Using Okta AD Connector with AWS Simple AD Skip to main content
https://support.okta.com/help/answers?id=906f0000000xzkmia4&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Chris DoddsChris Dodds 

Using Okta AD Connector with AWS Simple AD

Curious if anyone is using the Okta AD connector to provision users to AWS Simple AD without passing through an AWS AD connector?

I'm considering a scenario of not using MS AD in the environment.
Jonathan SpivaJonathan Spiva
This would be truely awesome. We would use it to help deploy Amazon Workspaces. Have you tried it yet? 
Chris DoddsChris Dodds
I can confirm the connector worked for me when I tested yesterday. I haven't tried anything advanced yet (multiple UPNs, etc), just spun up an instance, installed the agent, and pushed some test users.

I'm still trying to decide if this path is going to work, but it's mostly around Samba4 limitations. I'm also not sure if it would be possible to automate the AD agent install & web auth as part of a server bootstrap.
Jonathan SpivaJonathan Spiva
I did some setup with this tonight, I think it may work in our use cases if I can figured out how to have okta users created in Simple AD. If it were a different okta app I could consider this provisioning. Sending in a support ticket. Let me know if you make any progress on your side. 
Chris DoddsChris Dodds
You just need to spin up an instance that's joined to SimpleAD and install the Okta AD agent on it. Use directory provisioning instead of app provisioning. Works fine.
Jonathan SpivaJonathan Spiva
UI wise is that showing up for you in the Directires area. Shot of the my AD setup in directories of the admin interface.
Chris DoddsChris Dodds
Yup. Shows up the same as an on-prem directory. 
Jonathan SpivaJonathan Spiva
Chirs, I must be missing something. 

How do I tell Okta to create the user (from okta info) in the directory via the AD Agent?
Chris DoddsChris Dodds
Create an Okta group, assign the group to the directory, assign users to the group. If you want the actual security group to appear in the directory as well you configure Push Groups in the directory settings.