[設定] ページでは、管理者が Orchestrator のテナント設定を調整できます。設定をテナントごとに変更する場合は、そのテナント レベルの [設定] ページを使用し、すべての組織のすべてのテナントの設定を一度に変更する場合は、Orchestrator のホスト ポータルの [設定] ページを使用します。
このページでは、テナント レベルの設定について説明します。ここで行った設定は、Orchestrator のホスト ポータルで行った設定よりも優先されます。
注
スタンドアロンの Orchestrator のインストールと Automation Suite の Orchestrator とでは、一部の設定が異なります。その場合は、各設定の説明の下に違いが記載されます。
[全般] タブ
| Field | Description |
|---|---|
| Application Settings | Timezone - The time zone of the tenant. By default, this field is set to UTC. The time zone list depends on the machine. To ensure that all the instances under a multi-node Orchestrator installation have the same time zone list, they must use the same operating system version. Language - The language of the Orchestrator user interface for all tenants, including email notifications and alerts. This setting does not affect robot logs or event logs, which use the Windows language. Changing the organization language settings in Automation Suite. Custom logo - Upload your desired logo which appears in the Orchestrator window header. The accepted formats are .png and .svg, with a maximum file size of 1MB.Changing the company logo in Automation Suite. Custom header color - Select a color for the Orchestrator window header. This is useful for distinguishing between multiple Orchestrator tenants. The header color is selected by clicking the colored square to bring up your machine's color selector. In Automation Suite, you cannot customize the color of the header. |
| Personal Workspaces | Enable Personal Workspaces - Create personal workspaces for all users in a tenant that use a certain attended licensing profile, while also selecting the UI profile to be used for those users. Note: This action cannot be reversed, once the Personal Workspaces feature is enabled it cannot be disabled. |
| Standard Roles | Create standard roles for modern folders. These roles allow you to leverage the benefits of user groups. Click Create Role next to each of the roles you want create. |
| Client Binaries (Robot, Studio, Assistant) Auto-Update Settings | Ignore auto-update status for robot machines that were offline for more than ___ days - Allows you to exclude inactive machines from the update process and no longer take them into account when the update status is reported. |
| Modern Folders | Enable account-machine mappings - Enable the Account-Machine Mappings feature. |
| Classic Folders (deprecated) | Activate Classic Folders - Enable classic folders. Note: Classic folders are deprecated. Enabling them is only recommended if you migrate from an on-premises Orchestrator deployment to Orchestrator in Automation Cloud. |
| Email Setup | Enable alerts email - Enable Orchestrator to send email messages about Fatal and Error alerts. To receive email alerts, email settings must be properly set up. Configuring system email notification settings for all tenants in a standalone Orchestrator deployment. Configuring global email notification settings for all organizations (and the tenants in them) in Automation Suite. Overriding global email notification configuration for a certain organization (and the tenants in it) in Automation Suite. |
[デプロイ] タブ
Enables you to configure and secure feeds for packages and libraries. You can manage the feeds for all tenants from a centralized location using Automation Ops. For more information, see feeds management in the Automation Ops guide.
ここでの設定は、テナント フィードにのみ影響します。フォルダー フィードと個人用ワークスペース フィードは常に内部フィードであり、各フォルダーまたは個人用ワークスペースのコンテキストでのみ使用できます。
パッケージ
オートメーション パッケージを維持できる内部フィードまたは外部フィードを設定できます。既定では、内部フィードが使用されます。基本認証の資格情報を定義するか、API キーを使用して、フィードのセキュリティを保護できます。
| Field | Description |
|---|---|
| Internal | Use an internal feed. The feed can be secured either with the Secure Deployment option or by using an API key: Secure Deployment - Ensures that your automation packages are downloaded through a secure NuGet feed. API Key - The key used to secure your feed against write operations such as delete or upload. |
| External | Use an external feed. The feed can be secured either by using an API key or basic authentication credentials: API Key - The key used to secure your feed against write operations such as delete or upload. Authentication - Enables you to specify the credentials for your basic authenticated feed. Please keep in mind that both the username and the password used with the API Key option should be used in this case as well. When External is selected, the Deployment URL field is displayed where you need to fill in the address where the NuGet feed is located. |
ライブラリ
ライブラリおよびアクティビティ パッケージに使用されるフィードを設定できます。
| Field | Description |
|---|---|
| Only host feed | Libraries are stored in the host feed and are available to all tenants which use it. The Libraries page is the same for one Orchestrator instance, meaning libraries are not isolated at the tenant level: each tenant has access to the other tenants' activity. 🛈 You cannot upload libraries from Orchestrator if this option is selected. 🛈 This option gives robot access only to the host feed. |
| Only tenant feed | Libraries are isolated at the tenant level, meaning data is separated across tenants. You may set an internal or an external feed in which libraries are maintained. By default, an internal feed is used. 🛈 This option gives robot access only to the tenant feed. |
| Both host and tenant feeds | Libraries are isolated at the tenant level, meaning data is separated across tenants. You may set an internal or an external feed in which libraries are maintained. By default, an internal feed is used. 🛈 This option gives robot access to both the host and tenant feeds. |
| Internal | Must be selected in order to use an internal feed as the tenant feed. The feed can be secured either with the Secure Deployment option or by using an API key: Secure Deployment - Ensures that your automation packages are downloaded through a secure NuGet feed. API Key - The key used to secure your feed against write operations such as delete or upload. The user can use it to publish packages. This key is generated by the external provider and has the following format [username]:[password]. For example, admin:2652ACsQhy. |
| External | Must be selected in order to use an external feed as the tenant feed. The feed can be secured using an API key: API Key - The key used to secure your feed against write operations such as delete or upload. The user can use it to publish packages. This key is generated by the external provider and has the following format [username]:[password]. For example, admin:2652ACsQhy.When External is selected, the Deployment URL field is displayed where you need to fill in the address where the NuGet feed is located. |
プロキシサーバー経由で外部フィードを使用する場合の前提条件
Windows 上でプロキシサーバーを設定した状態で外部フィードを使用する場合は、あらかじめ次の手順を行っておく必要があります。
- Orchestrator のアプリケーション プール ([インターネット インフォメーション サービス] > [アプリケーション プール] で [ユーザー プロファイルの読み込み]) オプションを
Trueに設定します。
- アプリケーション プール ID アカウント (
NuGet.config) に関連付けられたC:\Users\[YourAppPoolIdentityAccountName]\AppData\Roaming\NuGet\NuGet.Configファイルに使用したプロキシ設定を追加します。
<config>
<add key="http_proxy" value="http://ipaddress:port" />
</config>
注
Note that deployment settings are loaded only when the Robot Service connects to the server. Whenever they are modified you need to restart the UiRobotSvc service for the changes to take effect.
