orchestrator
2020.10
false
UiPath logo, featuring letters U and I in white
OUT OF SUPPORT

Orchestrator Installation Guide

Automation CloudAutomation Cloud Public SectorAutomation SuiteStandalone
Last updated Dec 12, 2023

Orchestrator Scripts

Publish to Orchestrator

The following table describes all the parameters that can be used with the Publish-Orchestrator.ps1.

Parameter

Description

-actionMandatory. Indicates the type of scenario you want to start. The following options are available:
  • Deploy - specifies it is a clean installation;
  • Update - specifies you are updating your Orchestrator instance.
-azureAccountApplicationIdMandatory. The Azure service principal ID. Please note that the used service principal needs to be assigned the Contributor role to the app service at the subscription scope.
-azureAccountPasswordMandatory. The Azure token password for the service principal ID.
-azureSubscriptionIdMandatory. The Azure subscription ID for the App Service that hosts Orchestrator.
-azureAccountTenantIdMandatory. The Azure tenant ID.
-resourceGroupNameMandatory. The name of the Azure Resource Group that contains the Orchestrator App Service.
-appServiceNameMandatory. The Orchestrator Azure App Service name.
-hostAdminPasswordMandatory only for fresh deployments, when -action is set to Deploy. Specify a custom password for the host administrator. Please note that passwords have to be least 8 characters long, and must have at least one lowercase character and at least one digit.
-isHostPassOneTimeOptional. Enables you to enforce a password reset on the first login for the host administrator. If this parameter is omitted, the host admin password is not a one-time password.
-defaultTenantAdminPasswordMandatory only for fresh deployments, when -action is set to Deploy. Specify a custom password for the default tenant administrator. Please note that passwords have to be least 8 characters long, and must have at least one lowercase character and at least one digit.
-isDefaultTenantPassOneTimeOptional. Enables you to enforce a password reset on the first login for the default tenant administrator. If this parameter is omitted, the tenant admin password is not a one-time password.
-packageMandatory. Indicate the full path of the UiPath.Orchestrator.Web.zip archive.
-activitiesPackagePathOptional. Specify the full path of the UiPathActivities.zip archive, which is included by default, starting with v2018.4.4, in UiPathOrchestrator.zip. This enables you to install the local activity feed in Azure at install-time. Please note that this parameter can be used only with the Legacy repository type. Otherwise, it has to be manually set up.
-testAutomationFeatureEnabledOptional. This parameter enables the Test Automation module, for test data queues, test execution and scheduling. You can enable this feature based on one of the following scenarios:

Start fresh with a clean Orchestrator install

Configure the following settings for your App Service before running the Publish-Orchestrator.ps1 script using the -testAutomationFeatureEnabled parameter:
  • AppSettings: Key=TestAutomation.ModuleEnabled - Set to True to enable the Test Automation module.
  • AppSettings: Key=TestAutomation.FeatureEnabledByDefault - Set to True to enable the Test Automation module by default. By default, this feature is disabled unless explicitly enabled.
  • ConnectionString: Name=TestAutomation - Set the Test Automation database connection string. You can either use a connection string similar to the one used for Orchestrator or a different one altogether. For example:

Server=13.13.13.13;Initial Catalog=UiPath;Persist Security Info=False;User ID=dbUser;Password=pass123; MultipleActiveResultSets=False;Encrypt=True; Connection Timeout=30;TrustServerCertificate=True

Make sure to mark these settings as Deployment slot setting, especially, if you are using hotswap slots.

Enable Test Automation post Orchestrator installation

If you already have deployed Orchestrator without enabling the Test Automation module, run the Publish-Orchestrator.ps1 script with the same parameters as for an upgrade, and add the -testAutomationFeatureEnabled parameter.

Upgrade Orchestrator

If you upgrade your Orchestrator instance, run the Publish-Orchestrator.ps1 script with the same parameters as for an upgrade, and add the -testAutomationFeatureEnabled parameter.
-robotsElasticSearchUrlOptional. This should be used only if you want to use Elasticsearch for logging. Provide the Elasticsearch URL as the value, such as "http://elasticserver:9200". If your Orchestrator instance requires authentication, provide the ElasticSearchUsername, ElasticSearchPassword, elasticSearchDiagnosticsUsername, and elasticSearchDiagnosticsPassword parameters.
-robotsElasticSearchTargetsOptional. This parameter enables you to send Robot logs only to the configured Elasticsearch server. Provide the Elasticsearch URL as the value, such as "http://elasticserver:9200". Please note that it can only be used in conjunction with the -robotsElasticSearchUrl parameter. If you do not provide this parameter, Robot logs are sent to both the configured SQL database and Elasticsearch.
-robotsElasticSearchUsernameOptional. This parameter enables you to indicate the username for your Elasticsearch instance if its authentication is enabled.
-robotsElasticSearchPasswordOptional. This parameter enables you to indicate the password for your Elasticsearch instance if its authentication is enabled.
-serverElasticSearchDiagnosticsUsernameOptional. This parameter enables you to indicate the username for your Elasticsearch instance if its authentication is enabled. This parameter together with elasticSearchDiagnosticsPassword "Password" are required for internal Orchestrator logs.
-serverElasticSearchDiagnosticsPasswordOptional. This parameter enables you to indicate the password for your Elasticsearch instance if its authentication is enabled. This parameter together with elasticSearchDiagnosticsUsername "Username" are required for internal Orchestrator logs.
-useQuartzClusteredOptional. A switch that indicates that this is a clustered installation.
-loadBalancerUseRedisOptional. Use Redis as a database to distribute messages and cache to and from all the machines connected through your load balancer. If -redisConnectionString is specified, it is automatically set to true, otherwise it is set to false.
-redisConnectionStringOptional. It can only be used if loadBalancerUseRedis is set to true. A connection string that enables you to set up your Redis server, which contains the URL of the server, the password, and port used with Redis. It is also possible to enable SSL encrypted connections between the Orchestrator nodes and the Redis service. For more information, please click here.

