MauriceM.80742 (Customer) asked a question.
We are very happy with our implementation of Okta. Currently, our users are imported from our on-premises Active Directory instance. We also use Microsoft Office 365 with Azure AD Connect in a hybrid identity situation that syncs users from the same Active Directory to the Azure AD tenant that serves O365.
We would like to eliminate the on-premises Active Directory server and rely completely on cloud services instead. So moving forward we would like to continue using Okta to access our apps, but we want Okta to rely on Azure AD as its source for user identities. We will also turn off directory synchronization and convert our Azure AD synchronized users to cloud-only.
Can someone familiar with this type of change provide help with strategy, steps to follow, articles, or theory? It would be greatly appreciated.
Hello @MauriceM.80742 (Customer) Thank you for reacting out to our Community!
Integrating Azure AD as an IDP in Okta is very simple, there is a step by step documentation for this, please see it below:
https://help.okta.com/en/prod/Content/Topics/Provisioning/azure/azure-integrate-main.htm
Once you have done the integration, I would recommend to test out the connection and make sure everything is working as intended. After that you can switch the Profile master priority and make Azure AD as the highest profile master. Once that is done you can disconnect on premise AD and you users will have Azure as the IDP for authentication.
Please also note that the Manager attribute is something that at this time can not be sent from Azure AD to Okta, this is currently a Microsoft limitation. However this should be a function in the future based on their information.
Hope this helps and if this answered your question, please mark this as Best Answer!