Enterprise 11 credential requirements
- Updated: 2022/07/20
Enterprise 11 credential requirements
Login credentials are required at different stages of the Automation Anywhere Enterprise deployment and use. Credentials are required for installation and data center servers, access to Automation Anywhere Enterprise components, and to run tools in bots.
Access point | Task | Type |
---|---|---|
Data center servers | Install Control Room | System administrator on hosting server. |
Data center servers | Manage (run, stop, restart) Control Room | Administrator and Logon as Service permission for Windows services and the Domain. |
Databases | Installer creates databases for Control Room and Bot Insight |
Permissions required depend upon the Automation Anywhere Enterprise version, and whether the installation mode is Express or Custom. |
Enterprise Client installation setup | Services and registry updates during installation, application or system updates | Administrator. |
Enterprise Client file access Default file location:
|
bot Auto Login, bot schedules | Full control permissions. |
Enterprise Client folder access C:\Program Data\Properties\Security\ Advanced\Permissions | Edit application files stored and used during run-time. | Client user requires read, write, and update permissions. |
Automation Anywhere login | Perform specific tasks, such as create a bot or run a bot. | License and role based permissions. |
Bot task | Used by bots to perform bot tasks. | Credential Vault stores securely created credentials. |
Automation Anywhere Service | Run all Windows services created by Automation Anywhere | Local system account user or Domain user account. |
- Data center server credentials
- Data center server credentials for Automation Anywhere hosting servers and integrated product servers are required to deploy Automation Anywhere.
- Automation Anywhere login
- To login to Control Room or Enterprise Client interfaces require a username and password. These credentials are linked to the machine you use to access the Automation Anywhere components. Your credentials are assigned roles that give you permission to perform specific tasks, such as create a bot or run a bot.
- Bot task
- As an automation expert, Credential Vault provisions you to securely create and store your credentials. This ensures that your credentials can be used in bots without compromising security with safe deployment of tasks. Any authorized user can create credentials.
- Windows services
-
The Windows Service credentials
include a user name and password. The user specified needs to:
- Be a member of the local system administrator group.
- Have permission to manage services, including Automation Anywhere services.
- To avoid any failure of Control Room services, ensure that windows service account is always included in the Administrator group.
- For Microsoft Azure installations, the service account user needs to have read/write access to the remote Microsoft Azure repository share path.
Unless otherwise selected, these service credentials are used to create database tables and allow the Control Room processes to access the database and repository.Note: If you want to connect with a shared repository to the Control Room, ensure that you use the Windows credentials for the shared repository folder or location. - Databases
-
During installation, you have the option to specify a user, other than the logged on user, for creating and managing the Automation Anywhere Enterprise required databases. This user must have minimum database permissions. The permissions required vary depending upon the Automation Anywhere Enterprise version, and the installation mode selected.
During upgrades, the database data is fetched automatically. The user performing the upgrade must have the minimum database permissions.
- In Express mode installation:
- The logged in user permissions are used.
- In Custom mode installation:
- You have the option for non-logged in user.
Database user condition Database required permission Notes Custom,Version 11.3.4 or later, Microsoft SQL Server database Can have the minimum database permissions: datareader
,datawriter
andddladmin
.Microsoft SQL Server database must be created before Control Room installation. Custom, Version 11.3.4 or later, Oracle Database Can have the minimum database permissions: GRANT CONNECT
,RESOURCE
,CREATE TABLE
,CREATE VIEW
Oracle Database database must be created before Control Room installation. Custom, older than Version 11.3.4 Database Owner (DBO) permissions. Databases created during Control Room installation.
- The service credential choices are:
-
- Local System Account
- (default) The logged on user performing the installation.
- Domain User Account
- A user that is not the local system account user.