MatthewE.60094 (Customer) asked a question.
We created an LDAP Interface to use for migrating user info from Okta to Igloo, our Intranet solution. Using Okta as the source is the best solution for us as we have aggregated multiple active directories into our instance.
The data import works great, except that it's not listing Deprovisioned users as "deactivated" so that we can remove them from the Igloo system. All of the documentation says to use the "userAccountControl" attribute, but I cannot find that as part of the user object.
I've tried writing a clause to the LDAP search string to exclude "status=DEPROVISIONED" and have had no luck. Same with hoping that "userAccountControl" would do the job.
Any thoughts on how to filter those users out of our query? The current LDAP is:
(&(objectclass=inetOrgPerson)(memberOf=cn=targetGroup))
Thanks!
Hello @MatthewE.60094 (Customer) Thank you for reacting out to our Community!
Please review our documentation on how to construct the query to include the deactivated users:
https://help.okta.com/en-us/Content/Topics/Directory/ldap-configure-integration-settings.htm
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.
Thanks, but that link appears to be related to how to LDAP query one of our external ADs for importing into Okta. I am trying to write an LDAP query to export data from Okta to another application (base DN ou=users,dc=ourDomain,dc=okta,dc=com).
Do you have instructions/options for that use case and how I can exclude Deprovisioned native Okta users?
I'm new in this gathering. I have a few inquiries regarding this gathering. These inquiries are displayed underneath:
https://support.okta.com/greecepowerball-help/s/question/0D54z000084m6TQCAY/uk49s-adding-authenticators
My inquiry is about this string. Assuming that you have any data about this string. Kindly statement me and tackle my concern.