Unable to import active directory users Skip to main content
https://support.okta.com/help/answers?id=9062a000000dfqaqao&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Lucius BonoLucius Bono 

Unable to import active directory users

We're testing Okta's active directory integration against our test domain controllers (running Server 2016 TP5). Groups come over just fine when I do a full import, but 0 users were imported during the initial setup of the AD agent and subsequent Full Imports don't remedy the issue. 

My user objects are in the "users" OU, and there's really nothing special about this setup. I've configured Okta to import from the users OU. 

I'm looking for next steps I can take to troubleshoot why the Okta Agent isn't seeing any users in AD. 
Best Answer chosen by Lucius Bono
Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Lucius
Usually, this is caused by missing attributes. Required are: first name, last name, email address, UPN, login name, etc. Did you check the system log? See also: https://support.okta.com/help/articles/Knowledge_Article/28423208-Active-Directory-Field-Mappings

All Answers

Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Lucius
Usually, this is caused by missing attributes. Required are: first name, last name, email address, UPN, login name, etc. Did you check the system log? See also: https://support.okta.com/help/articles/Knowledge_Article/28423208-Active-Directory-Field-Mappings
This was selected as the best answer
Lucius BonoLucius Bono
Ah! We weren't populating the UPN in our AD objects. That fixes our issue, I really appreciate the quick response. 
BSuper BAdminBSuper BAdmin
I am strying to integrate AD 2012 R2. Agent installed successfully but when I try to import, I get the error message  "An error occurred during import An operations error occurred". The logs simply say "system.import.start" success. Any clue where I can troubleshoot?  I looked at the mappings and everything looks in order. UPN is being populated in AD object ok Thanks!.
Rohit RoyRohit Roy
If users are disable in Active directory then also no usrs will be imported, you have to enable them first