Re: User Group not showing users with Okta as LDAP...

karthik_mac · ‎08-09-2023

We have configured Okta as LDAP for use with Workspace ONE UEM by following this article (https://kb.vmware.com/s/article/2961230).

We are able to successfully test the connection, query the user and group but we have issues when adding the User Groups (Accounts > User Groups).

When we add the User Group, we are able to search and add the Okta Group but it does not show any users. Sync, View and Merge, Add Missing Users does not sync. Same issue adding Admin Groups.

Anyone using Okta as LDAP with WS1 UEM?

Afshin_Lak · ‎08-09-2023

In UEM under System - Enterprise Integration - Directory Services - Advanced look at this config (Object Identifier Data Type). If it is STRING change it to BINARY and try again.

karthik_mac · ‎08-09-2023

Its BINARY. Please find the screenshot.

Thanks

scottgardiner · ‎10-10-2023

I'm seeing a similar issue, not sure if you've managed to solve this? I've noticed that on the Okta side i'm seeing an error 3 which seems to be some kind of limitation.

Also to add to this, I do have a couple of groups that only contain a few users that are appearing.

karthik_mac · ‎10-10-2023

Hi, The issue is not resolved for me. We are not using groups for now.

Thanks

scottgardiner · ‎10-10-2023

Hi - Did you work with support on the issue or didn't you get that far?

scottgardiner · ‎10-19-2023

Hi,

If you try the settings outlined in the article below you should find that they work now.

A couple of the settings have been changed in the document today.

Make sure you follow them exaclty, if theres not a value in a field then blank it out in WS1.

Interested to hear how you get on!

https://digitalworkspace.one/2023/07/31/okta-ldap-configuration/

karthik_mac · ‎10-20-2023

Thank you for the article. I updated the settings but the group members does not show even now.

I can search and add the Directory "User Group" but the number of user shows "0" only. (Screenshot below)

scottgardiner · ‎10-20-2023

Hi,

Do you get anything if you select the checkbox and then More Actions > Add Missing users?

karthik_mac · ‎10-20-2023

Hi @scottgardiner Yes, it adds the user after Adding missing users. (It works). I will have to check if adding user in Okta group will sync here.

I am noticing the users are getting duplicated after adding the group. New enrollment are happening in the new account. How to avoid duplicate accounts? I see 2 device in my first account and 1 device in new account.(I enrolled a device now).

We already have 200 devices enrolled so modifying may cause issue

Thanks.

scottgardiner · ‎10-20-2023

If you look bring up the user record in WS1 and look in the advanced section are both records populated with the LDAP details e.g Distinguished name?

karthik_mac · ‎10-20-2023

Distinguished Name is the issue. The old records does not have Distinguished Name.

Any way to update existing user records?

User Group not showing users with Okta as LDAP server in Workspace ONE UEM

Workspace ONE UEM