Plan your Active Directory integration
You use the Okta Active DirectoryActive Directory (AD) is a directory service that Microsoft developed for the Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. (AD) agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. to integrate Okta with your on-premises AD instance. AD integration provides delegated authentication supportenabling users to sign in to Okta with their AD credentials, user provisioningassigning users to apps, and de-provisioningremoving users from apps. To enable AD integration, you install the Okta AD agent, and then import your existing AD users and groupsGroups allow you to organize your end users and the apps they can access. Assigning apps to large sets of end users is made easier with groups. into Okta.
- Integration implementation options
- Plan for high availability and disaster recovery
- Integration with existing Active Directory forests and domains
- Prepare Active Directory for the integration
- Import considerations
- Okta AD agent installation and update recommendations