Orchestrator
2022.10
false
- Getting Started
- Requirements
- Best Practices
- Installation
- Updating
- Identity Server
- High Availability Add-on
- Troubleshooting startup errors
Orchestrator Installation Guide
Last updated Apr 3, 2024
Installation
Identity Server and Orchestrator are installed together on the same IIS server. Please read here how to proceed with Orchestrator installation.
By default, the installer uses the same database for Orchestrator and Identity Server, but you can specify a different database
during installation. The installed Identity Server address is
https://OrchestratorURL/identity.
Important:
- For large deployments, we recommend using a separate database for Identity Server.
- Double-check the selected installation path. Moving an installation from one location to another post-install is not supported.
The results of performing an Orchestrator installation are the following:
- Orchestrator's
UiPath.Orchestrator.dll.configfile is updated with Identity Server specific keys. - Identity Server's
appsettings.jsonfile is updated with Orchestrator specific settings (encryption keys, caching, Redis settings, etc.).
The results of performing an Orchestrator update are the following:
- Pre-existent Orchestrator data such as users, tenants, host or default settings are propagated to Identity Server.
- Orchestrator's
UiPath.Orchestrator.dll.configfile is updated with Identity Server specific keys. -
Identity Server's
appsettings.jsonfile is updated with Orchestrator specific settings (encryption keys, caching, Redis settings, etc.).Important:During Orchestrator update, the installer cannot read an encrypted SecureAppSettings section . In order to read theEncryptionKeyfrom Orchestrator's config file and then migrate it into Identity Server'sappsettings.Production.jsonfile, the key must be plain text. You need to manually decrypt the section before updating Orchestrator. After the Orchestrator update process was finalized, remember to re-encrypt theSecureAppSettingssection inUiPath.Orchestrator.dll.config.If you have any external providers enabled inUiPath.Orchestrator.dll.config, you are prompted about the manual changes you need to perform in the external providers' location.For security reasons, for the certificate used to sign the access tokens generated by the Identity Server, make sure to use a public key on 2048 bits. The certificate's location has to be set withinappsettings.Production.json's Signing Credential section.After updating your Orchestrator to v2020.4+, the Profile page won't display login attempts previous to that update, but all the details are still accessible from Orchestrator's database.
