Active Directory- "User must change password at next logon" - How do we set this setting in Okta when we migrate users, does OKta also prompt users to change the password or the user will have to first chnage password in AD Skip to main content
https://support.okta.com/help/answers?id=906f0000000i0bfiak&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
AD Agent AdministratorAD Agent Administrator 

Active Directory- "User must change password at next logon" - How do we set this setting in Okta when we migrate users, does OKta also prompt users to change the password or the user will have to first chnage password in AD

Active Directory-  "User must change password at next logon" - How do we set this setting in Okta when we migrate users from AD, does OKta also prompt users to change the password or the user will have to first change password in AD. Also this settings may not be set all new users.
Wils DawsonWils Dawson (Okta, Inc.)
Hi Gaurav,

If you're importing users from AD into Okta, but keeping them as AD mastered users (with Delegated Authentication), the "User must change password at next logon" setting behavior will vary depending on your AD authentication settings. This document (https://support.okta.com/help/articles/Knowledge_Article/51285468-Active-Directory-Password-Reset) shows you how to set up users to be able to reset their AD passwords in Okta (users should be prompted for a new password in Okta when their AD record has the "User must change password at next logon" setting).

If you are moving users from being AD mastered to Okta mastered, there is an equivalent setting in Okta for expiring users' passwords.

Hope that helps,
Wils