Examples:

  • with SSL enabled - -redisConnectionString "docs123.redis.cache.windows.net:6380,password=******,ssl=True"
  • without SSL enabled - -redisConnectionString "docs123.redis.cache.windows.net:6380,password=******,ssl=False"
-azureSignalRConnectionStringOptional. Helps you enable Azure SignalR Service, facilitating a direct communication between your Robot fleet and the SignalR Service - Orchestrator no longer intermediates it. Please note that, if enabled, Robots with a version lower than 2019.2 rely only on the Heartbeat protocol to communicate to Orchestrator, meaning that any command given from Orchestrator is picked up by a Robot only every 30 seconds. Example: -azureSignalRConnectionString "Endpoint=https://doctest.signalr.net;AccessKey=M1ug+sBu07hyyi12AgyJ52SEd4OgC2Mm6BvllVHCC9c=;Version=1.0;"
-storageTypeOptional. Defines the target where execution media and packages are to be saved. It can be populated with the following targets:
  • FileSystem - such as storageType "FileSystem". This is the default value in both update scenarios and clean installations, even if the parameter is not specified.
  • Azure - such as storageType "Azure".
  • Amazon - such as storageType "Amazon".
  • Minio - such as storageType "Minio".
If you have overridden the UiPath.Orchestrator.dll.config Storage.Type parameter in the Configuration section of the Azure App Service, when upgrading you need to pass this value as a script parameter to Publish-Orchestrator.ps1.
-storageLocationOptional. Defines the actual location where execution media and packages are to be saved. Particularities:
  • FileSystem - provide an absolute path in the RootPath=.\Storage format, such as storageLocation "RootPath=C:\FolderName\AnotherFolderName". This is the default value in both update scenarios and clean installations, even if the parameter is not specified.
  • Azure - provide a connection string, such as storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net".
  • Amazon - provide a connection string, such as storageLocation" "EndpointRegion=eu-west-3;accessKey=AKIAZGUEIGXUJ3BBI4MW;secretKey=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;useHttp=false".
  • Minio - provide a connection string, such as storageLocation" "host=localhost:9001;accessKey=YVKYFJ0ZY246KDKP0634;secretKey=bdBEk2ubhIFsTNPuQ80PjKL+oqZBj67HoSWBFnw1".

More information on these deployments types is available here.

If you have overridden the UiPath.Orchestrator.dll.config Storage.Location parameter in the Configuration section of the Azure App Service, when upgrading you need to pass this value as a script parameter to Publish-Orchestrator.ps1.
-standbyslotnameOptional. It can be used only in upgrade scenarios. If specified, the script deploys Orchestrator in the indicated app service slot instead of the Production one. Additionally, a swap slot is performed with the Production slot, with no downtime.

Prerequisites:

  • the standby App Service slot must point to a different SQL database.
  • the standby slot Connection String must be made slot sticky (by selecting the Slot Setting box in Azure Portal).
  • the Production slot UiPath.Orchestrator.dll.config file must be copied to the standby slot from the Production slot.
-productionSlotNameOptional. It can be used only if the Orchestrator App Service deployment slot is different from the default Production App Service Slot set by Azure.
-appSettingsOptional. Key-value pairs of application settings that are pushed to the Azure App Service Configuration section after deployment. Keep in mind that this only applies to settings from the App Settings section of the UiPath.Orchestrator.dll.config file. You can use this parameter to change specific settings that are not exposed through the Publish-Orchestrator.ps1 script. For the rest, please use their dedicated parameter while deploying the script.

Please note that existing settings are merged with new ones.

-stopApplicationBeforePublishOptional. If present, it stops the application before deployment and it starts it after the deployment is completed.
-unattendedOptional. If present, the deployment continues without any user confirmation.
-bucketsAvailableProviders
Optional. A string containing a comma-separated list of bucket providers you want to enable. If not specified, it defaults to Orchestrator,Amazon,Azure,Minio. You also have the option to enable the FileSystem provider by adding it to that list.
Caution: If you use the FileSystem provider and upgrade to 20.10.7 or later, you must pass in a value that includes FileSystem for this parameter. If you do not, this provider is disabled, and you will no longer be able to use those buckets.
-bucketsFileSystemAllowlist
Mandatory only when FileSystem is selected as a bucket provider. The list of locations you want to allow buckets to be created at for the FileSystem provider. If you enable the FileSystem provider, you must pass in a value for this parameter too. Values are a list of UNC paths, separated by the pipe symbol | (e.g. \\mysharedstorage\mybyckets\|\\myotherserver\myotherbuckets).

