UiPath Documentation
orchestrator
2022.10
false
  • Getting started
    • Introduction
    • User Options
    • Logging in to Orchestrator
    • Resetting Your Password
    • My Profile
    • Robots
      • Robot Statuses
      • Robot Settings
    • Auto Updating Client Components
    • Orchestrator Configuration Checklist
  • Best practices
    • Organization Modeling in Orchestrator
    • Managing Large Deployments
    • Automation Best Practices
    • Optimizing Unattended Infrastructure Using Machine Templates
    • Organizing Resources With Tags
    • Orchestrator Read-only Replica
  • Tenant
    • About the Tenant Context
    • Searching for Resources in a Tenant
    • Robots
      • Managing Robots
      • Connecting Robots to Orchestrator
      • Storing Robot Credentials in CyberArk
      • Storing Unattended Robot Passwords in Azure Key Vault (read-only)
      • Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
      • Deleting Disconnected and Unresponsive Unattended Sessions
      • Robot Authentication
      • Robot Authentication With Client Credentials
      • SmartCard Authentication
    • Folders
      • Managing Folders
      • Classic Folders Vs Modern Folders
      • Migrating From Classic to Modern Folders
      • Administration of Modern Folders
      • Personal Workspaces
      • Managing Personal Workspaces
    • Monitoring
      • Unattended Sessions
      • User Sessions
      • License
    • Managing Access and Automation Capabilities
      • Assigning Roles
      • Managing Roles
      • Default Roles
      • FAQ
      • Enabling Users to Run Personal Automations
      • Enabling Users to Run Automations on Unattended Infrastructure Via Unattended Robots
      • Configuring Robot Accounts to Run Unattended Automations
    • Machines
      • Managing Machines
      • Assigning Machine Objects to Folders
      • Configuring Account-machine Mappings
      • EDR Protection Status
    • Packages
      • Managing Packages
      • About Libraries
      • Managing Libraries
    • Audit
    • Credential Stores
      • Managing Credential Stores
      • CyberArk® Integration
      • CyberArk® CCP Integration
      • Azure Key Vault Integration
      • HashiCorp Vault Integration
      • BeyondTrust Integration
      • Thycotic Secret Server Integration
    • Webhooks
      • Types of Events
      • Managing Webhooks
    • Licensing
      • Managing Your Licenses
    • Alerts
      • Configuring User Alerts
      • Alert Emails
      • Setting up Alert Emails
    • Settings
      • Deployment Tab
      • Robot Security Tab
      • Scalability Tab
  • Resource Catalog Service
    • About Resource Catalog Service
  • Folders Context
    • About the Folders Context
    • Home
  • Automations
    • About Automations
  • Processes
    • About Processes
    • Managing Processes
    • Managing Package Requirements
    • About Recording
  • Jobs
    • About Jobs
    • Managing Jobs
    • Job States
    • Working with long-running workflows
    • Running Personal Remote Automations
    • Troubleshooting Jobs
  • Triggers
    • About Triggers
    • Managing Triggers
    • Using Cron Expressions
  • Logs
    • About Logs
    • Managing Logs in Orchestrator
    • Logging Levels
    • Orchestrator Logs
  • Monitoring
    • About Monitoring
    • Machines
    • Processes
    • Queues
    • Queues SLA
    • Exporting usage data
  • Queues
    • About Queues and Transactions
      • Queue Item Statuses
      • Business Exception Vs Application Exception
      • Studio Activities Used With Queues
    • Bulk Uploading Queue Items Using a CSV File
    • Managing Queues in Orchestrator
    • Managing Queues in Studio
    • Managing Transactions
      • Editing Transactions
      • Field Descriptions for the Transactions .csv File
    • Review Requests
  • Assets
    • About Assets
    • Managing Assets in Orchestrator
    • Managing Assets in Studio
    • Storing Assets in Azure Key Vault (read-only)
    • Storing Assets in HashiCorp Vault (read-only)
  • Storage Buckets
    • About Storage Buckets
      • CORS/CSP Configuration
    • Managing Storage Buckets
    • Moving Bucket Data Between Storage Providers
  • Orchestrator testing
    • Test Automation
    • Test Cases
      • Field Descriptions for the Test Cases Page
    • Test Sets
      • Field Descriptions for the Test Sets Page
    • Test Executions
      • Field Descriptions for the Test Executions Page
    • Test Schedules
      • Field Descriptions for the Test Schedules Page
    • Test Data Queues
      • Managing Test Data Queues in Orchestrator
      • Managing Test Data Queues in Studio
      • Field Descriptions for the Test Data Queues Page
      • Test Data Queue Activities
  • Other Configurations
    • Increasing the Size Limit of Package Files
    • Setting up Encryption Key Per Tenant
    • GZIP Compression
  • Integrations
    • About Input and Output Arguments
      • Example of Using Input and Output Arguments
  • Classic Robots
    • Robots
      • Managing Robots
      • Robot Statuses
      • Setup Samples
    • Environments
      • Managing Environments
    • Jobs
    • Triggers
    • Monitoring
      • Robots
    • Resources
  • Host administration
    • About the host level
    • Managing system administrators
    • Managing tenants
    • Configuring host authentication settings
      • Reconfiguring authentication after upgrade
      • Allowing or restricting basic authentication
      • Configuring SSO: SAML 2.0
        • ADFS Authentication
        • Google Authentication
        • Okta Authentication
        • PingOne Authentication
        • Custom Mapping
        • Self-signed Certificates
        • Private Key Certificates
      • Configuring SSO: Google
      • Configuring SSO: Azure Active Directory
      • Configuring the Active Directory Integration
        • Switching between Active Directory adapters
    • Managing your host license
      • Allocating Licenses to Tenants
    • Configuring other host settings
      • Customizing the Login page
      • Session Policy
      • Orchestrator Host Settings
    • Configuring system email notifications
    • Audit logs for the host portal
    • Maintenance Mode
  • Organization administration
    • About organizations
    • Managing organization administrators
    • Managing organization settings
    • Configuring organization authentication
      • Allowing or restricting basic authentication
      • Setting up the Azure AD integration
      • Configuring the SAML integration
    • Configuring security options
      • Session policy
    • About licensing
      • Activating your license
    • Accounts and groups
      • Managing access
      • Managing accounts and groups
    • Authorizing external applications
      • Managing external OAuth applications
    • Overriding system email settings
    • Audit logs
  • Troubleshooting
    • About Troubleshooting
    • Alerts troubleshooting
    • General troubleshooting
    • Upgrade troubleshooting
    • Frequently Encountered Orchestrator Errors
UiPath logo, featuring letters U and I in white
OUT OF SUPPORT

