Import group owner from Active Directory

Admins can now import the group ownership information from the Active Directory(AD) to the Okta Directory using full or incremental imports. The system uses the managedBy attribute in the AD user profile to extract the group owner information.

AD can have only one owner for a group, either a group or a user, so the imported group can also have only one owner.

Manage group ownership of an Active Directory instance

  1. In the Admin Console, go to Directory Groups.

  2. Select a group to open the Group page.

  3. Go to the Owners tab on the Group page. You can see the group owners for the group on this tab.

Run a full or an incremental import afterward to get the group ownership information. The group won't have the owner information in the Okta Directory, if the group owner information isn't available at the time of the import.

To delete a group owner, perform steps 1 - 3 of this procedure, and click X for the group owner.

It may take approximately 24 hours for the group owner information to be reflected in Access Requests. Okta recommends that you sync your Access Requests Resources and Configuration lists after you change the group owner. See Configure Access Requests.