This article provides information on how Okta handles changes for Active Directory Group when moved across Organizational Units (OUs) for the existing groups that were assigned to applications for assignments and/or push groups, which are sourced by Active Directory and synced as imported groups to Okta.

• Active Directory (AD)
• Lifecycle Management
• Okta Integration Network (OIN)
• Active Directory Imported Groups
• Push Groups
• Okta Identity Engine (OIE)

Imported Active Directory groups that are moved across Organizational Units (OUs) and used for application(s) assignments and push group configurations will not cause users to lose access/be deprovisioned to apps or affect the Okta environment. A full import before moving Groups in AD to a different Organizational Units (OUs) is recommended to ensure all new data is reflected in Okta from Active Directory.