Unable to login with Admin or AD user after upgrading to 2021.10 - Exception during external login callbackSystem.IndexOutOfRangeException: Index was outside the bounds of the array

Why the User cannot log in to Orchestrator, even if the password for the Admin is correct?

Issue Description: Following the upgrade to Orchestrator version 2021.10.0, the Admin user cannot login to a tenant. The web UI error message is "An unknown error has occurred (#200)"


Resolution:
Note:
Before performing this workaround, take a backup first and only then try to perform the steps with an Admin DB user.

The Following exception is raised in the EventViewer.

Exception during external login callbackSystem.IndexOutOfRangeException: Index was outside the bounds of the array.

at void UiPath.Orchestrator.Core.IdentityServer.IdentityServerExtensions.FixActiveDirectorySource(DirectoryEntity identityUser, DirectoryObjectDto directoryObject)

at DirectoryUserDto UiPath.Orchestrator.Core.IdentityServer.IdentityServerExtensions.ToDirectoryUserDto(DirectoryUser identityUser)

at DirectoryUserDto UiPath.Orchestrator.Core.IdentityServer.IdentityServerExtensions.ToDirectoryUserDto(DirectoryEntity entity)

at async Task UiPath.Orchestrator.Core.IdentityServer.IdentityServerDirectoryClient.GetUserAsync(DirectoryIdentifier directoryIdentifier)

at async Task UiPath.Orchestrator.Core.DirectoryService.DirectoryExtensions.GetUserAsync(IDirectoryClient client, UserType userType, DirectoryIdentifier directoryIdentifier)

at async Task UiPath.Orchestrator.Security.Auth.Common.UserMapping.IdentityUserMapper.HandleLoginSuccessAsync(ExternalLoginInfo loginInfo, UiUser user)

at async Task UiPath.Orchestrator.Controllers.AccountController.GetExternalLoginResult(ExternalLoginInfo externalLoginInfo, string tenancyName)

at async Task UiPath.Orchestrator.Controllers.AccountController.TryMapAndLoginUserAsync(string returnUrl, ExternalLoginInfo externalLoginInfo, string tenancyName)

at async Task UiPath.Orchestrator.Controllers.AccountController.ExternalLoginCallback(string returnUrl, string tenancyName)

To solve this, the user needs to perform the following workaround on the UiPath database:

There is a possibility to update UserName and NormarlizedUserName from [identity].[AspNetUsers] table to the format samAccountName@domain.

Update [UiPath].[identity].[AspNetUsers] set [UserName] ='username@domain' WHERE ID ='XXXXX';

Update [UiPath].[identity].[AspNetUsers] set [NormarlizedUserName] ='username@domain' WHERE WHERE ID ='XXXXX';

( XXXXX = Coresponding ID from the [identity].[AspNetUsers table])

Note: Be aware that NormarlizedUserName must be written uppercase letters.

Once the above query is executed, it is required to login to the application with respective SamAccountName@domain which was updated in the database or with the email address of this user.