- Getting started
- Best practices
- Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read only)
- Storing Unattended Robot Credentials in AWS Secrets Manager (read only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- Configuring automation capabilities
- Audit
- Resource Catalog Service
- Automation Suite Robots
- Folders Context
- Automations
- Processes
- Jobs
- Apps
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Orchestrator testing
- Integrations
- Troubleshooting
Orchestrator user guide
This applies to Robot versions 2023.4 and 2023.10.
- Windows Robots versions 2023.4 and 2023.10
- Automation Cloud Robots - VM
- Enable SignalR. Details...
- Install a VNC server by following these steps:
- Download TightVNC. The version we currently support is 2.8.75.
- Run the installer, and, once you get to the Choose Setup Type screen, select Custom.
- Click Next.
- Make sure that the Register TightVNC Server as a system service option (under TightVNC Service configuration) is not selected.
- If you are using a physical machine, a monitor must be connected to it.
The minimum network requirements for a live streaming and remote control session to work smoothly can vary significantly, due to a number of factors:
-
The robot's screen resolution
-
The changes driven by your automation - the more dynamic the changes in images and text, the higher the volume of traffic
-
The latency between your machine and the Automation Cloud region
-
The latency between your robot and the Automation Cloud region
Considering the above, we recommend a 3MB/s network bandwidth for a 1920x1080 screen resolution.
The live streaming connection between the client and the target machine is tunneled through TLS via the VNC proxy, meaning that the server is secured. Additionally, every time a live streaming session is started, a unique JWT Token is generated and used to authenticate the request. The only instance of unsecured traffic is on the robot machine for the localhost connection.
On the robot side, a unique password is generated for each job, and set for the VNC server. The server only runs during the live streaming session. When the user disconnects from the session, the VNC server closes as well.
Network flow
-
The Orchestrator VNC client connects to the same live streaming proxy whose job
is to pair the two websockets: one from the VNC client in the browser, and the
other from the robot. It then creates a tunnel between the two websockets and
forwards any traffic from one websocket to the other.
The VNC client uses two ports: 443 and 5900.
Port 443 must be open to connect to an auxiliary online service.
Port 5900 operates locally on the same machine to tunnel traffic between two applications.
For the communication to work, these ports need to be opened bidirectionally to allow both incoming and outgoing traffic.
TightVNC configuration
Before the session starts on the local machine, HTTP connections are disabled, and the VNC server is configured to not accept connections outside the local machine.
