Deploy Okta People Picker for SharePoint agent
Install and deploy the Okta People Picker for SharePoint agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. to your SharePoint farm environment. The default installation steps outlined below activate the feature at the farm level.
1. Install Okta People Picker for SharePoint agent
In Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, go to Settings > Download and download the Okta People Picker for SharePoint Server 2010, 2013, or 2016.
Enter the following PowerShell commands to add and install the Okta SharePoint solution for People Picker:
Add-SPSolution -LiteralPath "C:\OktaClaimsProviderxx.xxx.wsp"
Install-SPSolution -Identity "oktaclaimsproviderxx.xxx.wsp" –GACDeployment
Replace the LiteralPath command line argument with the path to the downloaded People Picker WSP solution ﬁle, and update the identity command line argument with the appropriate version-based ﬁle name.
- It might take a few minutes for the agent to be installed and deployed.
- You can query your deployment status by entering the following PowerShell command:
- The status output reads
Deployedafter the solution has been deployed to the farm.
- If the status output continues to read
Not deployed, sign into the SharePoint Central Administration console, select System Settings > Manage Farm Solutions, and check for error messages.
- If necessary, cancel the deployment and restart it using the SharePoint Central Administration Management Console.
Deploy the agent using the SharePoint Central Administration Management Console. Confirm the installation and troubleshoot any issues.
We highly recommend that you use a ULS viewer during the People Picker installation procedure to help you diagnose configuration issues.
2. Assign Okta Claims Provider as Trusted Identity Token Issuer
Assign the Okta Claims Provider that was configured during the Okta SSOAn acronym for single sign-on. In a SSO system, a user logs in once to the system and can access multiple systems without being prompted to sign in for each one. Okta is a cloud-based SSO platform that allows users to enter one name and password to access multiple applications. Users can access all of their web applications, both behind the firewall and in the cloud, with a single sign in. Okta provides a seamless experience across PCs, laptops, tablets, and smartphones. configuration as the
SPTrustedIdentityTokenIssuer for People Picker.
SPTrustedIdentityTokenIssuer was named something other than
Okta during the SSO configuration, update the commands below with the correct values.
$trust = Get-SPTrustedIdentityTokenIssuer "Okta"
$trust.ClaimProviderName = "OktaClaimsProvider"
3. Validate the installation and configuration
Enter the following PowerShell command to retrieve the
Make sure the Okta provider is
Enabledand configured as
4. For SharePoint 2010 only: Upload the Okta Certificate People Picker
The SharePoint administrator must import the Okta DigiCert Root Certificate and all certificates in its cert chain into the SharePoint certificate store. Perform the procedure described in For SharePoint 2010 only: Import security certiﬁcate to Trusted Root Certiﬁcate Authority
Troubleshoot the People Picker
OktaClaimsProvider in the SharePoint ULS logs to monitor the activity of the claims provider. A ULS log viewer is recommended.
Upgrade the Okta Claims Provider or People Picker
Before you upgrade the Okta Claims Provider or People Picker, we highly recommended that you completely remove the previous version of the Okta People Picker. See Uninstall Okta People Picker and Okta Authentication for uninstallation instructions and then deploy the new version using the deployment procedure.