ToddS.30720 (Customer) asked a question.
I am new to Okta and I'm attempting to set up the Okta AD Agent. I am installing on a domain joined Win2012 server. I also tried installing directly on the DC but got the same result.
I select the installation folder
I select the domain as presented
I "Create or use" the default service account (which does get created)
No need for a proxy server
I enter my organization URL which is in oktapreview.com.
Now I am prompted to log into Okta. If I enter an account name that doesn't exist I am asked for a password and then things of course fail. If I enter my actual super admin account name, I get dots showing something is happening but I am never asked for a password. After 10 minutes or so I see "Authentication Failed. Error code: 0". Again, I am never asked for a password and I don't see a push notification in the Okta Verify app on my phone. Thanks.
Hi @ToddS.30720 (Customer),
Thank you for posting on the Okta community page!
I have done some research but unfortunately I wasn't able to find much information about why you are receiving this specific error, therefore my recommendation would be to delete all files related to the agent configuration data from the hard drive on the agent server and try to reinstall the AD Agent. Also, make sure that you are only adding the Okta domain when you are asked for the organisation URL. (e.g. <mycompany> would be the Okta domain from the following URL https://<mycompany>.okta.com.)
Additionally, I have managed to find the below documentation where it states that for proper connectivity to Okta for all Okta agents and end users, add Okta system IP addresses to your allow list based on this AWS-managed list which by a solution to the issue that you are seeing.
------------------------------------------------------------------------------------------------------------------------------------------------
The Okta Community November newsletter is here. Get product updates and see our top contributing members.