9k9gv (9k9gv) asked a question.
Can Okta unlock accounts that were locked out in AD?
Currently, if a user locks our his/her account from the Okta login page, it shows them as being locked out in the Okta admin site under Directory > People > Locked out.
However, if a user locks out his/her AD account from their workstation, they do not show up in the Okta admin site under Directory > People > Locked out.
I would like to give my Help Desk admins access to unlock AD accounts via Okta, but so far it's not possible when the account it locked out from the workstation. Is there anything I can do to fix this functionality?
Hi Jeremy,
Did a bit of research on this and the only way for Okta to unlock the AD account is through the self-service option of unlocking his own account on it's own. Okta cannot dictate AD to unlock the account.
I've attached documentation regarding Authentication policies with Okta/AD:
Link: https://help.okta.com/en/prod/Content/Topics/Security/Security_Policies.htm?cshid=ext_Security_Policies
Best regards,
Vlad Huma