We performed a comparison between One Identity Active Roles and Saviynt based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"Considering the initial cost and the basic features, this is a good solution that provides integration with both on-premise and cloud applications."
"The workflow in Saviynt is easier compared to other tools. It's pretty straightforward."
"Saviynt provides built-in access recommendations, while SailPoint IdentityNow offers access recommendations through a separate AI integration that requires additional licensing. Saviynt functions as a unified platform for various business operations, consolidating user and access data from multiple sources into a single platform. This allows for leveraging the same user base and data across different business functions, including access governance, privileged access management, data access governance, and third-party access governance. In contrast, SailPoint is a decoupled tool, requiring separate integration for managing access and permissions, especially for unstructured data. Saviynt's approach is more integrated and streamlined, providing a unified platform for access recommendations and various business operations."
"The product has a great attestation feature."
"It's easy to manage and easy to use; a simple tool for end-users."
"The dedicated Freshdesk platform is a user community and a step in the right direction for offering learning resources."
"It gives very good and in-depth knowledge about a particular identity. Everything is through a single click. We get to know the workflows related to a particular identity with a single click."
"Saviynt has a lot of potential with many features available for users."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"Most of the time it just works."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The UI doesn’t enhance the user experience."
"The solution does not work very well as the number of users increases."
"The biggest drawback is that for every change you want to make, you have to go back to them and ask for it."
"We sometimes experience performance issues when the solution fails to process the data between two different applications."
"The company needs to do more to establish standard practices within the product itself that are common in the industry."
"The main difficulty was the integration process itself. But we were able to kind of work through it and fix it. We tried integrating with our HR system and other IBM solutions, like Microsoft Identity Management."
"Both SailPoint IdentityNow and Saviynt have some bugs, but SailPoint is considered more mature with fewer bugs due to its longer establishment in the market since around 2005. SailPoint had its share of bugs in the early days, but they have resolved them over time, resulting in a stable product. Saviynt, on the other hand, was launched around 2013 or 2014 and is actively working to improve its product. Despite having some bugs, Saviynt is making progress and aims to build a stable product, but it is not there yet."
"An area for improvement in Saviynt is that there's a limitation on the number of logs you can get from the past twenty-four hours. For example, if the data is huge, the tool can only give you a maximum of one hundred logs. You can't get any further than that. In the next version of Saviynt, however, you can get more logs and you'll see them inside the log rotation. For example, when you're trying to search inside the log, you can select a date range, and then you can search for a particular log. We haven't used that new log rotation feature yet, but it's included in the next release of Saviynt. Another area for improvement in the tool is that it doesn't have a server monitoring feature, so if your server has a high load, it should give you a warning. You're supposed to get an alert similar to what's being done in WebLogic. In WebLogic, we had a separate facility, but in Saviynt, that feature's missing."
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Saviynt is ranked 5th in Identity Management (IM) with 21 reviews. One Identity Active Roles is rated 8.6, while Saviynt is rated 7.4. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Saviynt writes "Used for IAM, IGA, MFA, SSO, and access management". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager and Softerra Adaxes, whereas Saviynt is most compared with SailPoint Identity Security Cloud, Microsoft Entra ID, CyberArk Privileged Access Manager, Okta Workforce Identity and Microsoft Identity Manager.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.