Desktop SSO agent stops when AD agent is stopped/restarted Skip to main content
https://support.okta.com/help/answers?id=906f0000000i00dias&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Danny PANSDanny PANS 

Desktop SSO agent stops when AD agent is stopped/restarted

We are running Okta AD Agent & Okta Desktop SSO on the same server and use Desktop SSO in global redirect mode.
We found that when an AD agent goes down in a domain, the IWA agent stops too. When the AD agent is restarted, we need to manually start IWA (do an iisreset from cmdline) to let Desktop SSO works again.

Is this normal - if so why? If not, how to resolve?
I guess this behavior is not a normal approach and it is not working as intended, but a bug...

Thanks for your feedback.
 
Danny PANSDanny PANS
Meanwhile I have found the root cause and solution:

* Okta AD agent and Desktop SSO (OktaIWA application pool) are running with the same domain service account.

* If we use 2 different domain service accounts, it is working fine, no interference anymore.