the integration carefully and involve the AD and security team early to ensure smooth adoption.

One Identity Active Roles has been a reliable and effective solution for managing Active Directory at scale. It improved security, reduced manual work, and brought consistency to the identity operations. The main value comes from proper design and automation setup, which pays off long-term. I would rate this review a 10 out of 10.

Our main use case for One Identity Active Roles is centralized Active Directory management and user provisioning. It helps automate user account creation, group management, role-based access control, and administrative tasks while improving security and reducing the manual workload for IT teams.

One common use case for One Identity Active Roles is onboarding new employees. Our team uses it to automatically create Active Directory accounts, assign the correct groups and permissions based on their job roles, and apply standardized policies. This reduces manual configuration errors and speeds up the provisioning process for the IT teams.

The best features for One Identity Active Roles are automated user provisioning, role-based access control, delegated administration, and centralized Active Directory management. It also provides strong auditing and compliance capabilities, which help reduce manual administrative work, improve security, and maintain consistent access policies across the organization.

The feature we rely on the most in One Identity Active Roles is automated user provisioning. It has the biggest day-to-day impact because it streamlines employee onboarding and access management by automatically creating accounts, assigning groups, and applying permissions based on predefined roles. This saves time, reduces manual errors, and ensures users get the correct access quickly and consistently.

One Identity Active Roles has positively impacted our organization by simplifying Active Directory administration and reducing the amount of manual work required for user and access management. Automation improved onboarding efficiency, reduced configuration errors, strengthened access control, and helped maintain better compliance and auditing across the environment.

After implementing One Identity Active Roles, we saw a noticeable reduction in onboarding and account management time because many tasks became automated. It also helped reduce manual provisioning errors and improved consistency in access assignment. The auditing and reporting features made compliance review easier by providing better visibility into administrative changes and user access activity.

One Identity Active Roles could be improved with a modern and intuitive user interface, simpler configuration for complex workflows, and faster performance in large environments. Better cloud integration and easier customization for reporting and automation would also enhance the overall experience.

I have been using One Identity Active Roles for the last 1.2 years.

One Identity Active Roles is stable.

One Identity Active Roles scales very well for our organization with growing Active Directory environments and large user bases. It supports centralized management, delegated administration, and automation across complex enterprise infrastructure, making it effective for handling increasing numbers of users, groups, and access management tasks efficiently.

Customer support was good.

Integrating One Identity Active Roles with our existing IT infrastructure and Active Directory environment was relatively straightforward. Since it is designed to work closely with Microsoft environments, the core integration process was smooth. Though some planning and customization were needed for workflows, permissions, and integration with other enterprise tools. Overall, the deployment effort was manageable for our IT team.

We have seen a positive return on investment from One Identity Active Roles. Automation significantly reduced the time spent on user provisioning, onboarding, and access management tasks, which lowered the administrative workload and improved operational efficiency.

Our experience with pricing and licensing for One Identity Active Roles was positive overall. The setup required some initial planning and configuration, but the licensing and cost were justified by the automation, reduced administrative workload, and improved access management efficiency it provided.

My advice for organizations considering One Identity Active Roles is to plan the role structure, workflows, and delegation policies carefully before deployment. Taking time to align the automation and access controls with business processes helps to maximize efficiency, reduce administrative workload, and improve long-term identity management and security operations. I have given this review a rating of 10.

One Identity Active Roles is primarily used for centralized Active Directory management, user provisioning, and automated access control. It streamlines user account creation, role-based administration, group management, and policy enforcement while reducing manual administrative effort and improving security compliance.

A common day-to-day use case involves onboarding new employees. One Identity Active Roles automated user account creation, group assignments, mailbox setup, and permission allocation based on department rules. This process was previously manual and time-consuming, but One Identity Active Roles reduced setup time significantly and helped avoid configuration mistakes and permission inconsistencies.

Integrating One Identity Active Roles with the existing Active Directory environment was relatively straightforward. The solution integrates very well with Microsoft-based infrastructure and directory services, although the initial configuration and policy setup required careful planning and technical expertise for smooth deployment.

