Hi Arjan, Thanks for posting your question here. This usually happens when the service account doesn't have enough permissions to make changes on your server. Please check the service account that you are using for Okta-AD integrations and make sure it has rights to update your groups, users etc. then try again.
Behrouz Ghorchi Technical Support Engineer Okta Global Customer Care