<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Update the Password for the Okta AD Agent Service
Mar 12, 2026
Okta Classic Engine
Directories
Okta Identity Engine
Overview

This article describes how to update the password for the Okta Active Directory (AD) Agent Service directly within the Windows Services console.

Applies To
  • Okta Classic Engine
  • Okta Identity Engine (OIE)
  • Active Directory (AD) integrations
  • AD agent
Solution

How is the Okta AD agent service account password updated?

In this video, learn how to change the Okta Active Directory agent service account password, or follow the steps below.


 

The following steps describe how to update the Okta AD Agent service account password on the Windows server where the agent resides.

  1. Navigate to Start, select Run.
  2. Enter services.msc and select OK.
  3. Locate the Okta AD Agent service.
  4. Right-click the service and select Properties.

Okta AD Agent

  1. Select the Log On tab.

Okta AD Agent Properties

  1. Enter the new password and select Apply, then select OK.
  2. Right-click the service and select Restart to apply the changes.
  3. Make sure to update the password on all AD Agents servers in the org.

NOTE: This process should be used to update the password for the existing service account only. Do not use this method to change the service account username. To use a different service account for the Okta AD Agent, it will be necessary to reinstall the agent. Because the configuration file is linked to the original user profile, changing the username via Properties on the service causes the Okta AD agent to stop with the following errors:

  • In Services, when trying to start the Okta AD Agent service:

The Okta AD Agent service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.

 

Error

 

  • In Okta AD Agent logs: 

Could not load encrypted configuration settings. The configuration file was probably encrypted by another user. Reinstall the agent to fix this issue.
Could not start the agent. Reason: All instances failed to initialize.

If Desktop Single Sign-on (SSO) is in use and service account passwords are rotated, ensure that the corresponding Desktop SSO credentials are also updated. Okta recommends maintaining a dedicated service account for Desktop SSO, separate from the account used by the Okta AD agent.

Related References

Recommended content

Still looking for help?
Loading
How to Update the Password for the Okta AD Agent Service