LDAP integration known limitations

The following table lists the known limitations with Okta LDAP integrations.

Feature	Comments
Supported Directories	The Okta LDAP agent is supported with all LDAP v3 servers (RFC 4510 compliant). It has been tested with the following: Active Directory Lightweight Directory Services (AD LDS) eDirectory IBM OpenDJ OpenLDAP Oracle Directory Server Enterprise Edition (ODSEE) Oracle Internet Directory (OID) Oracle Unified Directory (OUD)
Scenarios	Object Lifecycle Management Group Management Password Management Notable features not supported by the LDAP Agent: Group Password Policy Per-instance Delegated Authentication Group Push Note: The Okta LDAP agent is not recommended for large LDAP migrations.
Operations	The following operations are supported on all LDAP directories: Full Import User provisioning The following operations are only supported on specified directories: Incremental Imports Set Password Change Password
Schema	The LDAP agent automatically detects user schema based on the user objectClass specified Supports structural classes, auxiliary classes for users