Troubleshooting a 403.14 Forbidden Error while Accessing the Orchestrator

News Knowledge Base
,
1

Why is Orchestrator throwing a 403.14 Forbidden error, even though there were no recent changes made?

Error Summary:

Sometimes while accessing the Orchestrator, one may run into the following error, making the Orchestrator essentially inaccessible - "HTTP Error 403.14 - Forbidden - The web server is configured to not list the contents of this directory".

This error has usually been seen as associated with some sort of corruption in the Orchestrator configuration, precisely some IIS configuration that renders the site inaccessible.

Troubleshooting Steps:

1. "web.config" file

One of the most common causes of this issue has been seen as a corruption of the "web.config" file under the Orchestrator's root installation directory ("C:\Program Files (x86)\UiPath\Orchestrator" by default, else the custom location set at the time of install). In such a case, notice some reference to the "web.config" either within the exception in the Orchestrator UI or within IIS or Both.


To resolve this, consider the following

  • Try opening the "web.config" using a browser window. If there are any syntactical issues in the config file, meaning that if the XML file is malformed, then the browser will not know what to do with it, and it would either show nothing or throw some sort of exception indicating the same. If the XML file is valid then most browsers (IE8, Chrome, and Firefox) display a message along the lines of --> "This XML file does not appear to have any style information associated with it."
  • Another way to check for any issues with the "web.config" is to use an XML Validator.
  • If no issues are present with the "web.config", rule out file corruption. However, if issues are seen, it is required to fix this manually or preferably restore a copy of the config file from the backup

2. "machine.config" and "applicationHost.config" files

The next step is to remove all the verbs from the "machine.config" and "applicationHost.config" files, if any, as described in this article: The Requested Page Cannot Be Accessed Due To Related Configuration Data For The Page Is Invalid.


3. "Directory Browsing" and "Default Document" in IIS:

This error is also known to occur when, for some reason, the Orchestrator website does not have the Directory Browsing feature enabled or the Default Document isn't configured. To resolve this, follow the steps in this article: HTTP Error 403.14 - Forbidden when you open an IIS webpage.


4. Physical Path in IIS:

Sometimes, an unwanted alteration in the physical path of the website can also lead to this error. As such, verify the "Physical Path" parameter of the Orchestrator website by navigating as follows --> "IIS -> Server Name -> Right Click -> Manage Website -> Advanced Settings".


Repeat the same steps for "Identity", "Webhooks" and "ResourceCatalog" services (i.e. subsites under the Orchestrator site) as well.



5. Identity Server and ASP.NET Hosting Bundle:

As the final troubleshooting step, navigate to the Identity Server ("{Orchestrator URL}/Identity") in the browser. Set up detailed logging by following the steps in this article: Troubleshooting Guide: 500 Internal Server Error.

Check for the error details in the Identity Server UI and tackle them accordingly.

In many scenarios, a 500.30 error may be thrown in the browser which looks something like the below:

  • If this is encountered, launch the IIS Manager and try opening the settings like "Authorization Rules", "Default Document", "Directory Browsing", "Configuration Editor" etc.

  • Upon opening each of these settings, it is likely to throw an error window that looks like the below:

If this happens, the issue is that the ASP.Net Hosting Bundle is not installed correctly or it has been corrupted. To resolve that:

  1. Make sure that the Orchestrator is leveraging the correct version of the hosting bundle as per the version-specific prerequisites described in our official docs: Prerequisites for Installation.
  2. If the prerequisites are already in place, try repairing the hosting bundle by modifying the same via the Control Panel.

Next Steps:

If none of the above steps help in resolving the issue, capture all the error details and screenshots along with the Application Event Logs from the Orchestrator server and send them over to UiPath Support for further analysis.

Note: Any config/ setting changes would require to restart the IIS in order for the changes to take effect.