The Office 365 application tile does not appear for a user recently assigned to it, even though the application assignment appears as successful in the System Log. Password Sync is enabled.
- Office 365 with Password Sync enabled
- Okta Integration Network (OIN)
The "password sync" operation failed during application assignment because the org uses Delegated Authentication. The Sync Password feature is for Okta passwords and can be used in non-Active Directory environments only if DelAuth is enabled, authenticating to AD. Sync Password is obsolete and should be disabled.
During O365 user provisioning, for users who authenticate via Delegated Authentication, the job will fail when it attempts to sync an Okta password that does not exist for the user. This is the last step before assigning the tile(s) to the user's dashboard. For more on this, see Application Password Synchronization.
NOTE: This failure does not register as an event in the System Log or the Tasks dashboard.
This can be resolved by disabling Password Sync with the following steps.
- In the Okta Admin console, click the Applications tab.
- Click the Office 365 application and click the Provisioning tab.
- In the left pane, click To App.
- Scroll to Sync Password and uncheck Enable.
