You just re-enabled IWA DSSO and notice it's not behaving as it should. What is an aspect you should keep in mind?
Solution: That when re-enabling IWA DDSO a new set of Identity Provider (IDP) routing rules have to be created
When using Okta Expression Language, which of the following will have the output: This is a test
Solution: String.append("This is", " a test")
In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser.
Solution: The statement is valid, but Okta is not the one doing authentication - IWA Agent and AD Agent are doing that as AD agent verifies the AD user's identity
In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because:
Solution: An IDP authorizes the users, while the SP authenticates them
Whenever you make an API call, you will then get back:
Solution: A new object (a user, group or app object)
When a user's Okta password is changed:
Solution: All apps that are Provisioning-enabled and have Update Attributes option active under Provisioning settings - will begin to sync the password in respective apps, as password is an attribute of their profile - but only if JIT Provisioning is enabled as well as it has to be a just-in-time action, the moment the user resets the password
When using Okta Expression Language, which of the following will have the output: This is a test
Solution: String.join(",", "This", "is", "a", "test")
What does it mean: "Mapping Direction AD to Okta"?
Solution: Indicates a schema of attribute values flowing Okta towards AD
In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser.
Solution: The statement is entirely valid
When you call a GET API call for users / groups / and other such objects, the response is usually Paginated, in case these are a lot of objects returned. What do you do in order to retrieve all objects?
Solution: You call the very same API multiple times, till the response will be empty
Can you map the Okta user ID as an Office 365 Immutable ID?
Solution: Done via mappings, by pushing from Okta to Office 365: user.getInternalProperty("id")
What does SCIM stand for?
Solution: System of Cross-scripting-domain Identity Management
When using Okta Expression Language, which variable type results out of this Okta Expression? isMemberOfGroup("groupId")
Solution: Graph
Does Okta require an Agent to sit in-between Okta to SCIM-enabled app on premises requests?
Solution: Yes, and AD Agent
With Okta Retention Policy, App generated data and reporting based on log data older than how many months is automatically removed (not considering the Backup Data)?
Solution: 3 months
The Okta On-Prem MFA Agent acts as a Radius client and communicates with the RADIUS enabled On-Prem server, including RSA Authentication manager for RSA SecurIDs. This basically allows your organization to leverage Second Factor from a variety of On-Premises multifactor authentication tools.
Solution: The statement is true