- Getting started
- Best practices
- Tenant
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Other Configurations
- Integrations
- Classic Robots
- Host administration
- About the host level
- Managing system administrators
- Managing tenants
- Configuring system email notifications
- Audit logs for the host portal
- Maintenance Mode
- Organization administration
- Troubleshooting
CyberArk® Integration
Before you can begin to use CyberArk® credential stores in Orchestrator, you must first set up the corresponding application and safe settings in the CyberArk® PVWA (Password Vault Web Access) interface.
- The CyberArk® plugin is set in your Orchestrator
UiPath.Orchestrator.dll.config
file as described here. - CyberArk® Enterprise Password Vault must be installed on a machine that can communicate directly with the one where Orchestrator is installed.
-
CyberArk® AAM (Application Access Manager) must be installed on the same machine as Orchestrator. For multi-node Orchestrator configurations, an AAM instance must be installed on each Orchestrator node.
Note: If upgrading an Orchestrator instance with an existing CyberArk® configuration in theUiPath.Orchestrator.dll.config
file, a credential storeCyberArk Robot Credentials
with those settings will be automatically created in all tenants and set as the default store for robots. Your existing robots are migrated to this new credential store.
For more information about installing and configuring CyberArk® applications, please visit their official page.
From the CyberArk® PVWA, you must perform the following steps:
Safes are required to help you better manage your accounts. Also, you can add safe members to ensure proper authorization. CyberArk® recommends adding a credential provider (a user with full rights over the credentials can add and manage them) and the previously created application as safe members. The latter enables Orchestrator to find and retrieve the passwords stored in the safe.
Your integration is complete, and you can begin provisioning CyberArk® credential stores in Orchestrator. For details on storing Robot credentials, see here.