Orchestrator Installation Troubleshooting

Inconsistent Connection Strings Lead to Errors in Multi-node Environments

In multi-node environments, the connection string of all nodes must be identical. Make sure there are no inconsistencies as this would cause the nodes to have different connection strings and could trigger errors. Note that even small mismatches such as an extra space would lead to an issue.

Package Migration Has Completed. Some Packages Have Failed to Migrate.

Thrown if the migration failed for a number of packages. Please make sure the following:

You have enough disk space - If you want to store the migrated packages on the same machine make sure that at least twice the size of your packages is available. E.g., if the packages take up 1GB of storage, there should be at least 2GB of free space remaining.
You have the appropriate permissions - You need Read and Write privileges on Packages.

Workaround: Packages that were not automatically migrated can be uploaded using the Upload Package feature in Orchestrator. Learn how to manually upload packages to Orchestrator.

The Remote Certificate Is Invalid

This occurs when the public key of the certificate is not imported or it is not imported in the trusted root certification authorities of the local machine. Read about Web Certificates for more information.

Invalid Identity Access Token Authentication Options. Please Check Web.config

This error can occur if you've not installed Identity Server along with Orchestrator while using the Azure App Service installation script. Orchestrator only works with Identity Server, thus both have to be installed.

To solve or avoid this issue, perform all the steps listed here to install Identity Server along with Orchestrator.

Too Many Redirects

This error can occur in several situations:

Certificate URL Mismatch

The Too Many Redirects error can occur if the Identity Server's SSL certificate doesn’t match the URL used for Orchestrator and Identity Server.

Check if this is your case by getting the values for ExternalAuth.System.OpenIdConnect.Authority and IdentityServer.Integration.Authority keys in Orchestrator's web.config file and opening them in a Chrome browser. The browser indicates if there’s something wrong with the certificate.

Faulty ASP.NET Core Web Hosting Bundle Installation

The Too Many Redirects error can occur if ASP.NET Core Web Hosting Bundle is not installed properly.

Check if this is your case by opening https://localhost/identity in a browser. The 500.19 Error Code: 0x8007000d error indicates a missing or malformed web.config file.

The obvious solution for this issue is to reinstall the ASP.NET Core Web Hosting Bundle.

Mismatched URLs Between Orchestrator and Identity Server

The Too Many Redirects error can occur if the Host name and the Orchestrator public URL fields within the UiPath Orchestrator Setup wizard had different values. During installation, make sure to enter the same URL for Host name in the Orchestrator IIS Settings step of the wizard, and for Orchestrator public URL in the Identity Server Settings step of the wizard.

Important: Pay special attention to the Orchestrator public URL field, because it is auto-populated with the local server's URL, which might not match with the Host name for Orchestrator.

As a workaround for the Identity Server misconfiguration described above, you should perform changes in Orchestrator's UiPath.Orchstrator.dll.config file and in Identity Server's [identity].[ClientRedirectUris] database table, changing the wrong, possibly local server URL, with Orchestrator's Host name value.

After performing the changes required by this workaround, restart IIS using the IISReset command-line utility and restart your browser. You should be able now to log in to Orchestrator.

Changes Needed in `UiPath.Orchestrator.dll.config`

Update the following keys in Orchestrator's UiPath.Orchestrator.dll.config file to the value used for Orchestrator's Host name:

IdentityServer.Integration.Authority
ExternalAuth.System.OpenIdConnect.Authority
ExternalAuth.System.OpenIdConnect.RedirectUri
ExternalAuth.System.OpenIdConnect.PostLogoutRedirectUri
```
<add key="IdentityServer.Integration.Authority" value="https://Orchestrator/Identity" />
<add key="ExternalAuth.System.OpenIdConnect.Authority" value="https://Orchestrator/Identity" />
<add key="ExternalAuth.System.OpenIdConnect.RedirectUri" value="https://Orchestrator/signinsystemopenidconnect" />
<add key="ExternalAuth.System.OpenIdConnect.PostLogoutRedirectUri" value="https://Orchestrator" /><add key="IdentityServer.Integration.Authority" value="https://Orchestrator/Identity" />
<add key="ExternalAuth.System.OpenIdConnect.Authority" value="https://Orchestrator/Identity" />
<add key="ExternalAuth.System.OpenIdConnect.RedirectUri" value="https://Orchestrator/signinsystemopenidconnect" />
<add key="ExternalAuth.System.OpenIdConnect.PostLogoutRedirectUri" value="https://Orchestrator" />
```
Note: Replace all occurrences of https://Orchestrator with your own Orchestrator's Host name value.

Changes Needed in `[identity].[ClientRedirectUris]`

Update the incorrect entries in Identity Server's [identity].[ClientRedirectUris] database table with the value found in UiPath.Orchestrator.dll.config's ExternalAuth.System.OpenIdConnect.RedirectUri key.

For example, if a RedirectUri pointed incorrectly to a local server's URL, change it to point to https://Orchestrator/signinsystemopenidconnect.

Note: Replace https://Orchestrator with your own Orchestrator's Host name value.

On this page