The user is not a member of the specified AD domain - for one tenant

I have just upgraded our on-prem Orchestrator from 2019.10.x to 2121.4.2.

We have two tenants, development and production. We use Windows domain accounts to log in to Orchestrator. I can log in to the Production tenant fine and can see everything and our robots seem fine and jobs are running, however I cannot log into the development tenant in the same Orchestrator. When I try to log in to the development tenant I get this error displayed in a red box on screen:

The user is not a member of the specified AD domain. (#1018)

I was able to log in to the production tenant without the app pool account having load profile = true in the app pool but I set it to true anyway and that did not fix the issue.

An update to this:

The windows event log on the Orchestrator server contains the following:

Cannot create external login for S-1-5-21-2467367700-4178202898-133568193-63824UiPath.Orchestrator.Core.Exceptions.BusinessConflictException: Error code - 1028, Message - ‘Email ‘my.name@thecompanyiworkfor.com’ is already taken.’
at async Task UiPath.Orchestrator.Application.Users.UserService.CreateAsync(UserDto input, UserCreateContext context)
at async Task Abp.Domain.Uow.UnitOfWorkInterceptor.InternalInterceptAsynchronous(IInvocation invocation)
at async Task Abp.Domain.Uow.UnitOfWorkInterceptor.InternalInterceptAsynchronous(IInvocation invocation)
at async Task Abp.Runtime.Validation.Interception.ValidationInterceptor.InternalInterceptAsynchronous(IInvocation invocation)
at async Task UiPath.Orchestrator.Application.Provisioning.DirectoryProvisioner.ProvisionUserAsync(DirectoryUserDto directoryUser)
at async Task UiPath.Orchestrator.Application.Provisioning.DirectoryProvisioner.LoginUserAsync(DirectoryIdentifier directoryIdentifier)
at async Task UiPath.Orchestrator.Security.Auth.Common.UserMapping.DirectoryUserMapper.MapLoginAsync(DirectoryIdentifier directoryIdentifier, string tenancyName)
at async Task UiPath.Orchestrator.Security.Auth.Common.UserMapping.IdentityUserMapper.MapLoginAsync(ExternalLoginInfo info, string tenancyName)
at async Task UiPath.Orchestrator.Controllers.AccountController.GetExternalProviderLoginResult(ExternalLoginInfo externalLoginInfo, string tenancyName)

So it appears that Orchestrator is unable to successfully migrate my account to the new way of working in the background when I log in as it has already been created for the production tenant.

Where/how do I report this bug and is there a workaround?

@loginerror can you help me with this?

Hi @Craig1

The best way to resolve the on-premise installation issues would be to contact our technical support directly via this form:

Thanks. I have support on this now and the issue has been recreated by the support engineer.

1 Like