OliverT.31345 (Customer) asked a question.
Okta to onPrem Directory Sync.
Hello hello, I would like to know how to setup Okta to sync passwords back to my onPrem Directory (AD)? I want Okta to be the place users can use at anytime to change password, do a forgot password, or a have an admin initiate a password reset. Then that change in password to be sync'd back to onPrem Active Directory. Not all users will have access to a Windows machine, to use native mechanisms for password management, we will be predominantly mac and linux environment. From what I read these are all supported by this model of sync. "Okta to Directory Okta can Sync Passwords from Okta to Active Directory. This is typically to support a use case where the administrator wants Okta to be the final Authentication resource but also has an Active Directory that supplies authentication to legacy resources which cannot be connected to Okta. By pushing the Okta password to Active Directory, the administrator can offer end users a consistent login experience for legacy resources, while enjoying the benefits of cloud based SSO for most resources. This can be triggered byEnd user updating their Okta PasswordEnd user recovering their Okta PasswordsAdmin initiated Okta Password Reset Delegated Authentication must be OFF to permit this behavior.The Active Directory Agent needs additional permissions to write the new password to Active Directory. See this KB. The Password Sync Agent is not required for this functionality"
