Uninstall or re-install the Okta LDAP agent

When you uninstall and reinstall your Okta LDAPLightweight Directory Access Protocol (LDAP) is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services. agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations., you can remove the existing Okta API token. If you are performing an upgrade, you don't need to remove the Okta API token. To remove the API token, you must delete the Okta LDAP agent folder and deactivate and remove your old Okta LDAP agent.

To continue using an Okta LDAP agent and to avoid down time, you must have at least two agents running before you uninstall one of them.

Uninstall the Okta LDAP agent on Windows

  1. On your Windows server, click Start > Control Panel > Programs > Programs and Features.
  2. Select the Okta LDAP agent, and then click Uninstall/Change.
  3. To remove the agent configuration data from the hard drive, on the agent server, go to C:\Program Files\Okta and delete the Okta LDAP agent folder. Deleting this folder removes the agent configuration data and the API token from your hard drive. The API token for the server remains valid in Okta, so it is important to remove the configuration data.

Uninstall the Okta LDAP agent on Linux

On your Linux server, open a command prompt and run one the following commands:


dpkg --remove OktaLDAPAgent


yum remove OktaLDAPAgent

Issuing the remove command removes the agent, all the agent configuration data, and the API token from your hard drive. The API token for the server is still valid in Okta so it is important to remove the configuration data.

Reinstall the Okta LDAP agent

Installing the Okta LDAP agent does not overwrite the configuration data in the Okta LDAP agent folder. To reinstall and create a new API token, delete the Okta LDAP agent folder before reinstalling the Okta LDAP agent.

  1. Install the Okta LDAP agent. See Install and configure the Okta LDAP agent.
  2. On the Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, click Directory > Directory Integrations.
  3. Click LDAP and the Agents tab.
  4. Confirm that your reinstalled Okta LDAP agent appears in the Agent Monitors section and it is connected to Okta. A minimum of one Okta LDAP agent should be online.
  5. Optional. Revoke the Okta API token of the previous Okta LDAP agent:
    1. Under Agent Monitors, click Deactivate Agent for the previous Okta LDAP agent and then click Deactivate Agent to confirm. Deactivating the agent revokes its API token.
    2. Click Delete and then click Delete Agent.