The following procedure has to be followed only if you did not enable Windows authentication during the installation process, as described here.

🚧

Prerequisite

To integrate with Windows Active Directory and use Windows Authentication, you must open the LDAP port 389 on the Primary Domain Controller.

To enable Windows Authentication in Orchestrator, perform the following actions:

1. Open IIS (Internet Information Services Manager).
2. In the Connections section, navigate to the UiPath Orchestrator site. The Features View panel is updated accordingly.
3. Double-click Authentication. The Features View section is updated accordingly.

4. Select the Windows Authentication option and, in the Actions section, click Enable. Windows authentication is now enabled for the UiPath Orchestrator site.
5. Make sure that the ASP.NET Impersonation option is Disabled.
6. In the Connections panel, navigate to the Orchestrator Server Node. The Features View is updated accordingly.
7. In the Management section, double-click Configuration Editor. The Features View is updated accordingly.
8. In the Section drop-down list, navigate to system.webServer/httpErrors. The Features View is updated accordingly.

9. In the Actions panel, click Unlock Section. If the section is not locked, skip this step.
10. Select the defaultPath attribute and click Unlock Attribute in the Actions panel.
11. Close IIS.
12. Open the Web.config file.

13. Set the WindowsAuth.Enabled parameter to true.
14. In the WindowsAuth.Domain parameter, enter the Windows domain that the AD group is in.
15. Save the web.config file.
16. Add your AD users as explained here.