- Getting started
- Best practices
- Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- SmartCard Authentication
- Audit
- Resource Catalog Service
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Other Configurations
- Integrations
- Classic Robots
- Host administration
- Organization administration
- Troubleshooting
CyberArk® Integration
Before you can begin to use CyberArk® credential stores in Orchestrator, you must first set up the corresponding application and safe settings in the CyberArk® PVWA (Password Vault Web Access) interface.
- The CyberArk® plugin is set in your Orchestrator
UiPath.Orchestrator.dll.config
file as described here. - CyberArk® Enterprise Password Vault must be installed on a machine that can communicate directly with the one where Orchestrator is installed.
-
CyberArk® AAM (Application Access Manager) must be installed on the same machine as Orchestrator. For multi-node Orchestrator configurations, an AAM instance must be installed on each Orchestrator node.
Note: If upgrading an Orchestrator instance with an existing CyberArk® configuration in theUiPath.Orchestrator.dll.config
file, a credential storeCyberArk Robot Credentials
with those settings will be automatically created in all tenants and set as the default store for robots. Your existing robots are migrated to this new credential store.
For more information about installing and configuring CyberArk® applications, please visit their official page.
From the CyberArk® PVWA, you must perform the following steps:
Safes are required to help you better manage your accounts. Also, you can add safe members to ensure proper authorization. CyberArk® recommends adding a credential provider (a user with full rights over the credentials can add and manage them) and the previously created application as safe members. The latter enables Orchestrator to find and retrieve the passwords stored in the safe.
Your integration is complete, and you can begin provisioning CyberArk® credential stores in Orchestrator. For details on storing Robot credentials, see here.