Okta Admin Cert Study

Question 1

If you installed the Okta Active Directory (AD) Agent on a DMZ server, you need to open the following ports:

Answer 1

135/TCP RPC
137/UDP NetBIOS
138/UDP NetBIOS
139/TCP NetBIOS
389/TCP/UDP LDAP
636/TCP LDAP SSL
3268/TCP LDAP GC
3269/TCP LDAP GC SSL
53/TCP/UDP DNS
88/TCP/UDP Kerberos
445/TCP SMB
464/TCP/UDP Kerberos Change/Set password
123/UDP NTP
In addition, you must open your DCOM RPC ports

Question 2

when configuring an AD integration, use this option to use the UPN from AD to create the Okta user name.

Answer 2

User Principal Name (UPN)

Question 3

When importing users from AD, in what circumstances does it create an exact user match in Okta?

Answer 3

1. Okta username format matches
2. Email matches
3. The following required attributes match — Select from the list of options to establish your criteria. For the new imported user to be considered an exact match, each option that you select must be true.
4. The following attributes match — Select from the list of options to establish your criteria. For the new imported user to be considered an exact match, each option that you select must be true.

Question 4

What are the two profile types supported by Universal Directory

Answer 4

User, Group

Question 5

What are the base attributes for a Group Profile in Universal Directory?

Answer 5

Name (Case sensitive, must be unique) and Description

Question 6

What is the app user profile in Universal Directory?

Answer 6

It lists the app attributes that Okta can read and write to. An app profile controls the attributes that Okta pushes to an app or imports from an app.

Question 7

What is attribute level sourcing?

Answer 7

This lets you specify different profile sources for individual user attributes. Without it, all of a user’s attributes are provided by a single profile source.