We performed a comparison between Microsoft Entra ID and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Single Sign-On (SSO) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have the ability to define the email user in the designated field."
"With Azure Active Directory we were able to manage with different options the access for different users."
"It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it."
"Microsoft Entra ID Protection and Microsoft Sentinel are both excellent monitoring features for Microsoft Entra ID."
"This product is easy to use."
"The most valuable features are the Conditional Access policies, SSPR, and MFA. Another good functionality is registering enterprise applications to provide access to external parties. These four features are precious and are the most used across different use cases for various clients and projects."
"Conditional Access is a helpful feature because it allows us to provide better security for our users."
"Multi-factor authentication really secures our environments and gives us the flexibility to use location-based policies. Azure AD also gives us a lot of flexibility in our scope of integration."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"Technical support could be better."
"The initial setup was complex."
"When it comes to identity and access life cycle management for applications that are run on-premises, as well as access governance, if those kinds of capabilities could be built into Azure Active Directory, that would be good."
"Adding a new account can be tricky."
"The most challenging aspect I found was the creation of organizational units and specific domains. They have a tool called Bastion, which is expensive and a little bit confusing."
"The integration between the Azure active directory and the traditional active directory could be improved upon."
"One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level."
"The product needs to be more user-friendly."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"The solution needs an attestation process that includes certification and recertification attestation."
"Most of the time it just works."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The ability to send logs to a SIEM would be very beneficial."
Microsoft Entra ID is ranked 1st in Single Sign-On (SSO) with 190 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Microsoft Entra ID is rated 8.6, while One Identity Active Roles is rated 8.6. The top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Okta Workforce Identity and Cisco Duo, whereas One Identity Active Roles is most compared with ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager, Softerra Adaxes and NetIQ Directory and Resource Administrator. See our Microsoft Entra ID vs. One Identity Active Roles report.
We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.