<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y000060P4L5SAKOkta Classic EngineUniversal DirectoryAnswered2024-04-15T12:01:05.000Z2019-02-27T16:37:26.000Z2019-05-13T19:52:44.000Z

AnthonyP.42827 (Customer) asked a question.

February 27, 2019 at 4:37 PM
Active Directory - Multiple Instances

Hello,

 

I have recently started to implement Okta. I have our Sandbox account set up with an Active Directory integration and now serving AWS. With that verified, I would now like to do the same for our Production Okta instance. What I am wondering is if i need to run the AD agent again, or is there a way to simply add the production instance into the already running agent? As well, if I do need to run the AD Agent install again, can this be run on the same Windows server as the sandbox instance is running.

 

Thanks!

Tony

  • 1 answer
  • 1.22K views

  • 58z0g (58z0g)

    Hi Tony - Having recently gone through the setup of a test enviro myself, and if I understand the architecture correctly, you'll need a Windows server and agent install (at min) in each of the AD instances you're trying to delegate authentication to a single Okta instance. So if you have a production AD already setup to a test Okta instance, my understanding is that needs to be removed including agent. Then run the agent install again, and point to new production Okta instance. So while you may be able to delegate more than one AD instances, with separate Windows DCs servers in each, to a single Okta instance - the reverse is not necessarily true. I don't believe you can configure delegation of a single domain to multiple Okta instances.

    Expand Post
    Selected as Best

  • 58z0g (58z0g)

    Hi Tony - Having recently gone through the setup of a test enviro myself, and if I understand the architecture correctly, you'll need a Windows server and agent install (at min) in each of the AD instances you're trying to delegate authentication to a single Okta instance. So if you have a production AD already setup to a test Okta instance, my understanding is that needs to be removed including agent. Then run the agent install again, and point to new production Okta instance. So while you may be able to delegate more than one AD instances, with separate Windows DCs servers in each, to a single Okta instance - the reverse is not necessarily true. I don't believe you can configure delegation of a single domain to multiple Okta instances.

    Expand Post
    Selected as Best
This question is closed.
Loading
Active Directory - Multiple Instances