Problem
Okta AD Agents, installed when integrating Okta with on-premises Active Directory, can be configured to update automatically 
to the latest version. It is especially important to keep Okta AD Agents up-to-date because Okta stopped accepting connections from legacy version agents (below version 3.18) on March 3, 2025.
β
You can check the version and status of Okta AD Agents in ZeroTek to identify quickly which agents need attention.
β
For automatic updates to be successful, an Okta AD Agent must:
Be version 3.8.0 or later
Have at least one other operational Okta AD Agent installed as redundant support for the same directory integration
If you try to manually upgrade an Okta AD Agent in an environment where it is the only agent installed, Okta displays a warning message and cannot complete the update.
β
Solution
If you cannot manually upgrade an Okta AD Agent because it is the only agent installed, install at least one more agent for redundancy, and retry the manual update.
Alternatively, install at least one more additional agent, and then configure automatic updates as described in the Okta documentation. 
Okta also provides an FAQ about their AD Agent minimum version requirement.