Okta Password Reset by Administrator - 2 Questions
This weekend I received an email from our OKTA tenet with the subject Okta Password Reset by Administrator. It was not an email triggered by an OKTA admin nor was it triggered by the 'Forgot Password' link on the login page. The account was for our AD Service Account which works with the AD agent for our Active Directory integration. We have enabled passwords to expire after 60 days.
Question 1: Would this have been automatically triggered by OKTA because the password is past the expiration time? There is nobody else who has admin rights to trigger this in the console. Also, it was late in the evening. Question 2: Being that this is a service account that we do NOT login with routinely, is it safe for us to ignore this reset without brining the AD integration down?
I've never seen this before but i'm very interested in the answer, my service accounts are on a manual rotation with their password set to never expire.
From an AD persepctive did the AD service account have it's password changed?
If changed do you have windows security logs indicating who did it (assuming it was itself)
I don't see this as a documented feature of the AD Agent but i think it would be a nice feature. I generally don't care what my AD Agent service account password is, if it was capabale of changing it's own password (and letting the other AD Agent's know about it) i would be happy.