What you can do with a UD license

Security business menu

Security business
HOME

To be elected
cause

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

TOP

Products/Services

product
- Okta Workforce Identity Cloud
- Okta Customer Identity Cloud

Specifications/Technical Information

Specifications/Technical Information
- Workforce Identity Cloud Basic Setup Behavior Guide
- Customer Identity Cloud (Auth0) basic setup behavior guide

solution

solution
- Okta Solutions - Zero Trust with Okta

User stories

support

- Macnica Support

Seminar content

Document request

inquiry

Event/Seminar

video on demand

Introduction

This time, I will explain the function of Universal Directory, which is one of Okta's licenses. I hope that by reading this blog, you will understand the need for Universal Directory.

What is Universal Directory

It is one of Okta's licenses. Okta Universal Directory has the ability to provide a centralized view of all your AD and LDAP directory integrations, HR systems like Workday, SaaS apps like G Suite, CSV files, and groups of third-party products.

Features made available in Universal Directory

Automate group creation with flexible rule creation

Ability to create group rules. By creating group rules, you can automatically assign users who match the rules to each group.

*Complex group rules can be created using the Expression Language function. Learn more here.

Group rules can be created from Directory>Groups>Rules on the screen below.

Custom creation of attribute information

In Okta, it is a function to freely create attribute information and assign it to users. There are multiple default attributes, but you can also use it to assign to groups by creating company-specific attribute information and using it together with group rules. The default attribute information is shown below.

Both users created on Okta and users imported into Okta from AD/Apps can have custom attributes assigned to them.

<How to assign>

Select Profile Editor in the Okta dashboard and click Add Attribute

Change mapping settings

This is a function to change the mapping of attribute information when synchronizing users (provisioning) between Okta and SaaS/AD.

Self password reset for non-Okta master users

Self-password reset is a feature that allows users to change their passwords by themselves without contacting an administrator or helpdesk when they forget their passwords.

Tenants without an Okta UD license will not be able to self-password reset users imported from AD/SaaS.

Purchasing a UD license enables self-password reset functionality for non-Okta master users as well.

AD/LDAP→Priority setting to gender unit

This is a function that allows you to set the priority for each attribute when importing users from AD/LDAP to Okta.

For example, if you have attribute information called Primary E-mail in multiple ADs, you can configure Okta to display the parent company's Primary E-mail.

LDAP認証

Okta itself can have an LDAP interface and perform LDAP authentication as an LDAP server.

The flow of LDAP authentication is as follows.

Eliminate registration of common passwords

The Common Password Check function refuses to register passwords that match the list of commonly used passwords. (Note that the list of commonly used passwords is not published.)

Email notification to account lock users

Okta can lock user accounts after multiple failed login attempts. It is a function to notify the locked user by e-mail.

At the end

This time, I introduced the function of Universal Directory, which is the main license of Okta. I hope this article gives you some idea of Okta 's flexibility.

その他Oktaに関しての疑問点、ご興味がございましたら是非弊社までご連絡ください。

Inquiry/Document request

In charge of Macnica Okta Co., Ltd.

inquiry Document request

TEL：045-476-2010
E-mail：okta@macnica.co.jp

Mon-Fri 8:45-17:30