Why does a user's name get attached to the system.agent.ad.update_user action with LDAP integration? Skip to main content
https://support.okta.com/help/answers?id=9062a000000qupuqak&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Derek MillerDerek Miller 

Why does a user's name get attached to the system.agent.ad.update_user action with LDAP integration?

We are using the Okta LDAP Agent and every time a user logs in, a "system.agent.ad.update_user" shows in the logs with my username attached as the actor. I'm assuming this is because I set up the agent.

Is there a way to change this? What happens if my user is no longer in the system - will the actions fail?
Best Answer chosen by Derek Miller
Adrian MocanuAdrian Mocanu (Okta, Inc.)
Thank you for reaching out to Okta Support, my name is Adrian and I'll be handling your case.  
That is correct, the reason why your username appears is because you are the one that configured the agent. 
If you want to have that changed you can create a service account with Super Admin rights in Okta and reinstall the agent, that will re-create the API token with the name of the service account.

All Answers

Adrian MocanuAdrian Mocanu (Okta, Inc.)
Thank you for reaching out to Okta Support, my name is Adrian and I'll be handling your case.  
That is correct, the reason why your username appears is because you are the one that configured the agent. 
If you want to have that changed you can create a service account with Super Admin rights in Okta and reinstall the agent, that will re-create the API token with the name of the service account.
This was selected as the best answer
Derek MillerDerek Miller
Thanks, Adrian!

Can you address the second part of my question? Will the agent fail if my user is removed from Okta?

The reason that creating a service account is difficult for us is because we enforce MFA for all users.