- If the machine on which Orchestrator is installed runs on Windows Server 2008 R2, firstly you need to install .NET Framework 4.6.2, and secondly, to register the correct version of ASP.NET with IIS.
a. Run Command Prompt as an Administrator and go to the following folder:
b. Run the following 2 commands:
- Test the connection between the Orchestrator server and SQL Server. That enables you to troubleshoot any web pages that might not be displayed correctly later on. The following actions are required to ensure that Orchestrator can access the SQL Server machine:
2.a. Open ODBC Data Sources (64-bit).
2.b. In the User DSN tab, click Add to create a new data source. The Create New Data Source window is displayed.
2.c. Select the SQL Server whose corresponding Version column displays 6.03.
2.d. Click Finish* to confirm the previous selection. The Create a New Data Source to SQL Server** is displayed.
2.e. Type "test" in the Name field, and the name of the SQL Server machine in the Server field - for example, ROBOSQL01.
If the SQL Server instance is not the default one, you also need to specify its name in the following form: ROBOSQL01\secondinstance.
2.f. Click Next. The authentication page is displayed.
2.g. Choose between the Windows Integrated authentication and the SQL Server authentication.
The Login ID and Password fields in the SQL Server authentication section display the current Windows user and are not editable. If the service account that was allocated to connect to SQL server is different from the current Windows user, the process above needs to be started over, as explained below.
a. Press and hold the Shift key while right-clicking the ODCB Data Sources executable or shortcut. The context sensitive menu is displayed.
b. Select the Run as different user option. A Windows security window is displayed.
c. Enter the credentials which correspond to the correct service account.
d. Perform the steps spanning from 2.b. to 2.f. again.
If you choose the SQL Server authentication method, you need to provide the SQL Server username and password.
2.h.Click Client Configuration. The Add Network Library Configuration window is displayed enables you to ensure that the SQL Server uses the same port and protocol as Orchestrator.
2.i. Make sure that the TCP/IP network library is selected.
2.j. Uncheck the Dynamically determine port option and make sure the Port number is 1433.
2.k. Click OK. Your settings are saved.
2.l. Follow the remaining steps of the wizard without making any more changes. The ODBC Microsoft SQL Server Setup window is displayed.
2.m. Click **Test Data Source**, and then click **OK**.
- On any computer with Internet access, download
- Copy the downloaded files to the machine on which Orchestrator is to be installed.
- Extract the files from
scripts.zipto the folder where the files above were downloaded.
- Do not unzip
UiPath.Web.zip. The installer needs to use it as a ZIP file.
- Make sure that all the PowerShell scripts are located in the same folder as
UiPath.Web.zip, as in the screenshot above.
- To see more details about the script, open the PowerShell console and execute the following command:
If you do not have the rights to run the scripts, first execute the following command:
The script does not need to be edited. All alterations are passed to the script as command line parameters.
Find some examples of command line parameters and their explanation below.
If you don’t provide any explicit parameter, the following happens.
- You are prompted to type the certificate name. Please enter the name of the entity the certificate was issued to. If you don’t want to be prompted, you can type it in the command line by using
xxxxstands for the name of the entity the certificate was issued to.
If you don’t want to be prompted to enter the certificate name, you can type it in the command line by using
- The Web Application port is 443, the default port for the HTTPS protocol. It can be changed by using the
xxxxstands for the value of the port. If you use a different port from the default one, it needs to be opened in the firewall. However, if you use port 443, you need to check whether it is not explicitly closed by the network administrator.
- a. If the connection to SQL Server is established via Windows Integrated authentication, you are prompted to enter the username and the password.
The domain name has to be mentioned as well, as follows: domain\user.
b. If the connection to SQL Server is not established via Windows Integrated Authentication, use the
-useSqlAuthentication switch and enter the SQL Server username and password.
