w8rpd (w8rpd) asked a question.
Scenario: create users in OKTA that's then pushed to onsite AD
Okta agent: running with a service account that has domain admin permissions
Issue: when creating user in OKTA; the user has also been created in AD. But its disabled.
Steps carried out: I've followed the documents. Create users is enabled in integration. I also have an Okta group that's is linked to the AD. That's how I am pushing the user to AD by adding the user to that group.
User successfully gets created but remains in a disabled state. I then get the error in the task section of Okta: Error updating active_directory user password: Timed out waiting for agent.
I've checked the Okta logs on the DC where the agent is installed. I've even enabled verbose logging. Yet there seems to be no errors. I know I have permission since the user does get created and there is no access denied. The logs sure a constant connection to the domain.
I'm not too sure what I should try next.
thanks
Hello @w8rpd (w8rpd),
I noticed you have an open case on this issue. Were they able to help you with this?
Regards,
Natalia
Okta Inc.
Hi. Thanks for responding.
They didn't manage to find a solution just yet. They had checked it was all configured correctly. But still have the same issue.
Shoaib