<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z000084l6KWCAYOkta Classic EngineAuthenticationAnswered2026-04-26T09:00:27.000Z2022-09-09T06:00:13.000Z2022-09-12T19:10:59.000Z

wtebn (wtebn) asked a question.

September 9, 2022 at 6:00 AM
Link Okta user back to Active Directory

Hi,

I have one user that was coming from AD and someone did a password request in Okta and never completed this request. After this, the user was in the "password reset" state and could not login anymore in Okta.

I have followed this article https://support.okta.com/help/s/article/Okta-user-shows-User-is-now-in-one-time-password-mode-even-though-it-is-connected-to-Active-Directory?language=en_US

and removed the link from the user with AD, and now it is Okta mastered.

When trying to do the import, it fails, no matter what. The question is:

How can I link this user back to AD? Do I have to delete it from Okta and let the synchronization do its job?

 

Thanks

  • 1 answer
  • 1.88K views

  • b5n6c (b5n6c)

    Hi Adrian Costea ,

    When you delete the user the user will lose access to the various apps to which he has been allocated, and his group memberships as well as the authentication factors will also be deleted. So in this case you can have two different approaches ,

    First Approach

    1. Go to Directory > Directory Integrations > Click Active directory > Provisioning tab
    2. Click To Okta in the Settings list.
    3. In the User Creation & Matching section, click Edit and select the conditions under which imported users will be identified as matching existing Okta users. (You can set the matching criteria as a Okta username format matches or Email matches )
    4. Then you can click on Auto confirm exact matches .

    Image is not available
     

    Second Approach

    From the Import tab itself you can explicitly select a user whom you want to add, then click on Confirm assignments .

    Image is not available
    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

    Expand Post
This question is closed.
Loading
Link Okta user back to Active Directory