- Getting started
- Best practices
- Organization Modeling in Orchestrator
- Managing Large Deployments
- Automation Best Practices
- Tenant
- Actions
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Action Catalogs
- Profile
- System Administrator
- Identity Server
- Authentication
- Other Configurations
- Integrations
- Classic Robots
- Troubleshooting
Managing Large Deployments
The features and capabilities of Orchestrator are focused on enabling your organization to easily deploy and manage its automation solutions on any scale. Development of these capabilities was based upon incorporating the following aspects:
-
Simplified Deployment and Management
- Enhanced integration of Active Directory groups to manage automation and robot access for users.
- Use of Active Directory groups for the delegation and control of management access.
-
Flexible User Permissions
- The ability to isolate management of automation solutions across teams and departments.
- Delegation of administration over automation solutions to team or department Administrators.
- Enable sharing of automation solutions between teams, departments, or company-wide.
These aspects are manifested in the Active Directory integration with Orchestrator and the organization modeling paradigm.
An enhanced integration model with your organization's Active Directory provides for simplified user and group management in Orchestrator:
- All directory users are potential Orchestrator users. Read more about User Types and Adding Users.
- Only permissions for Directory User or Directory Group access to Orchestrator resources (i.e. robots, assets, etc.) need to be managed in Orchestrator. Learn more About Roles and Managing Roles.
-
AD group membership and roles are cached in Orchestrator, being synced at login and refreshed every hour. You no longer need to manually update an Orchestrator user whenever their AD membership changes.
Important: If you grant any user permissions explicitly within Orchestrator, that user and the assigned permissions will persist in Orchestrator regardless of changes to their AD group membership.
Folders can be used for the isolated and independent management of both users and resources within Orchestrator:
- Orchestrator automation resources are grouped within the folder context as opposed to being tenant-wide. Read more about Folder Types and their intrinsic resources, and the related Permissions for global versus folder resources.
- Access to automation solutions is managed by granting users or groups access to a folder and the requisite permissions to execute the processes contained there. Those processes are then visible to the user in the robot tray. See how to Manage Folders and Add Users.
- Authorized users are automatically granted a license, if available, upon connecting a robot to Orchestrator.