Credential requirements
- Updated: 2022/11/22
Credential requirements
Login credentials are required at different stages of Automation 360 deployment and use. Credentials are required for installation and data center servers, access to Automation 360 components, and to run tools in bots.
Access point | Task | Type |
---|---|---|
Data center servers | Install Control Room. |
User on the hosting server:
|
Data center servers | Manage (run, stop, restart) Control Room. | Administrator and Logon as Service permission for Windows services and the Domain or the VM technical user account. |
Bot Agent devices | Install, setup, or update Bot Agent. | Administrator permission on the device. |
Bot Agent devices | Start or stop Bot Agent service. |
Administrator permission on the device. Write permission on Bot Agent device system paths: C:\ProgramData C:\Windows\System32\config\systemprofile C:\Users\<loggedInUser>\AppData\Local\AutomationAnywhere |
Local devices | Register device. |
Windows login to open a browser and login into the Control Room and register the local device. Administrator permission not required. |
Local devices |
Download bots to local device. Run new bots or existing (downloaded) bots. |
Windows login. Administrator permission not required. |
Automation 360 login | Perform specific tasks, such as create a bot or run a bot. | License and role based permissions. Bot Creator and Bot Runner users do not require administrator privileges. |
Bot task | Used by bots to perform bot tasks. |
Credential Vault stores securely created credentials. Read permission on bot machine system path: C:\Windows\System32\config\systemprofile \AppData\Local\AutomationAnywhere |
Automation Anywhere Service | Run all Windows services created by Automation 360. | Local system account user or Domain user account The Interactive logon rights should be enabled for the service account. |
Remote Desktop Protocol (RDP) to a Windows machine | Run bots on Bot Creators and unattended Bot Runners if RDP connection exists for the deployed user. |
Administrator permission is not required. RDP access for the bot is not required. View the Control Room Activity page. |
Remote Desktop Protocol (RDP) to a server OS or a hosted VM | Run bots on Bot Creators and unattended Bot Runners if RDP connection exists for the deployed user. |
Administrator permission required. RDP access for the bot is required. For confirmation, view the Control Room Activity page. |
- Data center server credentials
- Data center server credentials for Automation Anywhere hosting servers and
integrated product servers are required to deploy Automation 360.
To install and deploy Automation 360 requires that users log in to the hosting servers. These users must have permissions to install and run Automation 360 components on the servers. Permissions levels need to be assigned to the user on selected data center applications and servers.
- Automation 360 login
- Log in toAutomation 360 requires a username and password. These credentials are linked to the machine you use to access the Automation 360 components. Your credentials are assigned roles that give you permission to perform specific tasks, such as create a bot or run a bot.
- Bot task
- As an automation expert, Credential Vault provisions you to securely create and store your credentials. This ensures that your credentials can be used in bots without compromising security with safe deployment of tasks. Any authorized user can create credentials.
- Windows services
- The Windows service credentials include a user name and password. The user
specified needs to be:
- A member of the local system administrator group.
- Have permission to manage services, including Automation Anywhere services.
- If you use Windows authentication to connect to the SQL database,
ensure you grant the
db_owner
permission to the service credential user.
The service credentials are used to create database tables and allow the Control Room processes to access the database and repository.
The service credential choices are:
User role Bot program folder Bot data folder Log folders or files User type Install user - Read
- Write
- Delete
- Read
- Write
- Delete
- Read
- Write
- Delete
- Admin
- Non-Admin
Service run user - Local system account
- Domain user account
Bot deployment user - Local system account
- Domain user account
The following are the different user types:
- Admin
- A user who has administrator privileges.
- Non-Admin
- A user who does not have administrator privileges.
- Local system account
- The logged-on user performing the installation (default).
- Domain user account
- A user that is not the local system account user.