The short answer for this case is "Yes", if you have "Auto-activate new users" from the Settings page of your Active Directory tab (when accessing Okta dashboard - Directory - Directory integrations)
But the long , more detailed answer is "Depends".
- for example I'd need to have all 4 mandatory attributes correctly defined when creating new users. First Name, Last Name, Username (in an e-mail format) and primary e-mail.
- in the same Setting tab of your AD in Okta, take a look at the three radio bullets options under Match Settings as these will determine how an user is imported if it's an exact match and if you would allow also partial matches
- just below in the Confirmation Settings you can choose how to auto-confirm or auto-configure users, depending on your internal desired configuration or org policy.
For example , in the scenario where I created a user in AD, set his 4 attributes and checked only on "password never expires",
IF I have configured my AD to have delegated authentication ( if you want Active Directory to authenticate your users when they sign into Okta. A user's Okta credentials are the same as their Active Directory credentials when delegated authentication is on).
AND IF I have back in my Okta org the "Match settings - imported users is an exact match to okta if - Okta username format matches " , down below I also allow partial matches by first and last name , and further on I have checked on "New users- Auto-confirm new users and Auto-activate new users",
THEN in my next import (be it incremental or full), this new user will apear as "Active" and he can go ahead and log on.
Furthermore, if you choose not to schedule imports and leave the Just in Time provisioning enabled, your users will be automatically created and updated at sign-on, and also any time you as an Admin check their profile pages from your own Okta instance (automated process in the background).
Note : If you are using JIT provisioning with AD users, they must be imported first. After you enable JIT, import user accounts from AD. The import process defines the set of AD accounts that can be used to create Okta accounts (whether via JIT or the confirmation process).
More links to help you out :
https://support.okta.com/help/Documentation/Knowledge_Article/Install-and-Configure-the-Okta-Active-Directory-Agent-1597766701 [scroll down to "Schedule Import"]
Importing people :
Choosing an Incremental or Full Active Directory Import
I hope I answered your quetion and covered most related topics.
Let us know if you require further help or should you encounter any issues, feel free to open a case ticket with us and we'll be ready to assist you.