- Getting Started
- Requirements
- Best Practices
- Deployment and Configuration Considerations
- Encrypting the SQL Server
- Disabling the HTTP Method Override Request
- Using the FileSystem Storage Allowlist Securely
- Installation
- Updating
- Identity Server
- Troubleshooting startup errors
Orchestrator Installation Guide
Deployment and Configuration Considerations
There are two potential threats to guard against when configuring the user and robot permissions in Orchestrator: a malicious user or a malicious developer.
The authentication between Orchestrator and Robots is based on a shared key accessible only by the Administrator on the robot machine. If the machine user has administrative rights and can access that key, they would then be able to impersonate other robots when making calls to Orchestrator.
To mitigate the risks and potential impact from a malicious user, follow these guidelines:
- On machines configured for attended automation, ensure that the users on that machine do not have administrative rights.
- Limit robot permissions to the minimum required to execute the particular automation(s).
- In modern folders, disable robot creation for those users with administrator or other high-privilege roles in Orchestrator.
A malicious developer could deploy a process that, when executed by a user with high-level permissions in Orchestrator, grants that developer unwanted access or steals data.
To mitigate the risks and potential impact from a malicious developer, follow these guidelines:
- Maintain control and validation over any packages being deployed in Orchestrator.
- Audit automations prior to deployment to production (i.e., code review, virus scan, etc.).
- Limit robot permissions to the minimum required to execute the particular automation(s).
- In modern folders, disable robot creation for those users with administrator or other high-privilege roles in Orchestrator.
The default password policy states that all user passwords should contain at least 8 characters and at least one letter and a digit. This can be changed and made more complex in the Settings page, on the Security tab. For more information, see the Settings Description topic.
SecureAppSettings
section of the UiPath.Orchestrator.dll.config
file. To see how this can be done, please see Encrypting UiPath.Orchestrator.dll.config Sections.
The auto-complete feature available in most web browsers is not completely safe. To ensure that nobody can discover your Orchestrator login password, we recommend that you disable the aforementioned functionality in your preferred browser.
If you are using Internet Explorer 11:
- In Internet Explorer, click Tools > Internet Options. The Internet Options window is displayed.
- In the Content tab, select Settings. The AutoComplete Settings window is displayed.
- Clear the User names and passwords on forms checkbox.
- Click OK. Your settings are saved.
Change the default system administrator password (that was communicated to you by our team). You can do this by editing the user profile information. For more information, see Managing tenants.
When you first log in to Orchestrator, do not select the Remember Me password. This helps you log out of the current session every time.
While enforcing an HTTPS connection is important, it is just as important to have an SSL certificate from a trusted provider.
Additionally, you can remove the HTTP binding:
- Open IIS.
- In the Connections panel, navigate to the Sites folder.
- Click the Orchestrator site. The Actions panel is updated accordingly.
- Click Bindings. The Site Bindings window is displayed.
- Click the HTTP binding and then Remove. The HTTP binding has been deleted.
We recommend adding security caching directives to hide sensitive information that may be displayed in HTTP headers. Ideally, all responses should return the following HTTP headers:
Cache-control: no-store, no-cache, must-revalidate,private,s-maxage=0
Pragma: no-cache
Cache-control: no-store, no-cache, must-revalidate,private,s-maxage=0
Pragma: no-cache
web.config
file, in the customHeaders
section, in the following format:
<add name="Cache-control" value="s-maxage=0"/>
<add name="Cache-control" value="s-maxage=0"/>