Can OKTA sync AD user passwords from one domain to another? Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmfrqaq&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Jace PerontoJace Peronto 

Can OKTA sync AD user passwords from one domain to another?

Hello,

We are in the process of an AD domain migration from one old domain to a new domain. All objects will be migrated. I'm having a hard time tracking down documentation that outlines OKTA's multi domain management capabilities. Can OKTA syncronize user object passwords, and other variables, from one domain to another? Can we use OKTA to replace some of the ADMT functionalities?

What capabilities does OKTA have that may help us migrate from one domain to another? IE cross domain application authentication, user management etc

Marc JohnstonMarc Johnston (Okta, Inc.)
Hi Jace,

Okta currently does not support connecting one Okta account to mutiple AD Domains. Okta accounts connect to AD domains on a 1:1 ratio. So the password sync features can sync AD to Okta or Okta to AD for only one domain.

Sync Pasword - Under Notes - It is not possible to sync passwords from one AD domain and also push passwords to a different AD domain from a single Okta org, such as when a customer wants to pull users from multiple departmental or subsidiary ADs and push them to a central or application-specific AD.

https://help.okta.com/en/prod/Content/Topics/Security/Security_Using_Sync_Password.htm?Highlight=Using%20Sync%20Password