I’ve just finished installed a multi-node on-prem orchestrator. However, I’m trying to connect this with our Active Directory AD and it’s not working. I’ve done the same thing that worked in other similar installations, but for this particular isn’t working.
This is the field that I need to have on my Orchestrator
I believe the windows authentication is not enabled by default during the installation and it’s required only if you are using Windows authentication to authorize the user access. We are using SAML instead, so we don’t need it. However, we do need the AD users and groups from within the Orchestrator in order to provision access to them.
We can enable windows authentication if needed while installation itself…and yes only if needed
And as you want ad groups for provisioning access the first two steps in the above are still mandatory…the second I believe you have already done…please check on the first too…ignore strp 3 and 4
I have executed the steps 1 and 2. But we are still facing the same issue. I believe this is a bug of the 2023 version and we have a ticket open with the UiPath support. Let’s see what will be the outcome.
Interesting! Do let us know the outcome of the ticket.
Just curious, if you can add users via AD, those users would also be able to authenticate using Windows authentication right? Is there a reason why they are to be added from AD but authenticate using SAML?
It depends on your solution. You might want to connect to your Active Directory and use Windows Authentication, but you can also use SAML. On my specific case, it’s a security requirement to use SAML instead of Windows. But the AD users and groups should work regardless how you authenticate.
Having the same issue, Domain Field does not show up and i cant search any users within AD after enabling it.
Though upon login, i tried to log my AD Account and looks like windows was able to authenticate it (checked via windows events, where orchestrator is hosted)
after the login using AD, the below error shows, which is quite expected as i cant see/add any users in the default organization in orchestrator,
Ill try to verify the 2-way trust and WAA, for now. the server is joined to domain and i was able to access it via AD during RDP.
One weird is thing is about WindowsAuth.Domain, i cant seem to find where it was located.
i tried to check UiPath.Orchestrator.dll and Web.config but there is no WindowsAuth.Domain Parameter, and i cant see any docs on where to put it manually.
Thank you.
If you are using on-prem Orchestrator version 22.10 or lower, just go to your IIS Manager and enable Windows Authentication, then the Domain filed will show up. The same process hasn’t worked in the 2023 version for some reason. Maybe there should be some sort of issue with it. We rolled back the installation of the 2023 and are finishing everything on the 2022.10.
we were able to make it work in latest version.
i missed enabling the AD Integration in identity, BUT i thought we did after switching the Active Directory in the 2023.4 UI.
in the latest UI: after enabling active directory, we should also click edit and “test and save” in the lower part, domain field now showed up and was able to verify it
2022.3