<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000AFqRXXCQ3Okta Classic EngineIntegrationsAnswered2024-09-26T22:49:40.000Z2024-09-17T20:58:17.000Z2024-09-26T22:49:40.000Z

User17266054028297922649 (Customer) asked a question.

September 17, 2024 at 8:58 PM
Cannot add AD Agent on Windows Server 2022 due to 4oo Bad Request error

I had a AD agent running on a Windows server 2022 vm on proxmox and recently noticed that in Okta it was showing as being in an interrupted state. I double checked proxmox firewall configs and local client firewall settings and everything looked good. At this point, this client has full inbound and outbound access.

I then completely uninstalled the AD Agent from the server and removed it in Okta and created a new one. When installing the new AD Agent, it seems to fail on the step after entering in my domain with a 400 Bad Request:

 

2024/09/17 02:40:58.549-07:00 Info -- WIN-xxxxxxxxxxxxx(33) -- Unexpected response status (400 BadRequest) for request URI https://dev-xxxxxxxxxx.okta.com/oauth2/v1/token

2024/09/17 02:40:58.549-07:00 Info -- WIN-xxxxxxxxxxx(33) -- Response from server: {"error":"invalid_dpop_proof","error_description":"The DPoP proof JWT is issued in the future."}

 

Any idea what may be going on here?

 

 

  • 3 answers
  • 394 views

  • Paul S. (Okta, Inc.)

    Hello @User17266054028297922649 (Customer)​  Thank you for posting on our Community page!

     

    This error happens because of the recent changes and updated to the AD agent, please see article below that explains why this error happens and how to fix it:

    https://support.okta.com/help/s/article/ad-agent-connection-issues-for-version-3-18-0-and-above?language=en_US

     

    Thank you for reaching out to our Community and have a great day!

    --

    Help others in the community by liking or hitting Select as Best if this response helped you.

    Expand Post

  • User17266054028297922649 (Customer)

    Thanks, I did go ahead and run through those steps. It did appear NTP wasn't synced up, but after running it, rebooting the server, verified NTP was synced then attempted to install the AD Agent and I am still seeing the same error.

    This looks to be more related to the DPoP proof per the error:

    "The DPoP proof JWT is issued in the future."

     

    Is there any way to modify the DPoP proof or is that something that is in the AD Agent install?

    Expand Post

  • Paul S. (Okta, Inc.)

    Hello @User17266054028297922649 (Customer)​  If the installation still fails, I would recommend to reach out to Support for additional troubleshooting.

     

     

This question is closed.
Loading
Cannot add AD Agent on Windows Server 2022 due to 4oo Bad Request error