Disconnect user from Active Directory

You can disconnect usersIn Okta literature, we generally refer to "users" as the people who serve as Okta administrators. When we refer to "end users" we are generally referring to the people who the administrators serve. That is, those who use Okta chiclets to access their apps, but have no administrative control. who were imported from Active Directory (AD) so that they become native Okta users. This is helpful when it is necessary to directly edit user fields such as an email address or to prevent updates from being automatically synced from AD.

To do this, perform the following steps:

  1. From your Administrator Dashboard, select People.
  2. Click the Disconnect from Active Directory button, select the users you want to disconnect, then click the Disconnect Selected button. To disconnect all users from AD, click the Disconnect All button.
  3. In the Disconnect user from Active Directory dialog, decide if you'd like to reset the disconnected users' passwords and then click Disconnect People. If you don't reset passwords, the users are locked out of Okta and are unable to sign into Okta with their AD credentials.

To switch users back to being AD mastered, reimport them to link their Okta accounts to their AD accounts.