- You are prompted to enter the SQL Server instance. You can also mention it by typing
-dbServerInstance xxxxin the command line. In either case, please employ one of the formats below.
machine\instance,port, such as
XSDB01\UiPath,1533, if the port and the SQL Server instance are not the default ones, and the SQL Server machine is different.
machine,port, such as
XSDB01,1533, if the SQL Server machine is different and the port is not the default one - 1433.
machine, such as
XSDB01, if a different SQL Server machine is used.
The name of the website is
UiPathOrchestrator. It can be changed by using the
-iisWebSiteName xxxxcommand line parameter.
- If the application pool associated with the website runs under the Windows identity, you are prompted to enter the corresponding username and password. You can override this by providing the
- The database name is
UiPath. You can provide a different name by using
- The directory where the website is deployed is
C:\inetpub\. You can change it by providing a different path in the
-directoryPath xxxxparameter. The website name does not need to be included -
D:\inetpub\wwwroot\, for example.
- You are prompted to mention the Elasticsearch URL. The default value is
computernamestands for the name of the computer on which Orchestrator is installed. A different value can be provided instead.
You can avoid being prompted to type the Elasticsearch URL in the following two cases:
If the URL is mentioned after the
If you specify the
-noElasticSearchswitch. In this case, Orchestrator does not direct the messages logged by the robots to any Elasticsearch URL.
- The automation packages made in UiPath Studio are published by default to the
NuGetPackagesfolder, which is located in the directory where Orchestrator is installed. A path example is
C:\inetpub\UiPathOrchestrator\NuGetPackages. You can change this value using the
-unsecureHttpswitch is no longer available. If you still want to use the HTTP protocol at your own risk, at least one certificate in the Personal store is required. In this case, you are prompted to mention the name of the certificate. After the installation, which is performed on HTTPS protocol, you need to perform the following actions manually:
a. Change the binding of the website in IIS. Add the HTTP protocol on port 80, then remove the binding that corresponds to the HTTPS protocol. The instructions on how to change the binding are available in the Using a Certificate for the HTTPS Protocol section.
Web.config, comment out or remove the
c. Restart the website.
- The installation works for a single Orchestrator instance, because the default value of
Off. If you plan to create several servers with Orchestrator in a Network Load Balancer, for High Availability, you need to provide the
-clusterMode FirstNodeparameter for the first Orchestrator node in the NLB, and
-clusterMode OtherNodefor all the remaining nodes.
The cluster installation implies several other parameters. See Cluster Installation for further information.
There is one special parameter left. It is called environmentName, of String type. It is blank by default. It enables you to easily add a second instance of Orchestrator on the same application server, without having to override the values of every parameter. It is meant to add a prefix to the following names:
mainDatabase. You still need to explicitly specify the port.
- The following command line creates the
TestUipathOrchestratorwebsite with an application pool called
C:\inetpub\UiPathOrchestratorTestdirectory, using port 445 and the
- The following command line creates the
.\Install-Orchestrator.ps1 -iisWebSitePort 445 -environmentName Test
.\Install-Orchestrator.ps1 -dbServerInstance "ROBOSQL01\second,1533" .\Install-Orchestrator.ps1 -dbServerInstance "ROBOSQL01" -elasticSearchUrl "http://elasticmachine:9200" -sslCertificate orchestrator.uipath.local .\Install-Orchestrator.ps1 -dbServerInstance "ROBOSQL01" -useSQLAuthentication .\Install-Orchestrator.ps1 -dbServerInstance "ROBOSQL01" -mainDatabase TST_B01_UiPath
- Open Windows PowerShell as an Administrator.
- Navigate to the folder where the PowerShell scripts and the
UiPath.Web.ziparchive are located.
- Before running the script, make the following decisions:
a. Whether the Application Pool identity or the Windows identity should be used. The
useAppPoolIdentityflag has to be specified only if the Application Pool identity is used.
b. Whether you want to use SQL authentication or Windows Integrated Authentication to connect the web application to the SQL Server database. The
useSQLAuthenticationflag is to be specified only if you want to use SQL authentication.
