UiPath Powershell script error - To sync up AD group

ajaykolla · July 10, 2019, 10:47am

We are configuring import procedure(powershell script url is specified below) to sync active directory group and UiPath user list. We are unable to connect to Active directory server using UiPath’s locally created admin(which will not be possible as admin user is not part of Enterprise ID, find the error message below and screenshot attached). However when we tried with User ID available Active directory, we are not able execute Get -uipathRobot
and generate the list of Robot available in the Orchestrator tenant. The user is assigned with administrator privileges. is there any workaround?.

github.com

UiPath/orchestrator-powershell/blob/master/Examples/Sync-UiPathADUsers.ps1

<#
    .SYNOPSIS
        Synchronises Orchestrator users with Windows or Azure Active Directory, based on AD group membership mapped to Orchestrator Roles.
    .DESCRIPTION
        New users in AD are added to Orchestrator and existing users added moved to the correct Role.
        Azure AD users are matched by comparing the Azure AD user principal name with the user Email in Orchestrator.
        The script also handles removing Orchestrator users from roles when they were removed from the corresponding AD group.
        AD users that were removed from all relevant AD groups (eg. an employee that changed role) or were removed from AD (eg. a former employee that left the company) become 'orphaned users'. They are still defined in Orchestrator but do not have any Role. The script supports the -OrphanedUsersAction parameter allowing to optionally List or Remove these users.
        The script is idempotent, repeated invocations should not modify the Orchestrator users unless something changed in AD.
        You should first import the UiPath.PowerShell module and authenticate yourself with your Orchestrator using Get-UiPathAuthToken before running this script.
        The script does not modify the Admin user roles membership, even if the Email matches the AzureAD domains. This is a common scenario and can result in accidentally locking Admin user out of Administrators group.
        The script adds new Orchestrator users using the Azure AD DisplayName as Name and leaves Surname empty. It does not try to split the DisplayName and figure out the Surname.
    .PARAMETER DomainName
        The Windows domain to sync users with. It does not necessarily has to be your current user or machine domain, but there must be some trust relationship so your Windows session can discover and interogate this domain AD.
    .PARAMETER AzureAD
        Use currently connected Azure AD for sync. You must first connect the PowerShell session to Azure AD using Connect-AzureAD
    .PARAMETER RolesMapping
        A Hashtable mapping AD groups to Orchestrator roles. Make sure you type the names correctly.
    .PARAMETER OrphanedUsersAction
        Optional action to handle orphaned users. You can List or Remove these users.

This file has been truncated. show original

Pablito · July 22, 2019, 6:23am

Hi @ajaykolla,
Can you show the error and screen shot you have? Which command have you exactly already tried?

Topic		Replies	Views
UI Path Active Directory Group Integration Help	6	8140	July 11, 2019
UI Path Active Directory Group Integration -Orchestrator Help orchestrator	0	1484	July 10, 2019
Accidently removed all the admin users from the tenent Automation Cloud orchestrator , question	2	1304	May 5, 2021
Add AD User Error in Orchestrator Orchestrator orchestrator , question	4	1576	December 9, 2021
AAD integration with Uipath Apps executing Unattended workflows Apps	1	938	February 8, 2022

Most Active Users - Yesterday
sharazkm32
V_Roboto_V
Darshan_Sable
Bart_Simpson
More details...

UiPath Powershell script error - To sync up AD group

Related topics