UiPathOrchestrator.msi using wrong credentials during upgrade installation of Identity Server

I am upgrading on-prem Orchestrator from 2019.10 to 2021.4. As part of this the MSI installs Identity Server. An error message is returned when the install is attempted:

‘Verify the SQL connection string of Identity database and make sure that the server is accessible with the supplied credentials.’

Our DBAs have confirmed that the installer is accessing at least some parts of Orchestrator database as the user running the installer, not as the specified app pool user. They have had to grant my user account write permission to the database in order to proceed in the installer.

this is required hence the upgrade should be ideally performed via infrastructure team.

As it is a enterprise platform, suggesting you to reach out to the Technical Support Team for any clarifications during the migration.

If such permissions are required, they should be clearly detailed in the installation guide. It sounds very much like an installer bug to me.

It is not IIS that is performing the installation so the app pool user would not apply here.

You can do one of a few things

  • Grant your user the necessary rights in the database
  • Create the database ahead of installation (if your DBAs have restrictions on owner/creation, etc.
  • Use the Run As to launch the install as the require service account
  • Log into the Orchestrator host as the service account, assuming it has rights to also manage install path and services, etc.

This would be the same as opening SSMS and using Integrated Windows Authentication, SSMS is going to launch in the context of the user who is running the application. In order to Authenticate as another user, one must use Run As to launch the application as another user in order to authenticate with IWA on the SQL Server.

Thanks. Installation worked when my account was given permissions on the database server.

I’ll say again that it is rather expected that when an installer dialogue asks for credentials, it is those credentials that it uses for all of its actions. This database permissions requirement should be stated in the documentation at is very unexpected.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.