Hello @VictorK.52186 (Customer)​ Thank you for posting on our Community page!

If the Okta agents are showing as connected but a full import still isn't picking up the new Active Directory user, the issue usually boils down to filtering, missing data, or a hung service.

Here are the most common culprits and how to troubleshoot them:

1. The User is in an Unsynced OU (Organizational Unit)

This is the most frequent cause of this issue. If the user was created in or moved to an OU that Okta isn't configured to scan, they will be completely ignored during the import.

• How to check: In the Okta Admin Console, go to Directory > Directory Integrations > Active Directory > Settings. Scroll down to User OUs and ensure the specific OU where this new user resides is checked.

2. Missing Required Attributes

Okta is strict about required fields. If the new user in AD is missing an attribute that Okta considers mandatory, Okta will silently skip importing that user.

• How to check: Ensure the AD user has data populated for standard required fields:
• First Name (givenName), Last Name(sn), User UPN(userPrincipalName), samAccountName, and specifically Email (mail). If the email field is blank in AD and Okta requires it for the profile, the import will fail for that specific user.

3. Check the Okta Import Summary and System Log

Okta will often tell you why it didn't import someone, but you have to know where to look.

• Import Tab: Look at the results of your most recent full import. Did it say "1 User Skipped"? If so, there is usually a "Download" button next to the error or a way to view the skipped users list.
• System Log: Go to Reports > System Log and search for the user's name or username. Look for any warning (yellow) or error (red) events related to system.agent.ad.import_user or mapping failures.

Thank you for reaching out to our Community and have a great day!

--

Help others in the community by liking or hitting Select as Best if this response helped you.