Make first and last name optional in Active Directory

Okta has defined 31 default base attributes for all users in an orgThe Okta container that represents a real-world organization.. These base attributes are generally fixed and cannot be modified or removed. There are two exceptions: First Name and Last Name. These two attributes can be marked as required or optional for Okta and Active DirectoryActive Directory (AD) is a directory service that Microsoft developed for the Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. (AD)-mastered users. The default setting for new AD instances is that first and last name are required.

To import AD-mastered users with blank First Name or Last Name attributes:

  • You must first mark the attributes as optional in the Okta user profile and the AD user profile, otherwise the import or JIT operations will fail.
  • If you have auto-confirm selected for matching users on import, the import will fail in the creation flow if the Okta and AD user profile settings do not match.
  • If the First or Last name attribute is marked as not required and you have imported users with no first or last name, and then you change the attribute to be required again, the users with the blank attribute are deactivated on the next full import. When users are deactivated they are unable to sign in to Okta.
  1. On the Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, click Directory > Profile Editor.
  2. Click Directories in the Filters list.
  3. For Active Directory, click Profile in the Actions column.
  4. Click the information icon for the firstName variable.
  5. Clear the Attribute required check box.
  6. Click Save Attribute.
  7. Repeat steps 4 to 6 for the lastName variable.