<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Missing Active Directory Organizational Unit (OU) In Okta
Apr 1, 2026
Integrations
Okta Classic Engine
Directories
Okta Identity Engine
Overview

Okta does not display new or recently updated Active Directory (AD) Organizational Units (OUs) when the OUs are hidden within the interface, the application data requires a refresh, or the AD agent lacks necessary permissions. Refreshing the application data or granting appropriate permissions to the Okta service account restores the visibility of the OUs.

Applies To
  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • Directories
  • Active Directory (AD)
Cause

Missing OUs in the Okta Admin Console occur due to one of the following factors:

  • Okta hides unselected OUs to provide a streamlined view of the directory structure.
  • The AD agent has not yet processed recent changes to the OU structure.
  • The Okta service account in AD lacks sufficient permissions to access the specific OU.
Solution

Video Guide: Organization Unit in Active Directory Missing in Okta

This 2-minute video demonstrates how to resolve a missing Active Directory organizational unit in Okta.

How are missing Organizational Units restored in Okta?

The following methods resolve the visibility of OUs based on the specific cause identified:

  1. Navigate to the directory integration, then reveal hidden OUs by collapsing and reopening the parent OU of the affected object.

OU

  1. Update the metadata within the Okta environment by following these steps:
    1. Navigate to Applications > Applications.
    2. Select More.
    3. Choose Refresh Application Data

Applications

  1. Synchronize the AD agent with the current directory state by performing a full or incremental import.
  2. Ensure the Okta AD Agent service account has the required permissions by reviewing the Okta Service Account Permissions documentation.

How to audit OU changes in the Okta System Log?

The Okta System Log provides visibility into OU updates. Use the following queries within the System Log (Admin Dashboard > Reports > System Log) to track these events that was created or deleted during an import process:

  • To find created OUs:

eventType eq "system.import.custom_object.create" and debugContext.debugData.customObjectType eq "OrganizationalUnit"

 

  • To find deleted OUs:

eventType eq "system.import.custom_object.delete" and debugContext.debugData.customObjectType eq "OrganizationalUnit"

Recommended content

Still looking for help?
Loading
Missing Active Directory Organizational Unit (OU) In Okta