In which scenario would a user be unable to change their directory-linked password within Okta?

A user would be unable to change their directory-linked password within Okta when they are a Directory-Mastered individual because their password is managed by an external directory, such as Active Directory or LDAP. In this scenario, Okta acts as a bridge to the directory and does not have the ability to modify the password directly. Any password changes must be performed within the external directory itself, which ensures that the authentication process remains centralized and secure. Therefore, the user’s profile in Okta reflects this linkage and does not allow for independent password management within the Okta environment.

Other scenarios mentioned in the options allow for the potential of password changes under specific circumstances. For example, users accessing Okta via a mobile device can usually change their passwords if Okta supports that function. Okta Super Administrators typically have permissions to manage user accounts, including password changes. External users may have certain restrictions depending on how their accounts are configured but it does not inherently prevent them from changing passwords in all cases.