When you disable an Active Directory (AD) account, Okta's automated deprovisioning feature removes app assignments, deactivates the associated Okta user account, and disables any user-management-supported apps. If the deprovisioning workflow does not occur automatically, you are notified of the required steps on your Administrator Dashboard.
Okta now supports two methods of automated account reactivation (Note: both methods are Early Access features. Contact support if you'd like to enable one or both methods):
- JIT Reactivation will reactivate a deactivated user's account upon login into Okta if that user's account has been reactivated or re-enabled in Active Directory
- Profile Sync Reactivation will reactivate a deactivated user's account upon an import operation from Active Directory
To manually reactivate a deactivated account that was imported from a source directory, perform the following steps:
- Reactivate the user's account in Active Directory
- In Okta Admin Console, navigate to Directory > People and find the user who needs to be reactivated
- Click the Activate Person button in the upper-right
- Run an import from AD. We recommend that you perform a full import to ensure that AD finds the user's record.
- Confirm and activate the user in the Import Results screen,