This is an attempt to clone an Orchestrator instance. For this I have copied the Orchestrator source database and ran a new Orchestrator installation on a new machine against the database copy. I have run my Orchestator installation using the below method. The method was suggested to me by the UiPath (AI) assistant before I submitted a support case to UiPath.
Generate a parametersFile.json file on the current Orchestrator machine with the Generate-ParametersFile.ps1 script and copy it to the new machine
Copy the UiPath.Orchestrator.dll.config file to the new machine
Run UiPathOrchestrator.msi from the command line like this “PS C:\script\UiPath> .\UiPathOrchestrator.msi SECONDARY_NODE=1 PARAMETERS_FILE=ParametersFile.json /passive”.
Put the files, including the msi, in the same folder. (I put them in C:\script\UiPath)
Before running UiPathOrchestrator.msi I had updated the parametersFile.json and UiPath.Orchestrator.dll.config to point to the database copy of the source database.
So, now I have an installed Orchestrator running against a fully populated database. However, I get the below error message in the web browser for the login page https:///identity/
“Error while contacting partition service to validate the organization (#503)”.
From consulting ChatGPT I have understood that the partition service is a tenant validating component within the Identity Server.
Does anyone of you have an idea how to solve this error message problem?
Sorry, the order of these two steps were of course:
Put the files, including the msi, in the same folder. (I put them in C:\script\UiPath)
Run UiPathOrchestrator.msi from the command line like this “PS C:\script\UiPath> .\UiPathOrchestrator.msi SECONDARY_NODE=1 PARAMETERS_FILE=ParametersFile.json /passive”.
Yes, the “OrchestratorUrl”: setting is updated in the Identity Servers appsettings.Production.json file to the new Orchestrator. The issue is still present though.
Looking at the logs it indicates a problem in the communication between Identity Server and Orchestrator. Orchestrator seems to not accept the token that Identity Server sends.
2025-05-10 11:50:05.9757|ERROR|UiPath.Orchestrator.Security.Auth.IdentityUser.IdentityUserAccessTokenAuthenticationHandler|Authentication failed
2025-05-10 11:50:06.0310|INFO|UiPath.Orchestrator.Security.Auth.IdentityOAuth.IdentityOAuthAccessTokenAuthenticationHandler|Audience for token is invalid. IDX10214: Audience validation failed. Audiences: ‘[PII of type ‘System.String’ is hidden. For more details, see Search - Microsoft Bing]’. Did not match: validationParameters.ValidAudience: ‘[PII of type ‘System.String’ is hidden. For more details, see Search - Microsoft Bing]’ or validationParameters.ValidAudiences: ‘[PII of type ‘System.String’ is hidden. For more details, see Search - Microsoft Bing]’.
From EventViewer I’ve found this at roughly the same timestamp. Excerpt:
2025-05-10 11:50:06.0452 UiPath.IdentityServer.Web.Middleware.ExceptionHandlingMiddleware Error while contacting partition service to validate the organization
PartitionLookupException Got exception while deserializing response from OrchestratorClient:GetTenantsAsync. Error details: OrchestratorClient:GetTenantsAsync returns unexpected status code: Unauthorized at UiPath.IdentityServer.Application.OrchestratorService.OrchestratorClient.GetTenantAsyncHelper(Guid tenantKey, String tenantName)
at UiPath.IdentityServer.Application.OrchestratorService.OrchestratorClient.GetTenantAsync(String name)
at UiPath.IdentityServer.Application.Services.OrchestratorBasedPartitionLookupService.GetPartitionByNameAsync(String name)
at UiPath.IdentityServer.Application.Services.AuthenticationInformationService.GetOrganizationProvidersAsync(String organizationName)
at UiPath.IdentityServer.Web.Controllers.API.AuthenticationInformationController.GetAuthenticationProviders(String organizationName)
at lambda_method410(Closure , Object )
…
but the PII data has not shown up yet in the log file and no events have been logged to Event Viewer. Also ChatGPT instructed me to set this Windows system environment variable: