Hello everyone,
I wanted to ask if it is possible or advisable to replace NetIQ DRA with Usercube. Our customer has both tools installed in their environment, and some actions are overlapping.
We received the question of whether it would be possible to stop the NetIQ license and replace it with Usercube. I don’t know much about NetIQ and don’t have all the details on how they are using it, but the question is already on the table.
Any suggestions and advice are welcome. 
Hello @Kamil.Wojenkowski , nice to see you there.
I’m not an expert on NetIQ DRA, but I found
“NetIQ Directory and Resource Administrator (DRA) delivers an unparalleled ability to control who can manage what within Active Directory while protecting the consistency and integrity of its information by validating all administrative changes. Through granular delegation of permissions, robust change management policies, and automation that simplifies workflows, DRA reduces down time and operational risks to Active Directory that are posed by the consequences of malicious or accidental changes.”
I agree with you that we need information about what is happening with your customer with NetIQ DRA. Based on that, you will be able to validate the switch to Usercube and the effort required to do that.
Hello Kamil,
Another Netwrix product, GroupID, is purposely built for management in this manner.
Quick overview:
Identity Management: Manages identities across multiple platforms, including Active Directory, Entra ID, Google Workspace, and LDAP directories.
Entitlement Review: Provides detailed entitlement insights and review to ensure compliance with regulatory standards.
Account Provisioning: Automates user provisioning and deprovisioning in bulk.
Group and Identity Lifecycle Management: Automates the creation, management, and deprovisioning of users and groups.
Self-Service: Empowers users to manage their direct reports, their own identity and groups they own as well as group memberships in security groups and distribution lists.
Attestation: Ensures that identities and group memberships are regularly reviewed and attested to maintain security.
Reporting: Provides comprehensive reporting on group memberships and changes.
Thanks for the responses so far! I really appreciate the insights.
I’ve put together a small list of all the tasks currently being performed with NetIQ DRA. From what I can see, almost all of these tasks can be implemented in Usercube as well.
Would you agree that Usercube can fully replace NetIQ DRA in this case? Or should we consider looking at GroupID?
| Task | Description |
|---|---|
| Unlocking AD Accounts | Process to unlock Active Directory accounts |
| AD password reset | Resetting the password for an AD account |
| Enabling AD Accounts | Enabling previously disabled AD accounts |
| Adding accounts to AD groups | Granting access to share folders and distribution lists (DL) by adding accounts to AD groups |
| Creating/adding to mailboxes and DL | Granting “Send As” and “Send on Behalf” permissions by creating or adding to mailboxes and distribution lists |
| Checking access groups | Verifying membership in groups such as M365 groups |
| Disabling machine account | Disabling a machine account if the machine is lost or stolen |
| Account management | Checking logon details (login dates, password change dates, etc.) and verifying owners of groups |
| Checking/creating contacts | Managing contacts for contractor users |
Kamil,
When I look at the NetIQ/Microfocus Identity Products I would say it maps to the Netwrix products like this:
| NetIQ/Microfocus | Netwrix |
|---|---|
| NetIQ Directory Resource Administrator | GroupID |
| OpenText Identity Governance | UserCube |
| OpenText Identity Manager | UserCube |
| OpenText Privileged Access Manager | Netwrix Privileged Secure |
| OpenText Data Access Governance | Netwrix Enterprise Auditor |
If there are specific use cases in any of those products you wish to discuss, feel free to post them here and I can try to point you to the documentation in our products.
But to answer your original question. GroupID is the best product to replace NetIQ Directory Resource Administrator.