Migration of AD users in the same Okta Org

valentin.nitu1.4597812366904814E12 (Okta, Inc.)

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:27 AM

Hey Paulo,

It depends on the way you are looking to migrate the users,

-If the AD migration dosen`t involve Okta then after the users are migrated to the new AD all you will need to do is connect that AD to Okta (Go through the "Add Directory" option under Directory>Directory integration ) and ensure that the users are connected to the new AD (after the setup is done run an import from the new AD, confirm any and all exact matches) . Ensure that the users become mastered by the new AD and after that you can deactivate the old AD in Okta. You can do that by changing the priorities under Directory>Profile Master/

-If migration will be done through Okta then you might have to push the users to the new AD before anything else. You can achive that through Directory push. First you need to conect the new AD to Okta through the Directory Add option as detailed above. You will need assign all users of the old AD to an Okta group using group rules after that.

Once the users are populated in the group you can push the group to a specific OU in the new AD (access the group in okta and go through the "Manage Directories" steps . After that just take the steps in the first option to ensure the new AD is the profile master and deactivate the old one.

For assistance with these steps, please reach out to the support team.

Expand Post

valentin.nitu1.4597812366904814E12 (Okta, Inc.)
Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:27 AM
Hey Paulo,

It depends on the way you are looking to migrate the users,
-If the AD migration dosen`t involve Okta then after the users are migrated to the new AD all you will need to do is connect that AD to Okta (Go through the "Add Directory" option under Directory>Directory integration ) and ensure that the users are connected to the new AD (after the setup is done run an import from the new AD, confirm any and all exact matches) . Ensure that the users become mastered by the new AD and after that you can deactivate the old AD in Okta. You can do that by changing the priorities under Directory>Profile Master/

-If migration will be done through Okta then you might have to push the users to the new AD before anything else. You can achive that through Directory push. First you need to conect the new AD to Okta through the Directory Add option as detailed above. You will need assign all users of the old AD to an Okta group using group rules after that.
Once the users are populated in the group you can push the group to a specific OU in the new AD (access the group in okta and go through the "Manage Directories" steps . After that just take the steps in the first option to ensure the new AD is the profile master and deactivate the old one.

For assistance with these steps, please reach out to the support team.
Expand Post
eqb04 (eqb04)
Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:28 AM
Hey Valentin,

Could you expand on this a little bit more? Our scenario is as follows:

Migration of User Object from Domain A to Domain B. User will logon to new computer in Domain B
Groups have already been duplicated from Domain A to Domain B.

What would be required to have Okta support members from both domains? The UPN migrates with the new user.

What is required on the administrative side to allow this?

thanks,
David
Expand Post

Your Privacy

Your Privacy

Strictly Necessary Cookies

Strictly Necessary Cookies

Functional Cookies

Functional Cookies

Performance Cookies

Performance Cookies

Share or Sell of Personal Data

Share or Sell of Personal Data

Advertising Cookies

Your Privacy

Your Privacy

Strictly Necessary Cookies

Strictly Necessary Cookies

Functional Cookies

Functional Cookies

Performance Cookies

Performance Cookies

Share or Sell of Personal Data

Share or Sell of Personal Data

Advertising Cookies