User Lockout Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Adrian OcampoAdrian Ocampo 

User Lockout

What would be the best practice when unlocking user? Should I unlock user via OKTA or directly from AD? If locked out in okta, will I be lockout in AD as well? If AD account has been locked out, can I unlock it via OKTA? AD is the Profile Master in this scenario.

Users can't login still even after unlocking the account in OKTA.
Vasile DragomirVasile Dragomir (Okta, Inc.)
User can be unlocked in AD via Okta . 
You will first have to add a Rule to your Active Directory password policy which allows for users to change their AD passwords in Okta. (Security > Authentication > Active Directory Password Policy > Add Rule) Once this is activated, then you can click a user's name from the People page and you should have the option of clicking the Reset Password button in the upper right of the user's page.