Okta Active Directory Agent Version History
This page lists current and past versions of the Okta Active Directory AgentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations.. This page is updated whenever a new version of the agent is released to General Availability (GA) and/or Early Access (EA). It was last updated June 14, 2017 (preview release 2017.24).
Important: To ensure that you have up-to-date functionality and get optimum performance from your Okta AD agent(s), we strongly recommend that you download and install the latest version of the agent on your designated domain server(s). If you are running multiple Okta AD agents, make sure that all of them are the same version. Running different versions can cause all agents to function at the level of the oldest agent.
|Current GA Version||3.4.3|
|Current EA Version||3.4.7|
This Early Access release now sends the following time stamps in milliseconds, instead of seconds:
|3.4.6||This Early Access release provides various improvements to the agent log, and improves the way that the Okta AD agent interprets the date formats sent by AD.||2017.24|
This Early Access release fixed an issue where Okta failed to recognize usersIn Okta literature, we generally refer to "users" as the people who serve as Okta administrators. When we refer to "end users" we are generally referring to the people who the administrators serve. That is, those who use Okta chiclets to access their apps, but have no administrative control.' AD group memberships following JIT profile creation and updates.
Note: This update was initially documented in the release notes for 2017.05.
This Early Access release provides the following:
This Generally Available release provides the following:
This Early Access release provides the following enhancements:
|3.4.1||This release allows admins to enforce Active Directory's password policy for end usersIn Okta literature, we refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. who have forgotten their password.||2016.04|
This version provides support for SSL certificate pinning. By default, pinning is enabled for new installations. For agent upgrades, your current state of enablement is preserved. †
To allow new installations to complete in environments where SSL pinning may prevent communication with the Okta server, this version also includes a command line option in the installer that lets admins disable SSL pinning. †
†Note: The default state of this feature was reversed in GA release 3.4.3.
|3.3.5||This version combines the best features of existing Classic Imports and Federated Profiles integration options. For details, see About Okta's Enhanced Active Directory Integration||GA – 2015.51
EA – 2015.48
This release uses the FIPS-compliant implementation to perform some cryptographic functions.
Fixed an issue that caused the agent to send empty User Agent strings.
Fixed an issue that prevented the agent from shutting down.
Fixed an issue where, when AD_FEDERATED_PROFILES was enabled, the user AD Group membership information was not always updated.
|3.2.0||This update includes repair of a memory leak. This improvement should reduce instances of delegated authentication timeouts.||2015.10|
|126.96.36.199||This update changes the default connection configuration to increase scalability in the throughput of processes between Active Directory and Okta.||2014.44|
|188.8.131.52||This update now enforces MFA policy during setup of AD. For Universal Directory users, this update also includes enhancements in configuring your AD schema in UD.||2014.41|
|184.108.40.206||Changes include several logging enhancements, including performance data. Also includes the following bug fixes:
|3.0.7||This update provides multithreaded polling for AD agents.||07/23/2013|
|3.0.6||This update supports Federated Profiles.||05/10/2013|
|3.0.5||This update includes a security enhancement: Currently the agent token is stored in plain text in the configuration file, and with this update it will be encrypted, making it more secure. If you use a proxy, the password you enter will also be encrypted. There are no functional changes to the agent and you can update at your convenience.||02/05/2013|
|3.0.4.x||The AD agent 3.0.4.x supports IWA redundancy.||12/05/2012|
|3.0.3||You can now configure a proxy server during installation.||10/17/2012|
|3.0.2||This includes all updates from earlier releases.
Updates to support the following:
|3.0.1||This update includes the following bug fixes:
|3.0||This update includes:
|2.1.4||This update includes:
Note: After October 13, 2014, releases are named by release number; prior to that, they are named by release date. Release numbers indicate the year and week in which the release became available. Occasionally, there are gaps in the numbers.