What to perform when logging on to the Orchestrator as a domain account takes longer?

Issue Description:

There is a known issue where Orchestrator takes a long time to retrieve user and membership information from AD.

Resolution:

Two workarounds are recommended as below.
Note: Configuration updates are made in UiPath.Orchestrator.dll.config file.

Approach #1: Configure the following setting to make Orchestrator retain the information in memory for a while

Approach #2: The following setting will make Orchestrator take advantage of a faster strategy for fetching Active Directory group membership

The second approach works best for large AD environments made of nested groups, with users residing in a single domain. It does not work across multiple domains.

A user belonging to a specific domain cannot inherit access rights from parent groups in other domains, despite having a two-way trust relationship between them.


Note: This applies to scenarios where the AD adapter is used instead of the LDAP adapter. More info on this can be found here.