Orchestrator user guide

Last updated Dec 16, 2025

Managing Large Deployments

Orchestrator's features and capabilities are focused on enabling your organization to deploy and manage its automation solutions on any scale easily. Development of these capabilities was based upon incorporating the following aspects:

  • Simplified Deployment and Management

    • Enhanced integration of Active Directory groups to manage automation and robot access for users.
    • Use of Active Directory groups for the delegation and control of management access.

  • Flexible User Permissions

    • The ability to isolate management of automation solutions across teams and departments.
    • Delegation of administration over automation solutions to a team or department of Administrators.
    • Enable sharing of automation solutions between teams, departments, or company-wide.

These aspects are manifested in the Active Directory integration with Orchestrator and the folders organization modeling paradigm.

Active Directory Integration

An enhanced integration model with your organization's Active Directory provides for simplified user and group management in Orchestrator:

  • All directory users are potential Orchestrator users.
  • Only permissions for Directory User or Directory Group access to Orchestrator resources (i.e. robots, assets, etc.) need to be managed in Orchestrator.

  • AD group membership and roles are cached in Orchestrator, synced at login, and refreshed every hour. You no longer need to manually update an Orchestrator user whenever their AD membership changes.

    Important: If you grant any user permissions explicitly within Orchestrator, that user and the assigned permissions will persist in Orchestrator regardless of changes to their AD group membership.

Organization Management Using Folders

Folders can be used for the isolated and independent management of both users and resources within Orchestrator:

  • Orchestrator automation resources are grouped within the folder context as opposed to being tenant-wide.
  • Access to automation solutions is managed by granting users or groups access to a folder and the requisite permissions to execute the processes contained there. Those processes are then visible to the user in the robot tray. See how to Manage Folders and Add Users.
  • Authorized users are automatically granted a license, if available, upon connecting a robot to Orchestrator.
  • Active Directory Integration
  • Organization Management Using Folders

Was this page helpful?

Connect

Need help? Support

Want to learn? UiPath Academy

Have questions? UiPath Forum

Stay updated