As of v2020.4.1, UiPath integrates Thales (previously SafeNet) Luna HSMs, making it possible for Unattended Robots to log into Windows by using the HSM (Hardware Security Module). Thales HSM is a hardware cryptographic key storage which allows enterprises, and not only, to provide an extra layer of security when logging into Windows by using the keys stored in the corresponding HSM.
Activating this type of login requires a few configuration steps in Orchestrator and on the machine on which the Unattended Robots connect to.
- Create an Unattended Robot with the user specifications for which you want to activate Thales login.
1.1. For the password, make sure to check the The password represents a SmartCard Pin box.
1.2. Provide the PIN required to access the HSM in the Password field.
- Create a Machine in Orchestrator. Please note that the machine on which the Unattended Robot runs needs to have access to the HSM, which means they should be in the same network.
- On the machine on which the Unattended Robots are going to run, navigate to the UiPath installation folder (
C:\Program Files (x86)\UiPath).
- Open the
UiPath.configfile with a text editor, such as Notepad++.
- In the
sessionSettingssection, add the following argument:
<sessionSettings> <add key="CspName" value="Thales LCS Key Storage Provider" /> </sessionSettings>
- Save the
UiPath.configfile and close it.
- Restart the Robot Service on that machine for changes to take effect:
5.1. Open the Task Manager.
5.2. Switch to the Services tab.
5.3. Locate the
UiRobotSvcservice, right-click it, and choose Restart. The Robot Service now restarts, with all the necessary configurations saved and ready.
From now on, all Robots which run on the specific machine use the Thales Luna Network HSM to log into Windows.
Updated about a month ago