You can deactivate delegated authentication for a Microsoft Active Directory (AD) Bridge associated with an AD domain. Users transferred into Oracle Identity Cloud Service through this bridge must use their Oracle Identity Cloud Service passwords to authenticate into Oracle Identity Cloud Service. Also, by deactivating delegated authentication, you can verify that the AD credentials from a user in that domain can be used to sign in to Oracle Identity Cloud Service before activating delegated authentication for the bridge.
- In the Identity Cloud Service console, expand the Navigation Drawer, click Security, and then click Delegated Authentication.
- Expand the node to the left of the AD Bridge for which you want to deactivate delegated authentication.
- Turn Off the Activate Delegated Authentication switch.
- In the Deactivate Delegated Authentication window:
- Select the Send a Password Reset Notification (recommended) option if you want users in the AD domain associated with the AD bridge to receive notifications to reset the passwords for their accounts. This is recommended for security purposes.
- Select the Create a Password option if you want to create a password for the users in the domain associated with the bridge, and send them a notification to use this password to sign in to Oracle Identity Cloud Service.
- Click OK.