<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008djsrmSAAOkta Classic EngineOkta Integration NetworkAnswered2024-03-25T20:01:43.000Z2018-11-26T02:17:20.000Z2018-12-03T20:12:58.000Z

9032d (9032d) asked a question.

November 26, 2018 at 2:17 AM
okta and Office 365

Hi Experts, 

 

I have a question related to OKTA, any help is appreciated.

 

This is the current structure: https://1drv.ms/u/s!AkUdhxRe-G-6jB7Ds6ZqW-_5ATXK  (a sharing link, as I can't find a way to paste picture here...)

 

description: 

1.three separate companies (1,2,3) have their own AD(1,2,3), their own Office 365(1,2,3), their own custom domain(domain1.com, domain2.com, domain3.com), and all they use OKTA to sync their AD users to Office 365 , and OKTA SSO solution.  

2.Now the company 3 purchased company 1 and company 2, and want to migrate both company1 and company2's Office 365 domain, users, data to the Office 365 tenant3, they don't use tenant 1 and tenant2 any more.

 

This is what I want to achieve: https://1drv.ms/u/s!AkUdhxRe-G-6jB2bm5bhNPFa1lV5 . As i am not very familiar with OKTA, should the following structure is what i needed: https://1drv.ms/u/s!AkUdhxRe-G-6jCMq9bbRW1SalK5g ?

 

I think when I do the Office 365 migration(I just talk users part , not domain and data part here), I need to break OKTA sync for (users in AD1-> Office 365 tenant 1, users in AD2->Office 365 renant2) , then resync users in AD1 ->Office 365 tenant 3 , users in AD2 -> Office 365 tenant 3? But if I break sync first (users in AD1-> Office 365 tenant 1, users in AD2->Office 365 renant2), I suppose users in Office 365 tenant1 and tenant2 may not use OKTA sso, is it right? If yes, I believe customer will not accept it. So is this the only way or do we have other methods to achieve this goal.

 

 

 

So in summary:

My first question is that for Office 365 to sync to OKTA, can we use three OKTA connection to sync all three ADs to one tenant, or should I use one OKTA connection to sync the three ADs?

 

Second question is: To sync AD1 which is already connected to tenant 1, should I first break the connection from tenant 1 before syncing to tenant 3, or can I map a Cloud account (xxx.onmicrosoft.com) to the local users before breaking the connection to tenant 1? If I break sync first (users in AD1-> Office 365 tenant 1, users in AD2->Office 365 renant2), I suppose users in Office 365 tenant1 and tenant2 may not use OKTA sso, is it right?

 

Thanks

 

  • 1 answer
  • 849 views

  • vasi.dragomir1.5102194121693098E12 (Okta, Inc.)

    As my colleague Paul advised, there are multiple aspects that we shout take in consideration and we may need to open please open up a support ticket so we can have a better understanding of you current configuration and what we are trying to achieve. There are some aspects of UPN that we need to take in consideration and the way this transfer was/ will be done in Office

    Please don't hesitate to open a Support case.

     

    Expand Post
This question is closed.
Loading
okta and Office 365