<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7V2OSAVOkta Classic EngineOkta Integration NetworkAnswered2024-04-30T09:18:25.000Z2017-02-14T08:54:15.000Z2017-02-14T08:54:15.000Z

qo279 (qo279) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Active User deprovisioned from Okta during import from AD
Hi All,

 

I had done an import in Okta and an active employee got deactivated after this. I could see in the okta logs that he was deactivated on import. We have activated him in Okta but he says has not received any email with password reset link. I even checked his spam folders, no success. His AD profile is active with okta groups and i am not sure why he has not received any email

Can you please suggest!!

 

Thank you!

Shameem
  • 4 answers
  • 847 views

  • j5v7c (j5v7c)

    It might not be the case, but in the settings for the AD integration can you check to make sure this option is not set?

    0EM2A000000Xr5L

  • j5v7c (j5v7c)

    Are you using delegated authentication back to AD? If so then the user will not get an email. they can change their password via AD, or you could allow Okta to perform AD password resets by elevating the service account that's tied to the Okta AD agent. The user would then go to the Okta login page, and select "Forgot Password" option rather than recieve and email.

     

    The reset user's password and an email notification is only used against Okta mastered users. If the user is now back to being AD mastered you cannot via the Okta admin interface reset the user's password, and hence cannot get the email notification.
    Expand Post

  • qo279 (qo279)

    Hi Kevin, the issue seems to be resolved now. When we checked with IT, we found that employee's first name was not updated/removed and Okta OUs were readded...i am workin on the preventive measure for this as an import should not deactivate user in Okta..not sure where the actual issue is...AD or Okta...i have asked IT to provide logs for the dates for further investigation....thank you for your update!
    Expand Post
This question is closed.
Loading
Active User deprovisioned from Okta during import from AD