Upgrading the OKTA AD Agent 3.2.1 to 3.3.5 (feedback from the fields) Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Danny PANSDanny PANS 

Upgrading the OKTA AD Agent 3.2.1 to 3.3.5 (feedback from the fields)

I want to share my findings regarding upgrading the OKTA AD Agent 3.2.1 to 3.3.5 on a Windows 2012R2 server.

First i have to turn off all security hardening on the server.

Trying the upgrade: starting the setup of 3.3.5 (with 3.2.1 installed) as admin.
Setup starts and tries to remove the older version.
Eventually the setup fails.
Starting appwiz.cpl, the old version is still listed in the installed software.
Selecting it and clicking uninstall,
I get the message that it’s already uninstalled. ‘Do you want to remove it from the list?’ > OK
Doing this, doesn’t remove the OKTA AD Agent service.
From admin cmd;
Sc delete ‘OKTA Active Directory Service’
Restart the server… just to make sure.
In C:\Program Files(x86)\OKTA -> remove or rename the ‘OKTA AD Agent’ folder. (or setup will keep failing).

Only after this, I can successfully install the new AD Agent.
Add all my AD domains!

When all done, turn on security hardening on the server.

In the OKTA cloud, the Agent server will appear double with new and old version.
Remove the red one… the old version by first deactivating it which will make appear the delete button.


And now i have to repeat this procedure 160 times... (yes, we have 80 ADs)

Please share in this topic your findings regarding upgrading Okta AD Agent, it will help OKTA engineers to improve their upgrade process !

Thank you for your cooperation.
Raja NejemRaja Nejem (Okta, Inc.)
Thank you for your input.  We will forward this to the engineering team to insure future upgrades are more seamless.