RyanS.02640 (Customer) asked a question.
Automation that takes deactivated user in Okta to an Active Directory OU of choice
We have an Okta/AD directory integration where we deactivate users who terminate in Okta and it automatically disables the AD counterpart object. Okta is the authoritative source here and what we want to do is when a user is deactivated in Okta, can Okta by way of automation/script/etc move the disabled object in AD to an OU we want to store them in such as the Disabled Users OU? Thanks for any and all help and information you can provide
@RyanS.02640 (Customer) Okta workflow can be triggered upon user deactivation that invokes powershell script (through say EntraID Automation) to move users to desired AD OU.
Hello @RyanS.02640 (Customer) , thank you for contacting Okta Community.
The best option would be to use Powershell. This was discussed in a previous post - available here.
The issue is that the accounts would be deactivated. If the accounts were not deactivated, you could have used provisioning to achieve this. The following article details the process:
How to Provision Okta Users to a Specific Active Directory OU
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.