<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta User Assignment to Active Directory Fails with Error "Blank is an invalid value for organizationalUnit field (code blank)"
Oct 28, 2025
Okta Classic Engine
Directories
Okta Identity Engine
Overview

When Okta users are assigned to Active Directory, the following errors are encountered:

 

Blank is an invalid value for organizationalUnit field (code blank). 

User was assigned this application before Provisioning was enabled and not provisioned in the downstream application. Click Provision User.

 

Error Messages

Applies To
  • Active Directory (AD)
  • Okta user push to Active Directory
Cause

The user's assigned destination organizational unit (OU) is not specified.

Solution

Ensure the destination OU for the new users created in AD is specified.

  1. From the Admin console, navigate to Directory > Groups > select the desired group for group assignment > select the Directories tab > click the Pencil mark.

Directories     

  1.  Select an OU for the new users to be created in AD. Then, click Confirm changes.

Select OU   

  1. To push a user again, go to Dashboard > Task > select the failed task > click Retry Selected.

Retry task   

Recommended content

Still looking for help?
Loading
Okta User Assignment to Active Directory Fails with Error "Blank is an invalid value for organizationalUnit field (code blank)"