The best features of One Identity Active Roles are automated user provisioning, delegated administration, and role-based access control. It reduces manual Active Directory management tasks, improves security through fine-grained permissions, and provides centralized auditing and policy enforcement. The automation workflows and approval-based access management are especially valuable for maintaining consistency and compliance in large enterprise environments.

The automation workflows help the team automate repetitive identity management tasks such as user onboarding, account updates, password resets, and de-provisioning. Approval-based access management adds an extra security layer by requiring manager or admin approval before sensitive permissions or group memberships are granted. This reduces manual effort, minimizes human errors, improves compliance, and ensures proper access governance across the organization.

One Identity Active Roles significantly reduces the complexity and workload of Active Directory management by automating repetitive tasks such as user provisioning, group management, password resets, and access changes. It simplifies delegated administration and centralized policy management, allowing the IT team to handle Active Directory operations more efficiently with fewer manual errors.

One Identity Active Roles could be improved with a more modern and intuitive user interface, faster performance during large-scale directory operations, and simpler initial deployment and configuration.

One Identity Active Roles has been used for approximately seven months.

One Identity Active Roles is stable.

One Identity Active Roles is highly scalable and works well in medium to large enterprise environments. It can efficiently manage a large number of users, groups, and directory objects while maintaining centralized administration, automation, and policy enforcement across multiple domains and complex Active Directory infrastructures.

Customer support for One Identity Active Roles is excellent.

The organization mainly consolidated Active Directory administration, user provisioning, access governance, and role-based access management using One Identity Active Roles. It helps centralize identity management tasks that were previously handled through multiple manual tools and scripts.

Integrating One Identity Active Roles with the existing Active Directory environment was relatively straightforward. The solution integrates very well with Microsoft-based infrastructure and directory services, although the initial configuration and policy setup required careful planning and technical expertise for smooth deployment.

Careful planning of the initial deployment and role structure before implementation is recommended. One Identity Active Roles delivers the most value when automation workflows, delegated administration, and access policies are properly designed according to organizational needs.

A clear return on investment was realized after implementing One Identity Active Roles. Automated provisioning and access management reduced manual administrative effort by nearly 50 to 60%, which saved significant onboarding time and lowered the number of access-related errors and support tickets.

The pricing and licensing experience with One Identity Active Roles was generally reasonable for an enterprise IAM solution. Initial setup required some planning and technical resources, but the long-term operational efficiency and automation benefits provided good overall value.

After implementing One Identity Active Roles, user provisioning and access management time was reduced by nearly 50 to 60%. The automation workflows helped lower manual configuration errors and improved compliance by maintaining proper approval trails and access governance records.

The automation capabilities of One Identity Active Roles are impressive because they significantly reduce repetitive administrative work and improve consistency. Employee onboarding workflows were automated, so new users automatically receive the correct accounts, group memberships, and permissions based on their department and role. Automated de-provisioning is also used to quickly disable accounts and revoke access when employees leave the organization, improving both efficiency and security.

The review rating provided for One Identity Active Roles is 10 out of 10.

One Identity Active Roles is used in our day-to-day operations to manage Active Directory in a controlled and automated way. The solution handles user accounts, groups, and permissions effectively.

In a real scenario, when a new user joins our organization, we use a template in One Identity Active Roles, and the user automatically receives the correct groups and permissions. When an employee leaves our organization, their account is automatically disabled.

One Identity Active Roles offers multiple best features that provide a good experience in our real-time environment. The delegation of admin tasks is a primary feature. Instead of giving full access to everyone, we assign specific permissions based on roles. For the IT team, we do not need to provide full access.

Since we have implemented One Identity Active Roles, we have seen significant improvements. The process is truly helpful and has positively impacted our environment. We have experienced faster user management, better control over Active Directory, reduced errors, and improved security.

One Identity Active Roles is a very powerful and effective solution that helps us in a positive way. The initial setup took almost one month, and reducing this timeframe further would be beneficial for implementation.

