Announcing the Lithnet Okta Management Agent for Microsoft Identity Manager

Okta is a leading provider of single sign-on, MFA, lifecycle management, and API access management products. And starting today, you can easily integrate Okta with Microsoft Identity Manager using the Lithnet Okta Management Agent

Using the native Okta API platform, the management agent can add, delete, and update users, as well as synchronize password changes. You can manage users independently, or coexist with Okta's native AD sync agents, to provide supplementary attributes to objects that are not found in your AD.

The management agent provides support for importing groups, but not modifying them. Why? Well, at this stage, Okta doesn't support nested groups (🤦‍♂️!), a fundamental capability of MIM and Active Directory. There's simply no reliable way to translate these concepts using only the MIM connector model. Okta's AD sync agent flattens groups before syncing them to Okta, so if you need to use AD groups, that's still the best way to get them in there. Okta may add nested group support in the future, at which point I'll be able to update the connector to support group management.

If user management is your primary scenario, head over to the Github site to download the module and get started.

Comments