<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta LDAP Agent Fails to Connect After the Service Account Password Changes
Jun 5, 2026
Okta Classic Engine
Directories
Okta Identity Engine
Overview

The Okta LDAP agent fails to connect to the directory after the LDAP agent service account password changes. Resolving this connection failure requires reinstalling the Windows agent or running the Linux agent update script.

Applies To
  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • LDAP Agent
Cause

A change to the LDAP agent service account password in the directory causes authentication to fail because the Okta LDAP agent configuration retains the old credentials.

Solution

How is the Okta LDAP agent service account password updated?

The LDAP Agent for Windows does not support updating the service account password. Apply the new credentials by completing the uninstall and reinstall the LDAP Agent process for Windows.

Update the LDAP Agent for Linux configuration by executing the /opt/Okta/OktaLDAPAgent/scripts/update.sh script and applying the appropriate command-line arguments from the provided table.

CommandDefinitionExample
[-b]ldap.dn.baseNewBaseDN
[-a]ldap.admin.dnNewLDAPAdminDN
[-w]ldap.admin.passwordNewLDAPPassword
[-h]ldap.hostNewLDAPHost
[-p]ldap.portNewLDAPPort

 

Related References

Recommended content

Still looking for help?
Loading
Okta LDAP Agent Fails to Connect After the Service Account Password Changes