I have been working in my current field for more than two years.

One Identity Active Roles is very stable.

The initial setup took almost one month.

We have not evaluated other options before choosing One Identity Active Roles.

One Identity Active Roles enables faster user management because the user account is automatically fetched from HR tools, eliminating manual intervention from the IT team. This has resulted in a fifty to sixty percent reduction in manual time compared to our previous process. Human errors have been reduced by ninety-nine percent as there is no longer human error in the process.

My advice for those looking to implement One Identity Active Roles for centralized Active Directory management with user control is to consider this solution, as it will significantly help your organization. I have provided this review a rating of ten out of ten.

One Identity Active Roles is used primarily to enforce policy-based control on Active Directory objects, which ensures all changes follow defined rules and workflows, helping us maintain data integrity and governance across our entire architecture.

Policy-based management enforces rules on Active Directory operations such as user creation, modification, and deletion, ensuring that naming conventions and mandatory attributes are applied, which helps us prevent misconfiguration.

One Identity Active Roles offers strong role-based access control and delegation capabilities that improve security by limiting admin privilege, supports automation, and has a powerful policy engine for enforcing standard policies, ensuring consistency across Active Directory operations, which reduces misconfiguration. It also provides comprehensive audit and reporting features that improve visibility into changes.

Compliance with the Active Directory environment has really helped us with audit and reporting capabilities.

One Identity Active Roles has positively impacted our organization by increasing efficiency through automating routine tasks and improving governance through approval workflows, making our Active Directory management workload more structured.

We have seen that it has reduced manual work and we have noticed a reduction in human errors along with a decrease in time efforts, so our team is now able to handle more workload than before.

One Identity Active Roles is working well for our environment and we have not seen anything that needs to be improved as of now. However, the initial setup and configuration can be complex for a new engineer or new organization, requiring Active Directory expertise, which increases deployment effort. The initial setup could be simplified.

I have been using One Identity Active Roles for more than four years.

One Identity Active Roles is stable.

Scalability-wise, there is no issue, and it matches our organization's growth.

I have interacted with the customer support team multiple times, and they are ready to support at any time whenever we raise a ticket, providing concrete solutions for any kind of challenge.

From day one, we have been using One Identity Active Roles and have not used any different solution.

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful and happy with the support provided by the vendor sales team.

We have seen a good return on investment because the automation feature has reduced manual efforts by around thirty to fifty percent and improved efficiency with reduced workload, saving our engineers time.

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful and happy with the support provided by the vendor sales team.

We have not gone for the evaluation of other options.

One Identity Active Roles is a great solution to consider for Active Directory management and for enforcing policies, central management, and great visibility, which will be helpful for any organization. I would also advise starting with defining the roles and whatever policies need to be implemented to ensure smooth deployment. I rate this product a ten out of ten.

I am an implementer for the product. I install Active Roles for companies.

Active Roles helps my clients by reducing erroneous privileged accounts, often cutting them in half. It also reduces IT administrators' time spent on these tasks by 5 to 10 percent.

My clients can save money on licensing. We can bundle Active Roles with other IGA solutions and save on overall service renewal. The solution improves user experience for most users. The end-users generally only use the self-service portion, which they like. It's easy for them to use. Unfortunately, there is one annoying setting that they initially set, but that could easily be remedied in the future. For IT users, it's a mixed bag. Administrators love it. I think it's wonderful. Depending on how the administrators deploy it, the help desk users either think it's great or hate it because they want to use a console.

The best part of this Active Roles is the workflow engine. It features an industry-leading workflow automation feature. It's a visual PowerShell that allows task interruption.

It offers single-pane-of-glass management to a degree. Right now, the Azure side can only be done from the web UI, not the console. The administrative side can only be done from the console, not the web UI.

Conditional access works well. Combined with RBAC, it always works well with Active Roles because Active Roles can do access based on dynamic implementation.

