Cyberark breaks after upgrade to 20.10 and above

Cyberark breaks after upgrade to 20.10 and above

Issue Description

Cyberark breaks after upgrade to 20.10 and above. 
 

 

Root Cause

This can happen in a scenario where a path is specified under the authentication section the Path method was specified for authentication. A bug report has been raised with our development team as of writing this article (So the issue effects at least 20.10.4)


Resolution

  1. Check the Robot fault (Jobs->Faulted Job->Details). Check to see if the automation faulted with a message like: The user name or password is incorrect. (Exception from HRESULT: 0x8007052E). The message could also be something about the password field being null.
  2. Check the event viewer logs. The best way to do this would be to trigger a bot, and then check the logs in the event viewer. These will give a hint of the issue. Most likely there will be messages like the following:
    • Failed to retrieve robot password from UiPath.Orchestrator.SecureStore.CyberArk.CyberArkAimSecureStore storeUiPath.Orchestrator.Extensibility.SecureStores.SecureStoreException: Could not find password! Reason: 'XXXXXX Script run using untrusted shell.'
  3. Go to the CyberArk Application and check the Authentication configuration for the Vault.
    • See our docs here  for info about how Cyberark needs to be configured for Orchestrator
    • See here Cyberark documentation for Authentication Methods
    • See here Cyberark documentation for Authentication setup
  4. Either remove the Path Authentication, or add OS User Authentication
    • For OS User Authentication, the OS User would be either the App Pool service account user or NT Authority\System if using the Default App Pool
    • App Pool user can be found by going to IIS->Application Pools->UiPath Orchestrator App Pool
  5. After the fix, Robots should execute again and the following location should contain logs: C:\Program Files (x86)\CyberArk\ApplicationPasswordProvider\Logs\