For most companies, Microsoft Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) directories such as SunOne or Oracle Internet Directory play the central role in coordinating identity and access management policies. AD/LDAP typically serves as a “source of truth” for user identities and provides access control to on-premises resources such as networks, file servers, and web applications.
When on-premises applications are integrated to Active Directory or LDAP, users get the best possible experience: they log in to their domain once and are granted access to the appropriate resources. Administrators benefit too—they maintain clear control over who has access to what. This model is ubiquitous because it works well with LAN-based architectures (where applications are served from hardware inside the firewall). However, this approach begins to break down as enterprises shift to cloud-based applications, and a new solution is needed.
Combining Directories and the Cloud
In most enterprises, Microsoft Active Directory (AD) is the authoritative user directory that governs access to basic IT services such as email and file sharing. Often, AD is also used to control access to a broader set of business applications and IT systems.
SaaS applications are each developed with their own native user directories that control direct access to their individual services. And, because they run outside of the firewall, SaaS applications have traditionally been beyond the reach of Active Directory.
One of the many features of the Okta service is the industry’s most unified, comprehensive, and easy-to-use Active Directory integration solution. The Okta service and Active Directory integration component provide all the following features.
Using AD with Okta
Okta offers the industry’s most complete, robust and easy to use Active Directory integration that spans authentication as well as user provisioning and deprovisioning. Like the core service itself, the Okta AD integration is also very easy to set up, manage and architected for high availability.
The Active Directory Integration automatically has the following default settings enabled.
For detailed instructions on using AD with Okta, see Installing and Configuring the Active Directory Agent and the attached Okta Active Directory Deployment Guide.