Orchestrator Upgrade( From 2020.10 to 2022.10) Failed With Error DomainUnreachable

News Knowledge Base
1

Upgrade Orchestrator Error (from 2020.10 to 2022.10) .

Issue: Orchestrator Upgrade(from 2020.10 to 2022.10) Failed with Error DomainUnreachable .

Troubleshooting:

  • It is a standalone and single node deployment Orchestrator
  • The error message details:

Migrating Orchestrator users to Identity database...

Running: C:\Program Files (x86)\UiPath\Orchestrator\Identity\Tools\DataMigrator.Cli\UiPath.DataMigrator.Cli.exe migrate-21-4 --sourceConnectionString "Data Source=*****" --destinationConnectionString "Data Source=*****" --webConfigFile "C:\Users\***\AppData\Local\Temp\UiPath_f3eb5197\BCK\UiPath.Orchestrator.dll.config" --batchSize "5000" --identityServerUrl "**********"

In folder C:\Program Files (x86)\UiPath\Orchestrator\Identity\Tools\DataMigrator.Cli

Exit code: -1. Output: Error:-1, Message:An error occurred while migrating orchestrator data during post migration. UiPath.IdentityServer.Directory.Abstractions.Interfaces.DirectoryAdapterException: DomainUnreachable

---> System.UnauthorizedAccessException: Access is denied.

at System.DirectoryServices.ActiveDirectory.Forest.GetTrustsHelper(String targetForestName)

at System.DirectoryServices.ActiveDirectory.Forest.GetAllTrustRelationships()

at UiPath.IdentityServer.Directory.Active.ActiveDirectoryHelper.GetTrustedForestDomainNames(Domain domain, IUiPathLogger logger)

at UiPath.IdentityServer.Directory.Active.ActiveDirectoryClient.GetScopesInternal(String domainName, IDomainResolver domainResolver, IEnumerable`1 domainFilter)

--- End of inner exception stack trace ---

at UiPath.IdentityServer.Directory.Active.ActiveDirectoryClient.GetScopesInternal(String domainName, IDomainResolver domainResolver, IEnumerable`1 domainFilter)

at DataMigrator.Cli.Utils.ActiveDirectoryUserDomainDiscoverer.InitializeActiveDirectoryDomains(String defaultDomain, ILogger logger)

at DataMigrator.Cli.Utils.ActiveDirectoryUserDomainDiscoverer.TryFindUserDomain(String userSid, String& domain)

at DataMigrator.Cli.Utils.MigrationUtils.ConvertADUserUsername(String username, String providerKey, ILogger logger, DirectoryUserDomainDiscovererDelegate directoryUserDomainDiscoverer)

at DataMigrator.Cli.Migrators.UserMigrator.ConvertSourceEntityToDestinationEntity(Users entity)

at DataMigrator.Cli.Migrators.DirectoryUsersMigrator.ConvertSourceEntityToDestinationEntity(Users entity)

at DataMigrator.Cli.Migrators.EntityMigrator`4.ProcessEntitiesBatchAsync(ISet`1 existingKeys, ISet`1 entityKeysToAdd, IAsyncEnumerable`1 sourceEntities)

at DataMigrator.Cli.Migrators.EntityMigrator`4.<>c__DisplayClass15_1.<b__0>d.MoveNext()

--- End of stack trace from previous location ---

...

  • Observed Windows AD authentication is enabled
    • IIS > Sites > UiPath Orchestrator > Authentication > Windows Authentication, is Enabled
    • Login to host tenant as admin account, check Active Directory in External Providers, is Enabled
    • In UiPath.Orchestrator.dll.config file, check Windows.Authentication configuration item

Resolution:

  1. Succeed to upgrade after disable Windows authentication by:
  • Disable Windows Authentication in IIS > Sites > UiPath Orchestrator > Authentication
  • Disable Active Directory in Host Tenant > Identity > Settings > External Providers
  • Update WindowsAuth.Enabled to be false and set WindowsAuth.Domain to blank in UiPath.Orchestrator.dll.config file (note: these configurations will not be used in the new version 22.10):

  1. Enable AD again after upgrade.