- Overview
- Prerequisites
- Usecase Overview – Integration flow
- Technical Walkthrough
- Conclusion
- Reference Links
Overview:
Most of the organizations, rely on Microsoft Active Directory Services or LDAP for a centralized store for identities & access permissions. Majority of the on-prem applications rely on these services to authenticate and authorize the actions. But with the cloud-based application, where the applications would have their own identity profiles to manage the application it is challenging for the administrator to manage the user accounts & it would be challenging for the end user too to use multiple identities for multiple applications.
Okta provides a solution to utilize the existing Microsoft Active Directory Services / LDAP services to access the SaaS applications through Active Directory / LDAP integration. This allows a single dashboard for the users to access the applications using their existing credentials and for administrators a centralized service to handle the lifecycle management.
In this section, we will integrate an existing on-premises Active Directory to Okta and let Okta provision the user accounts for us in Microsoft 365 tenant.
For simulating this in our lab environment, we’ll need to have access to 3 entities & few prerequisites.
- Okta Tenant.
- Member Server for Okta Active Directory Agent Installation.
- Microsoft 365 tenant.
Pre-requisites:
Okta Tenant:
- An account with Super Admin role privileges.
Member Server for Okta Active Directory Agent Installation:
- The host server should have at least two CPUs and a minimum of 8 GB RAM.
- Host server running Windows server 2016 & above is supported.
- .NET framework 4.6.2 and above is supported.
- Host server should be a member server part of the same domain.
- Okta agent installation wizard should be executed from host server.
Microsoft 365 Tenant:
- Microsoft 365 tenant name – This is the default tenant name registered as “comanyname.onmicrosoft.com”
- Microsoft 365 domain – This is the custom domain which is chosen for federation.
- Microsoft 365 global administrator user account.
Usecase Overview – Integration flow:
Please refer to the below video to have an understanding about Okta & the use case around integrating Office365 with Okta.
Technical Walkthrough:
Here’s the technical demonstration on the integration between Office 365 & Okta.
Conclusion:
On a closure note, with all the steps carried out in this blog it is fair enough to say integrating Okta with Active Directory & Office 365 eases the overhead of IT administrators for access management and provisioning happening through Single Sign-on. With this integration in place, IT administrators can manage the user assignments & modifying the attributes from Okta and the replication will happen to AD & Office 365 tenant.