Renamed Active Directory Organizational Units Do Not Sync Okta

Active Directory (AD) Organizational Units (OUs) stop syncing with Okta when the OU name changes in AD. Refreshing the application data and reselecting the renamed OU in the directory integration settings resolves this issue. When this synchronization failure occurs, Okta clears the OU selection under the AD settings and deactivates users in the renamed OUs after an AD import.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Directories
• Active Directory (AD) Import

The name of the Organizational Unit (OU) changes in Active Directory (AD).

How is the Active Directory Organizational Unit synchronization restored?

Refresh the application data in the Okta Admin Console, reselect the renamed Organizational Unit (OU) in the Active Directory (AD) integration settings, and run an import to restore deactivated users.

1. In the Okta Admin Console, go to Applications, and then select Applications.
2. Select More, and then choose Refresh Application Data.

3. Go to Directory, and then select Directory Integrations.
4. Select the AD integration.
5. Select the Provisioning tab, and then choose Integration.
6. Select the newly renamed OU.
7. Run an import to restore any users deactivated by the name change.