Active Directory integration known issues
The following are the known issues with Active DirectoryActive Directory (AD) is a directory service that Microsoft developed for the Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. (AD) integrations:
If you are using a custom URL:
- Agents – Use the actual domainA domain is an attribute of an Okta organization. Okta uses a fully-qualified domain name, meaning it always includes the top-level domain (.com, .eu, etc.), but does not include the protocol (https). (example.okta.com) and not the custom domain (example.customname.com).
- IWA SSOAn acronym for single sign-on. In a SSO system, a user logs in once to the system and can access multiple systems without being prompted to sign in for each one. Okta is a cloud-based SSO platform that allows users to enter one name and password to access multiple applications. Users can access all of their web applications, both behind the firewall and in the cloud, with a single sign in. Okta provides a seamless experience across PCs, laptops, tablets, and smartphones. – Modify the web.config file to include the custom url.
- Agentless DSSO – Make sure that all sign-in flows and browser bookmarks use the correct URL.
- When you add a new attribute to an AD domain, restart every Okta AD agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. connected to the domain. If the Okta AD agents are not restarted, an Active Directory restriction causes the AD agents to base-64 encode the new attribute's values.
- When renaming an AD domain, uninstall the Okta AD agent before you start the renaming process. When you complete the renaming process, reinstall the Okta AD agent with the new domain name. A renamed domain appears as a new AD appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. instance in Okta.