AaronR.75679 (Customer) asked a question.
We have a single user that is having issues with okta. We have AD delegation enabled and I can login to the domain with the credentials but when trying to login to okta it says invalid username/credentials. Not sure what else to try as we've disconnected the user from ad and re synced and connected it changed passwords and still the same thing. Anything else we can try?
Hi Aaron,
Thanks for posting your question here, on our help center`s discussions.
I would recommend using the full email address as far as login goes.
In the log snippet, if you see rich client authentication failure, it's usually caused by stored credentials(wrong credentials) on the PC itself. If it is a windows machine then you will need to check the Credentials Manager from windows and delete the O365 accounts that are stored there.
If this is a mac device causing the issue then you will need to check the Keychain for any stored credentials.
Other than this, I wouldn't find myself in such scenario, unless, the password is indeed typed in incorrectly.
If the above didn't help, I would recommend opening a support ticket with us for further analyse of the logs.
Thank you,
Dragos Milea
Okta Global Customer Care Team
@Dragos, Thanks for you reply. We've tried multiple computers and this is still happening. We have a case open and support has been less than stellar so that is why I came here to see if anyone else had seen this. Still can't figure out what is going on here.
Hi Aaron,
We are experiencing the same issue. We have new employees on-boarding and when they attempt to login with their first and only password, they receive invalid credentials. They are able to log into other systems tied to AD but nothing that is tied to Okta. Typically users will log into Citrix and update their password, that goes well and the users are still unable to log in/register with Okta.
We are completely stumped at this point. Did you ever find a solution to your problem?
So I fixed this by removing the user from the Okta Sync in AD, re-syncing to Okta and then resetting the password. Not sure if the removing the user from Okta fixed it or the password change.
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
Hi Aaron,
Thanks for posting your question here, on our help center`s discussions.
I would recommend using the full email address as far as login goes.
In the log snippet, if you see rich client authentication failure, it's usually caused by stored credentials(wrong credentials) on the PC itself. If it is a windows machine then you will need to check the Credentials Manager from windows and delete the O365 accounts that are stored there.
If this is a mac device causing the issue then you will need to check the Keychain for any stored credentials.
Other than this, I wouldn't find myself in such scenario, unless, the password is indeed typed in incorrectly.
If the above didn't help, I would recommend opening a support ticket with us for further analyse of the logs.
Thank you,
Dragos Milea
Okta Global Customer Care Team