Web.config file (
C:\Program Files (x86)\UiPath\Orchestrator) contains multiple settings that enable you to configure Orchestrator to your liking. Most of the parameters that interest you can be found under
appSettings, but there might be some logging configurations that can be changed after install.
It is recommended that only administrators change the values of these parameters.
Additionally, it is recommended that you shut down the IIS site in order to modify
web.config settings under any circumstances.
DeploymentUrl- The address of a web app that uses the NuGet protocol (NuGet, MyGet), so that you can store your packages. By default, this is empty as Orchestrator provides a default NuGet package manager. This value should be changed only if you install Orchestrator in a cluster. For this to work properly, you also have to configure the following parameters:
NuGet.Packages.Pathas described below.
MonitoringUrl- The URL where you set up the Monitoring service. By default, this value is blank as Orchestrator comes with its own monitoring endpoint.This value should be changed only if you install Orchestrator in a cluster.
NotificationHubUrl- The URL where the SignalR channel is located. By default, this value is blank as Orchestrator comes with its own notification endpoint. This value should be changed only if you install Orchestrator in a cluster.
LoggingUrl- The URL where you want to save logs. By default, this value is blank as Orchestrator comes with its own logging endpoint. This value should be changed only if you install Orchestrator in a cluster.
LoggingIndex- The ElasticSearch index. By default, it is set to
QueuesSvcUrl- The URL address of the Queues service. By default, this value is blank as Orchestrator comes with its own queues endpoint. This value should be changed only if you install Orchestrator in a cluster.
EncryptionKey- The encryption key used to secure passwords from credential assets. If you are using an environment with a network load balancer, this key should be the same for all machines.
autogenerateStatistics- Automatically generates transaction charts. By default, this parameter is set to true.
inProgressMaxNumberOfMinutes- The maximum amount of time queue items can have the In Progress status. After this time, the status of the queue items changes to Abandoned. By default, this is set to 1440 minutes (24 hours).
QueuesStatisticsScheduleCron- The amount of time at which to update queue items statistics in the Dashboard and Transactions page, and the Chart window. By default, they are updated every minute.
UpdateUncompletedItemsJobCron- The amount of time at which to look in the database for queues that need to be moved to Abandoned. By default, this parameter is set to every hour.
DailyAlertMailJobCron- If e-mail alerts are enabled, a report (with all Fatal and Error messages that were received during the previous day) is sent every day at 7 a.m.
Alerts.Email.Enabled- Enable or disable e-mail alerts for Fatal and Error messages. This parameter corresponds to the Enable Alerts Email check box from the Settings page. By default, it is set to
false. For it to work, you also have to configure the e-mail related settings, from the Settings page.
NotificationDistributerJobCron- the frequency with which alert notifications are sent to the interface. Alerts are sent by default every 10 seconds.
PeriodicErrorMailJobCron- the frequency with which email alerts should be sent. The default value is every 10 minutes.
PasswordComplexity- Controls the validation rules for password complexity and is expressed using regular expressions. The complexity applies to all passwords (including the host admin one) by default but each tenant can customize their user login password complexity in the Security tab of the Settings page. By default, passwords must contain at least 8 characters and at least one letter and a digit.
NuGet.Packages.Path- The NuGet path to the packages folder. By default, this is
~/NuGetPackages. This can be a virtual or physical path.
NuGet.Packages.ApiKey- The license key of your NuGet account. If the activities and packages are stored in the same NuGet feed, the value of this parameter has to be identical to the
NuGet.Activities.Path- The NuGet path to the activities folder. By default, this is
NuGet.Activities.ApiKey- The license key of your NuGet account. If the activities and packages are stored in the same NuGet feed, the value of this parameter has to be identical to the
NuGet.EnableFileSystemMonitoring- Constantly monitors the NuGet feed for packages updates, and reflects the changes in the local packages folder.
Google authentication only works if Orchestrator is set up on a top-level domain.
ExternalAuth.Google.Enabled- Enables or disables Google authentication. By default, this is set to
ExternalAuth.Google.ClientId- A Google API code required for Google authentication. This cannot work without the
ExternalAuth.Google.ClientSecret- A Google API code required for Google authentication. This cannot work without the
AcceptedRootUrls parameters have to be configured before you can import Active Directory groups.
WindowsAuth.Enabled- Enables or disables Windows Active Directory authentication. It is automatically set according to what you chose during the installation process. By default, it is set to
WindowsAuth.Domain- The Windows domain that the users from the Active Directory that you want to import are connected to.
WindowsAuth.AutoLogin.Enabled- Enables or disables Windows automatic login. The value of this parameter is set during the installation or upgrade process.
AcceptedRootUrls- Enables you to add a list of trusted URLs. If no value is attributed to this setting, then no one can access Orchestrator.
Auth.Cookie.Expire- The amount of time after which you are automatically logged off, in minutes. By default, this is set to 60 minutes.
Tenant.Registration.Enabled- Enables the creation of tenants, from the Login page, so that data can be isolated according to teams. By default, this is set to
These settings should only be modified if you are using a load balancer.
LoadBalancer.UseSqlServer- Use the default SQL database to distribute messages to and from all the machines connected through your load balancer. By default, it is set to
LoadBalancer.UseRedis- Use Redis as a database to distribute messages and cache to and from all the machines connected through your load balancer. By default, it is set to
LoadBalancer.Enabled- Enables a load balancer set-up when set to
true.By default, it is set to
LoadBalancer.Redis.Server- The URL of your Redis server.
LoadBalancer.Redis.Password- The password for your Redis server.
LoadBalancer.Redis.Port- The Redis server port.
LoadBalancer.Redis.EnableClientManager- Enables load balancing for Redis. By default, it is set to
Vault.Type- Enables you to select where Robot credentials are stored. The following options are available:
default- Robot credentials are stored in the Orchestrator database.
CyberArk- Robot credentials are stored in CyberArk’s Security vault, provided you correctly filled in the
Vault.CyberArk.AppId- The application id, as it is in the CyberArk® Enterprise Password Vault®.
Vault.CyberArk.Safe- The safe name, as it is in CyberArk® Enterprise Password Vault®.
Vault.CyberArk.Folder- The location in which your credentials are stored in CyberArk® Enterprise Password Vault®, such as
OrganizationUnit.Enabled- When set to
true, it enables you to add an additional level of data separation, through organization units. By default, it is set to
false.Keep in mind that this functionality is considered experimental