Make sure to create a backup of the original Orchestrator and Identity Server databases' connection strings of the Automation Suite deployment. To prevent data loss when creating the backup, close all open sessions or connections to UiPath products and services.
There are cases where multiple services (e.g., Orchestrator and Identity Server) share the same database in your standalone setup whereas Automation Suite automatically creates separate databases for them as part of the migration process.
In this case, after backing up your shared database in your standalone environment, you need to provide its connection string for the newly created, separate databases in Automation Suite. This should result in two different databases with the same connection string.
Make sure you use multiple databases for the platform services instead of a single one. Use the advanced deployment option for that. Simplified Automation Suite deployment creates a single database for all of Automation Suite's shared services and capabilities (e.g., Identity Server, Location, Audit, etc.) whereas the standalone deployment only features Identity Server and is not aware of other services.
Once you restore the standalone Orchestrator database backup to Automation Suite’s SQL Server, you need to update the connection strings using ArgoCD. Take the following steps:
- Log in to ArgoCD and navigate to the Applications page, as shown in the following image:
- From the Search applications bar, select UiPath repository.
The resulting screen should look similar to the one shown in the following image.
- Click the UiPath parent node and choose the Parameters tab in the ribbon menu.
Click Edit, update the following parameters, and save your configuration:
Update the custom Identity Server application settings in the service config map. To do that, run
kubectl edit secret identity-generated-secrets -n uipathand update the
DatabaseProtectionSettings.EncryptionKey2021value, using a base64 encoded value of the original.
To update the identity token signing certificate, use the instructions provided in Managing the identity token signing certificate.
If you are using SAML or an identity provider certificate that is different from the initially provided certificate, click Edit again, update the following parameters, and save your configuration:
global.userInputs.certificate.identity.saml.currentServiceCert(replace it with the base64 serialization of the service certificate; the service certificate requires a private key).
global.userInputs.certificate.identity.saml.currentServiceCertPassword(replace it with the base64 serialization of the SAML certificate password)
global.userInputs.certificate.identity.saml.futureServiceCert(if you need to rotate the service certificate, replace the parameter with the base64 serialization of the service certificate; the service certificate requires a private key).
global.userInputs.certificate.identity.saml.futureServiceCertPassword(if you need to rotate the service certificate, replace the parameter with the base64 serialization of the certificate password)
Alternatively, you can update the certificate values using the following scripts.
- Use the following command to change the values for
sudo ./configureUiPathAS identity saml2-cert update --cert-file-path </path/to/cert> --password.
- Use the following command to swap the future and current service certificates:
sudo ./configureUiPathAS identity saml2-cert rotate.
- Return to ArgoCD's Applications page and start the synchronization of the following repositories:
- rabbitmq-cluster (no need to synchronize the rabbitmq-operator)
Updated 26 days ago