<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7V1kSAFOkta Classic EngineAdministrationAnswered2018-09-05T01:27:25.000Z2017-05-15T01:52:12.000Z2018-08-12T04:15:57.000Z

TomF.32212 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
AD agent in secondary domain performing IWA health check
Hello,

 

We have just added a secondary proof of concept domain to our Okta sandbox tenant.  It is for some provisioning workflow we are developing.  The problem is, the AD agent in the new POC domain is being used for the health check of the IWA agents in the original domain.  This is not good.  There is no way the IWA will ever be reachable from this POC domain.  Even if I use a global redirect URL, as you would for IWA agents in multiple domains, this won't solve the problem of an AD agent in one domain doing the health checks for the other domain.

 

What am I doing wrong here please?  Is there something I've missed?  I'm sure multiple domains are supported.

 

Thanks,

Tom
  • 2 answers
  • 989 views

  • Mihai Burcea - Okta (Okta, Inc.)

    Hello Tom,

     

    The only time Okta does Health check is when IWA is set to Automatic failover. If switched to Global Redirect, it will not perform the health check anymore, as it will point directly to the URL set. Manual failover will be another option in this scenario.

    To further understand and Identify the solution for this scenario, please open a Support case with us and we can have a look together to your environment.

     

    Thank you!

    Okta Customer Support.
    Expand Post
    Selected as Best

  • Mihai Burcea - Okta (Okta, Inc.)

    Hello Tom,

     

    The only time Okta does Health check is when IWA is set to Automatic failover. If switched to Global Redirect, it will not perform the health check anymore, as it will point directly to the URL set. Manual failover will be another option in this scenario.

    To further understand and Identify the solution for this scenario, please open a Support case with us and we can have a look together to your environment.

     

    Thank you!

    Okta Customer Support.
    Expand Post
    Selected as Best

  • TomF.32212 (Customer)

    Thank you Mihal. That has fixed it.

     

    Cheers

    Tom
This question is closed.
Loading
AD agent in secondary domain performing IWA health check