Does OKTA support import of a user from OKTA to the LDAP (integrated with it) ? Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
debo Dedebo De 

Does OKTA support import of a user from OKTA to the LDAP (integrated with it) ?

We are doing a POC for OKTA and recently added the LDAP agent to OKTA and did an import of the users from LDAP.
What we were wondering was does OKTA supports addition of users from its UI and that automatically integrates with our LDAP in the back end.
A particular use case can be - we added a new user to OKTA and then in turn that person using his/her email gets access to OKTA. After that can we use OKTA to add that person to our LDAP directory in the back end? That way we can use OKTA as one single place to add people and give access to our custom applications , resources etc. Also once I add that person I can put him in any group in LDAP as well and then proceed from there.

What I researched and found out is currently OKTA doesn't supports that ( I have raised a case for the same - . Also , in this page( ) it was mentioned that right now writing to LDAP is a part of Future Enhancement. I wanted to bring this topic to the attention of the community and would like to ask your opinion on the same? Also, if you can point out some possible workaround for this that would be great as well.

Aaron YeeAaron Yee (Okta, Inc.)
Hi Debo,

As you mentioned, the write to LDAP feature is a future enhancement. We’re targeting this year (exact timeframe is TBD). Other customers who needed to write to LDAP have written a custom connector with our On-Premises Provisioning (OPP product). However, that requires development time. We recommend waiting for the upgraded LDAP capabilities to support this.
debo Dedebo De
Ok , thanks for the information Aaron. Hope this feature becomes available soon!
Marc DantonaMarc Dantona
We discovered that Okta's LDAP agent didn't write to LDAP and it definitely ruined our day. Originally when we asked about LDAP integration, we were shown all the Active Directory agent functionality. We are very much looking forward to this feature enhancement.
Patrick CesardPatrick Cesard
Any update on the LDAP agent being able to provision an account in LDAP? The scenario I'm looking for is the ability to create a group in Okta and add an LDAP directory to it. Anyuser would then becomes a member of the group would get an account provisioned in LDAP.
I believe this scenario can be realized today but the with AD where a provisioning group can be created and AD added to  it., and the AD agent will provision to AD.