<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00008j7eXUSAYOkta Classic EngineAdministrationAnswered2023-10-27T02:53:05.000Z2020-06-16T19:02:58.000Z2020-06-17T04:37:29.000Z

JeffK.86191 (Customer) asked a question.

June 16, 2020 at 7:02 PM
Allowing Staged users to set their password on first log on

We currently import new AD users as Staged and let Okta activate them when they log in for the first time. We do this because not all users will actually log into Okta and we do not want to waste licenses.

 

These new users are given a temporary password and we set their AD account to require 'Change password at next log on'. It is looking like these new users are not able to set their password on first log on to Okta. We are getting the message "Change password not allowed on specified user".

 

However, if I manually activate them, then they are able to set their password. Is this the intended functionality or is something wrong?

  • 1 answer
  • 1.94K views

  • TonyF.48195 (Customer)

    I ran into a similar issue testing a slightly different scenario. I have a staged Okta user, which I then provision to AD (Okta -> AD provisioning). Like you, the new user is able to logon to Okta with the temp password, but we get the 'Change password not allowed on specified user' when they need to change the password in the Okta UI.

This question is closed.
Loading
Allowing Staged users to set their password on first log on