Parameters Persisted on Update

The following UiPath.Orchestrator.dll.config parameter values are automatically migrated and persisted when performing an update. To change them, provide new values when calling the Publish-Orchestrator.ps1 script.
-NuGet.Packages.ApiKey
-NuGet.Activities.ApiKey
-NuGet.Packages.Path
-NuGet.Activities.Path
-machineKey/@decryption
-machineKey/@decryptionKey
-machineKey/@validationKey
-EncryptionKey
-NuGet.Repository.Type
-Storage.Type
-Storage.Location
-LoadBalancer.Redis.ConnectionString
-LoadBalancer.UseRedis
-Scalability.AzureSignalR.ConnectionString
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@uri
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@username
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@password
-nlog/rules/logger/@name=Robot.*/@writeTo
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@uri
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@username
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@password
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@index
-nlog/rules/logger/@name=*/@writeTo-NuGet.Packages.ApiKey
-NuGet.Activities.ApiKey
-NuGet.Packages.Path
-NuGet.Activities.Path
-machineKey/@decryption
-machineKey/@decryptionKey
-machineKey/@validationKey
-EncryptionKey
-NuGet.Repository.Type
-Storage.Type
-Storage.Location
-LoadBalancer.Redis.ConnectionString
-LoadBalancer.UseRedis
-Scalability.AzureSignalR.ConnectionString
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@uri
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@username
-nlog/targets/target/@name=robotElasticBuffer/@name=RobotElastic/@password
-nlog/rules/logger/@name=Robot.*/@writeTo
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@uri
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@username
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@password
-nlog/targets/target/@name=serverElasticBuffer/@name=serverElastic/@index
-nlog/rules/logger/@name=*/@writeTo

Examples

Single Node Installation

The following example enables you to perform a clean install of Orchestrator on one node, use Elasticsearch for logging, and save packages in the Azure blob storage and their metadata in the SQL database. The procedure occurs in an -unattended manner and logs its steps at the -verbose level.
.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-verbose.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-verbose

Multi-node Installation

The following example enables you to perform a clean install of Orchestrator on multiple nodes and use Elasticsearch for logging and Redis for caching and message distribution. Packages are saved in the Azure blob storage and their metadata in the SQL database. The procedure occurs in an -unattended manner and logs its steps at the -verbose level.
.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-useQuartzClustered `
-redisConnectionString "docs123.redis.cache.windows.net:6380,passwprd=******,ssl=True" `
-azureSignalRConnectionString "Endpoint=https://doctest.signalr.net;AccessKey=*****;Version=1.0;" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-verbose.\Publish-Orchestrator.ps1 `
-action "Deploy" `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-useQuartzClustered `
-redisConnectionString "docs123.redis.cache.windows.net:6380,passwprd=******,ssl=True" `
-azureSignalRConnectionString "Endpoint=https://doctest.signalr.net;AccessKey=*****;Version=1.0;" `
-robotsElasticSearchUrl "http://docelasticserver:9200" `
-hostAdminPassword "12345qwert" `
-defaultTenantAdminPassword "12345qwert" `
-storageType "Azure" `
-storageLocation "DefaultEndpointsProtocol=https;AccountName=usr;AccountKey=...;EndpointSuffix=core.windows.net" `
-verbose

Multi-node Update

The following example enables you to upgrade an existing multi-node Orchestrator to the latest available version, without changing any pre-existing setting. The procedure occurs in an -unattended manner and logs its steps at the -verbose level.
Publish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-verbosePublish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-verbose
The following example enables you to upgrade an existing multi-node Orchestrator to the latest available version while changing only the value of the Webhooks.Enabled and Telemetry.Enabled parameters to false. The procedure occurs in an -unattended manner and logs its steps at the -verbose level.
Publish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-appSettings @{"Webhooks.Enabled"="false"; "Telemetry.Enabled"="false"} `
-verbosePublish-Orchestrator.ps1 `
-action Update `
-unattended `
-package "E:\Work\Orch\Setup\UiPath.Orchestrator.Web.zip" `
-stopApplicationBeforePublish `
-azureSubscriptionId "8e34be72-1937-4aa0-b70e-81bab19gbf0a" `
-azureAccountTenantId "f8350d2a-n153-4d17-8927-902c51f72797" `
-azureAccountApplicationId "$AzureApplicationId" `
-azureAccountPassword "$AzurePassword" `
-resourceGroupName "DocTest-Orch-RG" `
-appServiceName "DocTests123" `
-appSettings @{"Webhooks.Enabled"="false"; "Telemetry.Enabled"="false"} `
-verbose
  • Publish to Orchestrator
  • Parameters Persisted on Update
  • Examples
  • Single Node Installation
  • Multi-node Installation
  • Multi-node Update

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2025 UiPath. All rights reserved.