The permission management feature is also excellent, clearly showing delegated permissions. Active Roles tells you when any permissions are done without going into this crazy fine-grained permission strategy that is horrible compared to Active Roles' template-based permissions. You can design on your own. It easily shows where all the permissions are delegated.

Unfortunately, you can't do much with zero trust and Active Roles at the moment unless you combine them with Safeguard. It lines up with using zero trust if you combine a couple of different workflows together.

Active Roles can fix many little problems that have never been resolved and have lingered for years, continuing to annoy people. For example, you can't search by object GUIDs. The manual says you can, but it hasn't worked in five years.

I have been using Active Roles for about 15 years.

I would rate the stability of the Active Roles eight out of 10. It's a fairly stable product but not perfectly reliable.

Active Roles is super easy to scale.

I rate One Identity support 10 out of 10. Customer service and support are fantastic. The support team is very responsive. I love those guys.

I have used KAOSoft and AD Access previously. Active Roles has PowerShell modules and a whole PowerShell backend that none of the other solutions do. That's where they lose the most. PowerShell makes a considerable difference compared to those other applications.

The initial setup is generally straightforward. It takes a week or two for an inexperienced organization to set it up, but I can do it in a day or less. It could involve multiple teams, depending on what you're doing. For example, if you're integrating Exchange, you need Exchange admins to be involved.

Active Roles always saves my clients money, mostly in licensing and service renewal.

The pricing for Active Roles is expensive but not as expensive as other solutions like Okta.

I have evaluated KAOSoft, AD Access, and Okta, among others.

I rate One Identity Active Roles 10 out of 10. Managing singular identities without a management suite is difficult. Active Roles is not an identity and access management solution. It's an Active Directory management suite.

We use Active Roles to bring our decentralized environment into a single pane of glass. Our entire customer base is in a single directory, and they can manage their objects without interfering with other entities in our environment.

We saw benefits immediately. We must have these roles in place in our environment, or we'd be in big trouble. The solution improved our operational efficiency. Instead of manually applying permissions in Active Directory to thousands of OUs, we can do it in five minutes with a command in PowerShell.

It prevents us from erroneously assigning permissions. Active Roles improves our security posture by ensuring permissions are consistent and applied to the correct target every time. By taking the manual work out of the equation, we ensure we don't have any credential leaks.

Active Roles is easy to configure. It isn't a plug-and-play solution, and you need expertise to set it up. However, once you have your templates, it's easy to deploy in a highly decentralized environment. The custom configuration for our customers is fantastic, especially the web interface.

The solution gives us granular control, allowing us to build highly customized roles and apply them across our environment. We have 500,000 separate OUs.

Active Roles could add more options for web customization. Our requirements are exceedingly specific. We'd like to get the web interface down to just five buttons, but in some cases, we can only get to six. The web interface in the current version is less customizable than in the previous one.

We have used Active Roles for 10 years over two periods.

We've had no issues with crashing, but we've had problems with the web interface lagging. We're not sure if that's the infrastructure.

One Identity is pretty scalable. We have SQL on the back end so that we can spin up a VM and bring up a new web interface. It has a new feature where a workflow can run on a dedicated server, and we don't need to use our frontend servers for workflow activities.

I rate One Identity support nine out of 10. We are happy with the quality of One Identity's support team. We get a response within one or two days. Our unique organization has uncommon problems, so we typically need tier 2 or 3 support. The good thing about One Identity is that we don't need to spend a few days convincing them to escalate.

Deploying Active Roles was easy. We had prior experience, and help from professional services made it easier. Our environment is unique, and their professional services helped tremendously with our odd use cases. You can stand up an out-of-the-box deployment in a couple of days. We had one primary engineer and two assistants on the deployment team.

I wasn't involved in purchasing the solution, but I get the impression from management that it's priced about the same as other products, and we get more value from it.

I rate One Identity Active Roles 10 out of 10. My suggestion to future users is to map out your roles with as much granular precision as possible.

We're trying to solve the same problems with fewer products. We're not there yet, but we plan to consolidate, and our customers are happy with One Identity products.