Install the Okta LDAP Agent

Install the Okta LDAP Agent to let your users authenticate to Okta using their LDAP credentials without replicating those credentials into the cloud.

Install the LDAP agent in a Linux environment

  1. On the host server, sign in to Okta using an Okta admin account with super admin permissions to access the Admin Console.
  2. Download the Okta LDAP Agent:
    1. In the Admin Console, go to Directory Directory Integrations.
    2. Click Add DirectoryAdd LDAP Directory.
    3. Review the installation requirements, and then click Set Up LDAP.
    4. Click Download Agent and select Download RPM Installer or Download DEB Installer.
  3. Install the Okta LDAP Agent agent on your Linux server:
    1. Sign in to your Linux server as the root user.
    2. Copy the agent .rpm or .deb file to a scratch directory.
    3. Open a command prompt and cd to the scratch directory.
    4. Run one of the following commands to install the agent:

      Install an RPM package:

      yum localinstall OktaLDAPAgent_xx.xx.xx.x86_64.rpm

      Install a Debian package:

      dpkg -i OktaLDAPAgent_xx.xx.xx_amd64.deb

      The installation process reports the total size of the installation and prompts you to continue.

  4. Optional. Perform the steps to Enable LDAP over SSL.
  5. Run the configure_agent.sh script to finish configuring the agent.

Install the LDAP agent in a Windows environment

  1. On the host server, sign in to Okta using an Okta admin account with super admin permissions to access the Admin Console.
  2. Download the Okta LDAP Agent:
    1. In the Admin Console, go to Directory Directory Integrations.
    2. Click Add DirectoryAdd LDAP Directory.
    3. Review the installation requirements, and then click Set Up LDAP.
    4. Click Download AgentDownload MSI Installer. Download the installer to your Windows server.
  3. Launch the installer on the host server. Click Run.
    1. If the message that appears is Do you want to allow the following program to make changes to this computer?, click Yes.
    2. Click Next.
    3. Accept the license agreement and click Next.
    4. Accept the default installation folder location, or click Browse to select another location, and click Install.
    5. Optional. If you want to enable LDAP over SSL (LDAPS), complete Enable LDAP over SSL, and then continue with this procedure.
    6. On the LDAP configuration page, enter the following information:
      • LDAP Server: Enter the LDAP host and port in the form of host:port. For example: ldap.mycompany.com:389.
      • Root DN: The root distinguished name of the directory information tree (DIT) from which users and groups are searched.
      • Bind DN: The distinguished name of the bind LDAP user that's used to connect to the LDAP directory by the agent.
      • Bind Password: The password of the bind distinguished name that's used to connect to the LDAP directory by the agent.
      • Optional. Use SSL connection: Select this option if you enabled LDAP over SSL (LDAPS). (Note: If you select this without performing the steps in Enable LDAP over SSL, the error Failed to connect to the specified LDAP server appears.)
  4. Click Next.
  5. Optional. To have the LDAP agent use a proxy server, select Use proxy server. Enter the details for the proxy server for the Okta LDAP Agent to use on the Okta LDAP Agent Proxy Configuration page, and then click Next.

    If the LDAP proxy server returns its own schema, issues importing user data can occur when the proxy server schema and LDAP server schemas are different. To avoid data importation issues, make sure that the LDAP proxy server and LDAP server schemas are identical.

  6. Enter your Okta org URL. For example, https://mycompany.okta.com. Click Next.
  7. Click the activation link (for example, https://mycompany.okta.com/activate) and enter the code displayed by the installer. Click Next.
  8. On the Okta Sign In page, sign in using an account that has permission to manage directories, and to manage and register agents.
  9. Permission is required to register the agent with Okta. Click Allow Access. The agent installation continues. (If an error message appears, see Locate the Okta LDAP agent log.)
  10. Click Finish.
  11. Configure the LDAP integration settings. See Configure LDAP integration settings.

Next steps

Configure LDAP integration settings