An error occurs during Okta user assignment to Active Directory (AD) because the destination Organizational Unit (OU) is not specified. Specifying the destination OU for new users created in AD resolves this issue. When Okta users are assigned to AD, Okta generates the following errors:

Blank is an invalid value for organizationalUnit field (code blank).

User was assigned this application before Provisioning was enabled and not provisioned in the downstream application. Click Provision User.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Active Directory (AD)
• Provisioning

The assigned destination OU for the user is not specified.

How is the blank organizational unit error resolved?

Specify the destination OU for new users created in AD by editing the assignment group directory configuration in the Admin Console, selecting the correct OU, and retrying the failed task from the dashboard.

1. From the Admin Console, navigate to Directory, and then select Groups.
2. Select the desired group for the group assignment.
3. Select the Directories tab, and then click the Pencil icon.
   
4. Select an OU for the new users to be created in AD, and then click Confirm changes.
   
5. Navigate to Dashboard, and then select Tasks.
6. Select the failed task, and then click Retry Selected.