- Organization Modeling in Orchestrator
- Managing Large Deployments
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Organizing Resources With Tags
- Orchestrator Read-only Replica
- Exporting grids in the background
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Storing Unattended Robot Credentials in AWS Secrets Manager (read Only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- Bulk Uploading Queue Items Using a CSV File
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Review Requests
- Test Automation
- Testing Data Retention Policy
- Host Administration Portals
- Configuring System Email Notifications
- Managing System Administrators
- Configuring Host Security
- Host Audit Logs
- Customizing the Login Page
- Maintenance Mode
- Managing tags
- Audit Logs
- Overriding System Email Settings
Storing Robot Credentials in CyberArk
Before beginning the procedures below, make sure you have configured your CyberArk® integration.
You must add the login credentials under which your Robot runs. If you have multiple Robots, perform this procedure for all of them. This procedure applies to both local and domain users. From the CyberArk® PVWA interface, follow these steps:
- On the Accounts tab, click Add Account. The Add Account page is displayed.
- Select Windows in the System Type list.
- On the Assign to Platform tab:
- select Windows Desktop Local Accounts if the Robot user is local.
- select Windows Domain Account if the Robot user is part of an Active Directory.
- On the Store in Safe tab, select the safe you previously created.
- On the Define Properties tab, populate the following fields:
For Local Users - Type the name of the machine on which the Robot is installed
For Domain Users - Type the name of the domain in which the Robot machine is installed on.
The name of the account under which the Robot runs.
Password and Confirm Password
Type the password that belongs to the account under which the Robot runs.
Customize Account Name Toggle
Enabled. Type the machine or domain name, and the Robot username. The same name needs to be used in Orchestrator when defining the credential for the robot.
- Click Save. The account is saved. Orchestrator uses this to retrieve the Robot credentials when it needs to, if you have the Robot provisioned in Orchestrator.
After performing the steps above, you have to provision the Robot in Orchestrator. As you are now using CyberArk® to store your passwords, please note that in the Provision Robot window, you no longer have to add the password. However, the user is still mandatory.
When provisioning the Robot in Orchestrator, add the username as you normally would:
- for local users - the actual username, such as
- for domain users - the username and domain it runs under, in the
DOMAIN\usernameformat, such as
Based on the account provided for the Robot, Orchestrator searches for a match in CyberArk®. When a match is found, the corresponding password is retrieved.