JeffreyN.99284 (Customer) asked a question.
I’ve run through all of the password sync, password hashing, delegated auth, and desktop (including agentless) SSO functionality
I still am unclear if there exists a combination of features that provides the same functionality as Azure AD using Password Hash Sync with Password Writeback Enabled and Seamless SSO
Basically, this feature set provides
- Automatic sign in from domain joined devices with no IIS instance required to provide IWA (KDC)
- In the event of AD connectivity failure, allows users to log in with passwords
- Support for provisioning users in Okta and having them pushed to AD
- Support for self service password reset and administrator password reset from Okta that gets applied to AD
I am not committed to actually having the passwords themselves stored in Okta as long as users can still log in if AD connectivity is unavailable.
I understand the individual features in Okta that supports this functionality but I am unclear on the combination of settings and features required to enable the above scenario.
Is this possible?
Does this exist in Okta?
Hi Jeffrey,
Thank you for reaching out to the Okta Community.
This does not seem to be a feature currently supported by Okta, but please open a Support Ticket so one of our Support Engineers can discuss the intended implementation with you in detail.
Regards,
Mihai Negoita
Okta Global Customer Care
Hello Jeffery,
Thanks for posting your inquiry in Okta Community Portal.
If you receive a great answer to your question(s), please help readers find it by marking it the best answer. Hover over the answer and click "Best Answer."
Thank you,
Mike Davie
Okta Help Center