.\Install-Orchestrator.ps1with the command line parameters that suit your needs. You can skip providing any parameter, but you will be prompted to type some values.
-useSQLAuthenticationflag is used, the script prompts you to type the username and password for the database.
- Answer the questions in the script or press Enter to use the default values.
- Open IIS and refresh the Sites.
- Stop the Default Web Site, and then start the UiPathOrchestrator site.
If the SQL Server machine is the same as the one on which Orchestrator is installed, and the
useAppPoolIdentity option is used, you need to add the special user created by the script to SQL Server Security Logins, as follows:
- In SQL Server Management Studio, navigate to Security > Logins.
- Right-click the Logins folder and select New Login. The Login - New window is displayed.
- Make sure the Windows authentication option is selected. Use the
IIS APPPOOL\UiPath.Webname, which is the special user created by
Install-Orchestrator.ps1after employing the
- Check the FireWall rules. Please read the Configuring Firewall section for further information.
- Check the Elasticsearch settings in Orchestrator.
a. On the Orchestrator server, go to the home folder of the website and edit the
b. Check the value of
<target xsi:type="ElasticSearch" name="robotElastic".
The default setting in
web.config is this:
<logger name="Robot.*" writeTo="database,robotElasticBuffer" final="true" />. That means all the messages sent by the Robot are written to both Elasticsearch and the SQL database, regardless of their log level (Trace, Debug, Info, Warn, Error, Fatal). Find instructions on how to change that setting below.
Orchestrator 2016.2 uses the NLog library to redirect the messages received from Robots to different targets.
If you want to prevent the messages from being stored in the database, delete the word "database" from the
If you want to prevent the messages from being stored in Elasticsearch, delete the
robotElasticBuffer value from the
Orchestrator only extracts log messages from the database to display them in the Logs page. As a result, if you do not store logs in the SQL DB, the Logs page is empty.
Log messages can be stored in the database and in Elasticsearch separately, according to their level. For example, you can store the messages with level Trace, Debug, Info in Elasticsearch, and the messages with level Error and Fatal, in the database.
Here is how the
<rules> section in the
<nlog> section in
web.config should look.
<rules> <!-- messages coming from Robot, with level higher or equal to Error, are stored in the DB; the rule is not final, so the next rule will also be checked --> <logger name="Robot.*" minlevel="Error" writeTo="database" final="false" /> <!-- messages coming from Robot, with level between Trace and Warn, are stored in Elasticsearch; the rule is final, so no other rules when source is Robot will be checked --> <logger name="Robot.*" minlevel="Trace" maxlevel="Warn" writeTo="robotElasticBuffer" final="true" /> <logger name="Quartz.*" minlevel="Info" writeTo="eventLogQuartz" final="true" /> <logger name="*" minlevel="Info" writeTo="eventLog" /> </rules>
The database is described as a target for the messages by the
<target xsi:type="Database" name="database"> tag.
The SQL query to insert a message should be specified here; the name and structure of the table can be adjusted according to your own preference.
The Elasticsearch target depends on the usage of an extension created for NLog to be used with Elasticsearch.
This is the section:
<extensions> <add assembly="NLog.Targets.ElasticSearch" /> </extensions>
If you want to send messages to a different target, you need to find out if a NLog extension is available first.
For example, googling for "nlog extension for splunk" returns many useful pages, such as the following ones:
Use the following URL in the browser to access the Orchestrator website: https://<issued_to_of_certificate>. Do not use https://localhost.
If the certificate is issued to orchestratorsrv01.contoso.local, the URL is https://orchestratorsrv01.contoso.local.
The page below should be displayed:
The default username (admin) and password should be provided by our teams. These credentials can be changed in the Users page.
The database is automatically created if the SQL Server login has the
db_creator server role.
Updated 2 months ago
|Configuring the Firewall|
|Creating an Index Pattern to Connect to Elasticsearch|