<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jbnSABOkta Classic EngineAdministrationAnswered2024-04-15T11:50:25.000Z2018-07-11T12:17:00.000Z2018-07-29T21:01:47.000Z

dxatc (dxatc) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Change Okta username
We have a local Active Directory domain (let's call it ACME) that is synchronized to Okta using the AD Agent. The domain shows up as ACME.local and its users have email addresses like john.doe@ACME.com

 

Everything works nicely except that users have to log on to Okta using "john.doe@ACME.local" which is very confusing to them because up until now they have never even heard of ACME.local (only ACME.com and just ACME).

 

The Directory Integrations settings show an option "Okta username format" with the help text "Select the username users should enter to log in to Okta". I've fiddled around with it but nothing seems to have changed. I suppose this makes sense since one can potentially integrate multiple directories so the login probably needs to be fully qualified.

 

Is there a way to allow users to log in with just their account name (john.doe) or their email address as configured in AD (john.doe@acme.com)?
  • 4 answers
  • 7.6K views

  • tavi.parvulescu1.5293344488681064E12 (Vendor Management)

    Hi,

     

    Specify a username format. When you import users from AD, Okta uses this attribute to generate the Okta username. If you select SAM Account Name, Okta combines the SAM Account Name with the AD domain to generate the Okta username. For example, if the SAM Account Name is jdoe and the AD domain is mycompany.okta.com, then the Okta username is jdoe@mycompany.okta.com. When using the "SAM Account Name + Configurable Suffix" option, do not include the @ character before the Configurable Domain.

    Note: All Okta users can sign in by entering the alias part of their user names as long as it maps to a single user in your organization. For example, jdoe@mycompany.okta.com could sign in using jdoe.

     

     

    Expand Post

  • dxatc (dxatc)

    Tavi,

     

    thanks for your reply. Unfortunately, it doesn't work. Users are unable to sign in just using their alias or their email address - it says "Sign in failed". The only username that works is john.doe@acme.local

     

    I've changed the Okta username format multiple times and set it to various values and done a full import afterwards (though that should not be necessary). But when I click on Directory -> People and view the users, their username always stays <firstname>.<lastname>@acme.local - what am I missing?
    Expand Post

  • tavi.parvulescu1.5293344488681064E12 (Vendor Management)

    Raphael,

     

    I suggest  that you open a case to our Okta Support to have more information about your organization and setup. 

  • dxatc (dxatc)

    The issue is resolved - turns out I had a duplicate email-prefix. Once that was removed everything worked the way you said.
This question is closed.
Loading
Change Okta username