One Identity Active Roles
one identity

Simplified identity management and security

Ensure users and objects have fine grained privileged access only when they need it with dynamic delegation across your identity landscape.

One Identity Active Roles delivers automated user account and group management that overcomes the shortcomings of native Microsoft Active Directory and Azure Active Directory tools. These enhanced identity-management capabilities enable you to do your job more efficiently, more accurately, and with less manual intervention.

Active Roles is designed with a modular architecture, so your organisation can easily meet your business requirements today and in the future. With Active Roles, you can automate tedious and error-prone administrative tasks and solve security issues by protecting and controlling all-important administrative access.

Key benefits

  • Automate AD/AAD administration

  • Regulate admin access

  • Overcome native AD tool limitations

  • Expand AD control beyond Windows

Capabilities

Hybrid AD ready
Active Roles is optimised to serve the needs of both on-prem AD and Azure AD in a hybrid deployment. It offers a single console, unified workflows and a consistent administrative experience across your entire hybrid environment. With support for multi-tenant, Active Roles eliminates the cumbersome, error-prone, and unnecessary challenges that come with using separate native tools and manual processes.

Secure access
Active Roles provides comprehensive privileged account management for Active Directory and Azure Active Directory, enabling you to control access through delegation using a least-privilege model. Based on defined administrative policies and associated permissions, it generates and strictly enforces access rules, eliminating the errors and inconsistencies common with native approaches to hybrid AD management. Along with modern authentication using OAUTH, Active Roles has robust and personalised approval procedures establish an IT process and oversight consistent with business requirements, with responsibility chains that complement the automated management of directory data.

Automate account administration
Active Roles automates a wide variety of tasks, including:

  • Creating user accounts and groups in AD and AAD

  • Extending AD/AAD-based account administrative actions to non-Windows systems and SaaS applications

  • Creating mailboxes in Exchange and Exchange Online

  • Populating groups across AD and AAD

  • Assigning resource in Windows