Users Authenticating Through Windows Auth Do Not See Any Tenants From Which They Can Choose

In certain cases the AD users are deleted and then recreated within AD with the same groups.

Root Cause: The issue is caused because the users from AD are no longer matching with the ones from the UiPath Database. Even if all the details are the same, each AD account has a unique ID called SID that is being saved in the DB on user creation. If the SID of the AD user is no longer matching with the one from the DB, this issue will happen where the user is no longer able to authenticate because they are no longer able to pick any tenants.

Resolution: Manually update the SID from the database using the following SQL queries,

update [UiPath].[identity].[AspNetUsers] set Directoryld= 'ad|S-1-5-21-12707670-3146586994-2718942323-1107@cosminow'

where [UserName] ='test@cosminow'

update [UiPath].[identity].[AspNetUserLogins] set [ProviderKey]= 'S-1-5-21-12707670-3146586994-2718942323-1107'

where userid ='EA98BD1F-1EED-44F2-9ACF-088598718810'

Get the SID either from AD or by running the following command in CMD on the user's machine:

  • WMIC useraccount get name,sid

The same thing can be achieved by reimporting the users from AD.