<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Troubleshoot Okta Activation Emails Not Sending for Active Directory Users
May 19, 2026
Directories
Overview

Activation emails for new Active Directory (AD) users fail to send when expected. This occurs when the provisioning settings prevent activation emails or when the Okta mail server blocks the recipient address. Resolve this by verifying the AD provisioning settings and testing the activation email recipient address.

Applies To
  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • Active Directory (AD)
  • Provisioning
  • Activation Emails
Cause

Administrators enabled the Don't send new user activation emails for this domain option in the provisioning settings, or the Okta mail server blocks the configured email address.

Solution

How is the issue of the missing Active Directory activation emails resolved?

 

Verify the provisioning settings for imported users, test the activation email recipient for provisioned users, and check the System Log for email delivery events as detailed in either the video demonstration or the written instructions.

 

 

Navigate to the provisioning settings to verify the activation email configuration, test the recipient address, and query the System Log for delivery failures.

  • For users imported from AD to Okta:
    1. Navigate to Directory, select Directory Integrations, and select the AD instance.
    2. Select the Provisioning tab, and then select To Okta.
    3. Clear the Don't send new user activation emails for this domain checkbox. Enabling this option prevents Okta from sending activation emails to new users, requiring administrators to activate users manually.

Provisioning

 

  • For users provisioned from Okta to AD:
    1. Change the Activation email recipient to a known-good email address to test deliverability. The administrator must provide the end user with the Okta password.

Provisioning

 

    1. Navigate to Reports, and then select System Log.
    2. Enter the following query to determine if the Okta mail server blocked the configured email address or if the address cannot receive emails from Okta, inserting the affected user's email address where indicated: 

      target.id eq "EMAIL-ADDRESS" and eventType eq "system.email.delivery"

    3. If System Log confirms the user's email address is blocked, unblock the address using an Okta API call as detailed in Troubleshooting Okta Email Delivery Issues.

Recommended content

Still looking for help?
Loading
Troubleshoot Okta Activation Emails Not Sending for Active Directory Users