ロボットのセキュリティ タブ
セキュリティ
| Field | Description |
|---|---|
| Total hours a robot can run offline without license verification | Specify the number of hours a Robot can run offline, without Orchestrator checking its license. By default, it is set to 0. The maximum accepted value is 168 hours. This setting does not apply to Studio. |
ロボットの認証
| Field | Description |
|---|---|
Attended robot authentication | Interactive Sign-in SSO (Recommended) - This option only allows for robot connections with tokens that expire. Users can authenticate their robots only by signing-in with their credentials in the Assistant. Note: User sign in is required to run attended robots, make Orchestrator HTTP requests, or view processes in the Assistant. When using interactive sing-in, there is no need to create machine objects in Orchestrator. Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (interactive sign-in or client credentials). Users have the option to sign-in with their credentials to authenticate their robots, which in turn allows them to connect Studio and the Assistant to Orchestrator, however it is not mandatory. |
| Unattended robot authentication | Client credentials (Recommended) - This option only allows for connections with tokens that expire. It uses the OAuth 2.0 framework as the basis for the authentication protocol, meaning unattended robots can connect to Orchestrator with a client ID - client secret pair generated via machine template objects. The client ID - client secret pair generates a token that authorizes the connection between the robot and Orchestrator and provides the robot with access to Orchestrator resources. Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (client credentials). |
[拡張性] タブ
Robot サービスが Orchestrator の SignalR チャネルをサブスクライブするかどうかを指定したり、最適なトランスポート プロトコルを設定したりします。これらの設定はアップグレード時に保持されます。
SignalR (Robot)
| Field | Description |
|---|---|
| Enabled | This toggle specifies if the Robot service subscribes to Orchestrator's SignalR channels or not. By default, this setting is enabled, and all available channels are selected: WebSocket Server-Sent Events (SSE) Long Polling When all transport channels are enabled, the best available transport is automatically selected, in the following priority order: WebSocket > Server-Sent Events > Long Polling. If the first protocol is not available for any reason, the next in line (if enabled) is used to facilitate the communication between Orchestrator and Robot. |
| WebSocket | When selected, enables the WebSocket transport protocol to be used to connect the Robot to Orchestrator's SignalR channels. This is the highest protocol used in the order of priority due to its performance and support for simultaneous communication in both directions - from the Robot service to Orchestrator and vice versa. If the SignalR (Robots) feature is not enabled, WebSocket becomes the only available transport protocol. |
| Server-Sent Events (SSE) | When selected, enables the Server-Sent Events (SSE) push technology to be used to connect the Robot to Orchestrator's SignalR channels. This is the first backup in case WebSockets is not available for any reason. This option cannot be used if the SignalR (Robots) feature is not enabled. |
| Long Polling | When selected, enables the long polling transport protocol to be used to connect the Robot to Orchestrator's SignalR channels. This protocol is used in case the WebSockets and SSE ones are not available. This option cannot be used if the SignalR (Robots) feature is not enabled. |
[非稼働日] タブ
トリガーの実行を制限する、非稼働日のリストをテナントごとに定義できます。つまり、祝日や土日など、通常の業務がない日には、長期スケジュールがトリガーされないように設定できます。定義された非稼働日を過ぎると、通常どおりにトリガーされるようになります。
これらの制約をトリガーに適用するには、トリガー設定時に非稼働日カレンダーを選択する必要があります。[非稼働日] タブで加えたすべての変更は、そのカレンダーを使用するすべてのトリガーに影響を与えます。
注:
テナント レベルで設定されているタイムゾーン ([設定] > [全般]) とは異なるタイムゾーンのトリガーについては、[非稼働日制限] が無効化されます。タイムゾーンが明示的に定義されていないテナントは、ホストからタイムゾーンを継承します。
非稼働日の管理方法の詳細については、こちらをご覧ください。
Updated 5 days ago