Master one account multiple AD Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmbfqaq&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Nicole DotyNicole Doty 

Master one account multiple AD

Hi,
I have two seperate AD domains/forests in which there is a business need for the same person to exist in both domains for legacy application access.  I have my Okta Master set up for 1. Workday 2. AD1 3.AD2.  Is it possible to have AD1\User1 and AD2\User1 be "managed" by Workday and Okta such that when Okta/Workday updates the user and/or disables the user, user objects in both ADs are updated?
Jaypee ManansalaJaypee Manansala (Okta)
Hi Nicole,

Thanks for posting your query in Okta Community.

If the user is mastered by Workday in Okta, (1) you can assigned the user on 2 groups that will be manage by AD1 & AD2 group respectively (*Provisioning Features: Create User and Update User Profile Attributes are enabled on both AD's). (2) You can also performed Push Groups on both groups that the user is a member downstream to AD1 and AD2 (make sure the groups OU are connected to Okta)

If you find youself in to trouble, please submit a support case to have this functions working for you.

Best,

JP Manansala