<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00007RWb6lCADOkta Classic EngineAuthenticationAnswered2024-03-25T03:45:03.000Z2022-02-15T07:26:21.000Z2022-02-15T18:01:39.000Z

2o03e (2o03e) asked a question.

February 15, 2022 at 7:26 AM
Sync passwords from OKTA to AD

Hi team,

 

I am trying to Sync accounts from OKTA to a new Active Directory domain for legacy application support however the accounts in AD are all flagged as “User must change password at next logon”

 

I have followed the below documentation with describes this scenario, however does not contain a fix other than “the user must first log onto Okta in order for the password to be pushed from Okta to AD”, which I have tried.

 

https://help.okta.com/en/prod/Content/Topics/Directory/Security_Using_Sync_Password.htm

  • 3 answers
  • 524 views

  • User16304682800317312017 (Customer)

    Found the issue, Directory > Directory Integrations > Active Directory > Provisioning. > To App, click Edit, scroll to the Sync Password section and select Enable.

     

    If an Okta user is pushed to AD after they have activated their Okta account, the AD user object is in a "User must change password at next logon" state until the Okta password is next reset.

    Expand Post
This question is closed.
Loading
Sync passwords from OKTA to AD