Can Create AD User through Assistent on Server but not from Orchestrator: Access is denied

Help Orchestrator
,
1

Hi Everyone.

I would like to create an Active Directory User with the IT Automation for Public, Private & Hybrid Clouds Template from UI Path.
It works when I execute the Process from UI Assistant on the Server itself.
But as soon as I start the same process from orchestrator, I get the following error:

An exception occurred when creating the user h.muster Exception: UiPath.ActiveDirectoryDomainServices.Activities.ActiveDirectoryException: An error has occurred: Access is denied. —> System.UnauthorizedAccessException: Access is denied. at System.DirectoryServices.Interop.UnsafeNativeMethods.IAds.SetInfo() at System.DirectoryServices.DirectoryEntry.CommitChanges() at UiPath.ActiveDirectoryDomainServices.Entry.UserEntry.Create(String cn, String sAMAccountName, String password, ObjectEntry parent, IDictionary2 properties, Boolean enabled) at UiPath.ActiveDirectoryDomainServices.Service.ActiveDirectoryService.CreateUser(String cn, String sAMAccountName, String password, String locationDn, IDictionary2 properties, Boolean enabled) at UiPath.ActiveDirectoryDomainServices.Activities.CreateUser.Execute(CodeActivityContext context, ActiveDirectoryService service) at UiPath.ActiveDirectoryDomainServices.Activities.ActiveDirectoryActivity.Execute(CodeActivityContext context) — End of inner exception stack trace — at UiPath.ActiveDirectoryDomainServices.Activities.ActiveDirectoryActivity.Execute(CodeActivityContext context) at System.Activities.CodeActivity.InternalExecute(ActivityInstance instance, ActivityExecutor executor, BookmarkManager bookmarkManager) at System.Activities.ActivityInstance.Execute(ActivityExecutor executor, BookmarkManager bookmarkManager) at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)

The process gets executed from a robot with domain admin windows credentials.
The same domain admin user can execute the process through UI assistant locally on the server without any issue.
Checking if the AD User exists before creating it seems to work. So the connection from orchestrator to the robot seems to be correct.
It seems like the robot is trying to create the user with other credentials than I provided, but I can’t figure out where I can change them.
What am I missing?
Thank you in advance.

Kind regards

2

Hello @Billy!

It seems that you have trouble getting an answer to your question in the first 24 hours.
Let us give you a few hints and helpful links.

First, make sure you browsed through our Forum FAQ Beginner’s Guide. It will teach you what should be included in your topic.

You can check out some of our resources directly, see below:

  1. Always search first. It is the best way to quickly find your answer. Check out the image icon for that.
    Clicking the options button will let you set more specific topic search filters, i.e. only the ones with a solution.

  2. Topic that contains most common solutions with example project files can be found here.

  3. Read our official documentation where you can find a lot of information and instructions about each of our products:

  4. Watch the videos on our official YouTube channel for more visual tutorials.

  5. Meet us and our users on our Community Slack and ask your question there.

Hopefully this will let you easily find the solution/information you need. Once you have it, we would be happy if you could share your findings here and mark it as a solution. This will help other users find it in the future.

Thank you for helping us build our UiPath Community!

Cheers from your friendly
Forum_Staff