<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta Privileged Access Active Directory Integration Early Access - Known Issues
Oct 29, 2025
Privileged Access
Okta Classic Engine
Okta Identity Engine
Overview

This article outlines a known issue with the Early Access release of Active Directory (AD) integration for Okta Privileged Access relating to managing AD-sourced accounts both as Okta Service Accounts and Okta Privileged Access (OPA) Imports.

Applies To
  • Okta Privileged Access - Active Directory Integration Early Access
Cause

  • When using OPA to manage and secure AD-sourced Okta user accounts as Okta service accounts, the accounts are prevented from being brought under management using an OPA AD account import rule until the Okta service account configuration is removed.

  • Similarly, if an AD-sourced Okta user account is already under OPA management via an import via AD account rule, this would prevent the account from being managed as an Okta service account.

Solution

To resolve the "Managing AD-sourced Accounts both as Okta Service Accounts and Okta Privileged Access (OPA) Imports" issue, remove the configuration of the Okta service account targeted by the AD rule via the Okta admin console or by changing the rule so it does not target that account.

Recommended content

Still looking for help?
Loading
Okta Privileged Access Active Directory Integration Early Access - Known Issues