<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
Active Directory Agent Offline with 403 Forbidden Error
Okta Classic Engine
Okta Identity Engine
Directories
Overview

This article describes an issue where the Active Directory (AD) Agent is offline. The agent logs display the following error when connecting to Okta:

 

403 (Forbidden)

 

Additionally, the system log shows the following entry for the same IP address as the AD Agent host server:

 

Request from suspicious actor DENY

 

Applies To
  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • Active Directory (AD) Agent
  • Threat Insight
  • Network zones
Cause

Threat Insight blocked the AD Agent IP address.

Solution
  1. Add the AD Agent host server IP address to a Network zone.
  2. Add the configured zone to the Threat Insight exclusion list. Refer to Exempt an IP Zone from ThreatInsight for detailed instructions.
Loading
Active Directory Agent Offline with 403 Forbidden Error