August 2023

23 August 2023

Troubleshooting pending jobs

You will have likely wondered why your job was stuck in a Pending status, with no idea how to get it to run. We are coming to your aid with a section in the Job Details windows that is solely dedicated to the reasons why your job has not yet started. What is more, if available, you get actionable advice for each reason - this can either be a link that directs you to the section in Orchestrator where you can fix the problem, or a specific action to take for your particular scenario. In case you do not have permissions to fix the problem, you may need to ask for help from an administrator.

Dots in storage bucket names

Non-consecutive dots are now allowed in Amazon S3 storage bucket names.

Roles and permissions changes

Roles help thoroughly control access to Orchestrator features and objects, allowing you to reliably separate users based on their permissions. In an effort to make this task as easy and effective as possible, we are making several changes to our default roles.

Permission changes

The Automation User folder role and the Allow to be Automation User tenant role no longer have permission to publish processes. This gives the role the minimum folder level permissions needed to execute processes. This way, we ensure that personal user packages do not accidentally get published without first being reviewed.

New roles

Two new sets of roles are available, allowing you to combine several roles so as to achieve the desired results while still maintaining granularity:

Automation Publisher and Allow to be Automation Publisher - only contains the permissions needed for publishing processes to Orchestrator, and can be combined with any existing role.
Automation Developer and Allow to be Automation Developer - can create automations.

Note:

New roles are added as read-only.

In the unlikely event that an organization already contains a custom role with the same name as one of the new roles mentioned above, we will rename it to "Role name - custom". This way, both roles can be used.

Assignment changes

When you assign a default folder role, you are automatically prompted to also assign its tenant counterpart. This is how we ensure that you are not missing any permissions needed for your automations.

Note:

Known issue: This option does not work for Active Directory users or groups.

Removal checks

When the Orchestrator Administrator role is unassigned from a user, we check that they are not the last user with that role. The same check applies when deleting a user or a group if there are no other users or groups with the Administrator or the Orchestrator Administrator role.

Unattended robot setup

Unattended automation is one of the core functionalities of Orchestrator, allowing you to set up tasks that can then be carried out on their own, with no human involvement whatsoever. Its seemingly simple output is, however, built on top of a complex foundation, which involves piecing together just the right components.

In an attempt to help you seamlessly navigate the setup process, we have created the Unattended Robot setup option, which is available in the Create new menu of the Orchestrator toolbar.

You currently have the option to set up a process based on a self-hosted machine template, which is selected by default, with more to choose from coming soon.

Clicking Get started allows you to start selecting the necessary Orchestrator objects for your future unattended automation: machine template, robot account, folder, and connection settings. Each step comes with detailed instructions and helpful tips, as well as links to sections where you can create any required objects.

Automatically provisioning Serverless machines in personal workspaces

The Personal Workspaces option Enable Cloud Robot - Serverless automatically was renamed to Automatically configure Serverless machines in Personal Workspace for Studio Web users.

This clears the confusion around what selecting or clearing the option does. In short, if you leave this option enabled, when you use Studio Web, a Serverless machine is automatically provisioned in your personal workspace. Clearing the option stops the automatic provisioning of Serverless machines, but it does not deallocate those already provisioned. To remove existing Serverless machine templates from your personal workspace, you must deallocate them manually.

Conversion of inactive personal workspaces

When you convert an inactive personal workspace to a folder, it now becomes available only to the administrator who initiated the conversion. As such, no other users will have access to it.

New HashiCorp Vault secrets engine

The OpenLDAP store is now available as a secrets engine for HashiCorp Vault.

Bug fixes

Using the Upload JSON and override option at the transaction level, in the Edit queue item window, allowed you to bypass important validations related to unsupported characters. This would lead to errors when trying to use that particular queue. The issue no longer occurs.

16 August 2023

Minutes in SLA predictions

You can now set SLA predictions with more granularity, as we have added the Minutes field to both the Enable SLA for this queue and Risk SLA sections.

10 August 2023

Updated storage limit for output arguments

To optimize performance and align with industry standards, we've adjusted the allowed storage limits for output arguments to 30 MB for Enterprise customers. After a 3-month transition period, beginning November 2023, the storage limit will be further reduced to 1 MB.

Starting from May 2023, the 1 MB storage limit has already been enforced for Free and Community customers.

8 August 2023

Role assignment improvements

We have made some changes that are sure to bring more clarity into how you edit the roles assigned to accounts, groups, robots, and external applications, either at the tenant level, from the Folders page, or at the folder level, from the Settings page.

If you want to edit the roles assigned to a particular entity, you now have two contextual menu options:

Edit role in this folder - allows you to change the roles assigned to the entity at the folder level.
Edit tenant role & robot (optional) - allows you to change the roles assigned to the entity at the tenant level.

Introducing machine maintenance mode

You now have the option to take your machine offline whenever you want to perform maintenance on it. It can be enabled from the tenant-level Monitoring page, in the Unattended sessions section, by switching the toggle in the Maintenance column to On.

When you enable the option, you are given the choice to either wait for running jobs to finish, or to kill all running jobs before going into maintenance mode. Pending jobs, however, keep their status until they are picked up.

Time columns consolidation in exports

Reports containing exported data from queue transactions, audit, logs, and jobs pages included instances of duplicate information which are now cleaned up. Specifically, exports now only contain absolute time columns, which are expressed in the tenant's timezone.

Bug fixes

Due to a lack of synchronization, changes made to robot accounts and external applications at the organization level were not reflected in Orchestrator. Now, when you delete or rename an external application or when you delete a robot account at the organization level, the same thing happens to these entities in the Orchestrator folders where they were added.

3 August 2023

Group Alerts

Now you can set alert subscriptions for groups. This way you can control what alert types a group receives, based on the common denominator of the group members.

Subsequent alert emails are then sent to users that are part of those groups, provided those users have View permission on Alerts at group level.

Known issues:

Alert emails sent to groups may be written in English, regardless of the language preference of individual group members.
Local users part of local and mail-enabled AD/AAD groups may receive duplicate emails for alerts that have been generated for both groups.

When can I see these changes?

The date when a change is first announced in the release notes is the date when it first becomes available.

If you don't see the change yet, you can expect to see it soon, after we roll out changes to all the regions.

More information

Deprecation timeline

We recommend that you regularly check the deprecation timeline for any updates regarding features that will be deprecated and removed.

Orchestrator release notes

Was this page helpful?