<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00006etH2RSAUOkta Classic EngineSingle Sign-OnAnswered2024-04-15T10:52:57.000Z2019-09-17T15:07:26.000Z2019-09-17T22:19:07.000Z

s1b8h (s1b8h) asked a question.

September 17, 2019 at 3:07 PM
Import users assigned to a specific AD Group

We have configured Active Directory integration and I want to import only users who are assigned to the AD Group GP-APP-OKTA into OKTA SSO. This would allow us to add the basic services that each user needs.

 

From there, depending on additional AD Groups assigned, we will grant them access to other applications. I've figured out this part, but how do I only import users who are in the main group that grants them access to OKTA by itself.

  • 3 answers
  • 1.5K views

  • JonL.24955 (Customer)

    Makes sense. Sorry I don't know of a solution but I suggest you log a case with Okta support - they are usually great and probably know how you can do exactly what you need.

    Selected as Best

  • JonL.24955 (Customer)

    I wouldn't be surprised if there is a way to do what you are asking, but as you may have noticed the AD to Okta import process is designed to be based on Active Directory OUs. You select the OUs containing the AD users and groups that you want to import to Okta. Under "Directory --> Directory Integrations --> Active Directory --> Settings --> Import and Provisioning" you select the User OUs and Group OUs to import. This process is much easier if AD users/groups are organized into OUs that align with your intended usage of Okta.

    Expand Post

  • s1b8h (s1b8h)

    Unfortunately that would require us to reorganize our OUs which have a different setup. Since we are migrating from a previous SSO tool, we want to setup a Pilot group of users and not import everyone. Plus, we have some roles which will not require access to SSO.

     

    Our current SSO tool we assign users into SSO by using an AD Group.

    Expand Post

  • JonL.24955 (Customer)

    Makes sense. Sorry I don't know of a solution but I suggest you log a case with Okta support - they are usually great and probably know how you can do exactly what you need.

    Selected as Best
This question is closed.
Loading
Import users assigned to a specific AD Group