<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Okta Active Directory Agent Installation Fails With "Is Not a Domain of the Forest" Error

Last Updated:

Directories
All Engines
Okta Classic Engine
Okta Identity Engine

Overview

During an Okta Active Directory (AD) Agent installation, the process fails because the account running the installer is not a direct member of the target domain. Running the installer using an account that is a direct member of the domain resolves this issue. When this failure occurs, Okta logs the following error in the InstallUtil.log file:

 

Warning -- <domain> is not a domain of <forest> forest

 

Applies To

  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • Directories
  • Active Directory (AD)
  • Okta AD Agent

Cause

The Active Directory user account running the installer is not a member of the target domain.

Solution

How is the "Is Not a Domain of the Forest" error resolved?

 

Ensure the account running the Okta AD Agent installer is a direct member of the target domain. Verify the installation account possesses direct membership in the target domain before attempting the installation process again.

 

 

Related References

Recommended content

Still looking for help?
Loading
Okta Support - Okta Active Directory Agent Installation Fails With "Is Not a Domain of the Forest" Error