Configuration settings

As an administrator, view and manage settings that are configured for the Control Room.

To view the following configuration details, go to Administration > Settings > General:

  • Control Room installation type, access URL, and the program files destination folder from the Control Room.
  • Website security and configuration details, Control Room users, database and repository details, deployment settings, and security details in the Control Room database and software.

General settings

The general settings tab provide information about the installation type, the access URL, and the program files' destination folder. You cannot edit these settings as they are configured during installation.

The following table describes the general settings:

Settings Description
Control Room Installation type The type of setup used to install the Control Room: either Express or Custom. This setting is configured during installation and is not editable.
Control Room access URL The fully qualified name of the server that is used by the Bot Creator, Bot Runner, and users to access the Control Room. Use the Control Room access URL in the following scenarios:
  • For IQ Bot app registration in the Control Room, use the access URL.
  • For all the SMTP alerts from the Control Room, send the saved access URL.
  • For SSO, the access URL should be the load balancer, or the URL used to set metadata in the IDP server.

Opt to change the access URL if the Control Room is set up in custom mode.

To modify the URL, perform these steps:

  1. Click Edit.

    The General Settings page opens in edit mode.

  2. Type the fully qualified name of the URL to access the Control Room.
  3. Click Save changes.

Edit and view Control Room database and software configuration

The Control Room database and software settings provide details about website security and configuration, Control Room users, database, and repository, deployment, and security settings. Edit the settings for the Control Room repository, deployment, and password.

The following table describes the Control Room database and software settings:

Settings Description
Website security The type of security protocol used: http or https. This setting is configured during installation and is not editable.
Website configuration The website configuration details such as the web server host name. If the Control Room is configured for Express installation, only one host name is shown. If it is configured for Custom installation, multiple host names are shown. This setting is configured during installation and is not editable.

The web server host name and port details of all registered and active users are listed. However, the user name and password values are not shown.

Control Room users The authentication type used to log in to the Control Room instance by bots. It can be Active Directory, single sign-on (SSO) SAML, or database. This setting is configured during installation and is not editable.
  • Active Directory users are configured when bots of a specific domain have to be authenticated with their Active Directory credentials.
  • Single sign-on (SAML 2.0) users are configured when bots have to be authenticated using SAML 2.0 protocol and users have to log in using the organizations' IDP server credentials.
  • Database users or non-Active Directory users are configured when bots have to be authenticated using the Control Room database.
Control Room database

Shows the settings for:

  • Database type: The database selected (SQL Server or Oracle) for storing Control Room data.
  • Windows authentication: The authentication type used to connect to the database server. It shows Enabled when Windows authentication is selected for database configuration during installation. It shows Disabled when the default database authentication is used.
  • Server host name: The fully qualified name of the Control Room database server.
  • Server port: The port to which the database is configured.

    The default listening port number for SQL Server is 1433, Oracle is 1521, and Oracle with SSL is 2484.

  • Database name: The database that is used to store Control Room data.

    For Oracle, this is the database instance name that was created initially by the system admin.

  • Username: The SQL Server user name if the SQL Server authentication type is selected. If Windows authentication is selected, no value is displayed.

    If Oracle is selected as the database, the value displayed is the Control Room Username that was created initially by the system administrator.

This setting is configured during installation and is not editable.

Database password: You can now update the database password in the Control Room.
Note: Change the database password during a scheduled downtime and just before the actual password changes for the database. Once the database password is changed in the Control Room, Automation Anywhere Enterprise will not work until the password is changed for the database.
To update the password, perform these steps:
  1. In the Control Room database and software tab, click Edit.

    The page opens in edit mode.

  2. For the SQL Server, select the Reset Database password check box. For the Oracle Database, select the Reset Control Room DB password and Reset Bot Insight DB password check boxes.
  3. Enter the following details:
    1. Enter the old password.
    2. Enter the new password.
    3. Confirm the new password.
  4. Click Save changes.
  5. Change the password in the database server.
    Important: This password must be the same as the one updated in the Control Room. Automation Anywhere Enterprise will not work if there is a mismatch in the passwords.
  6. Restart the following services:
    • Automation Anywhere Control Room Caching
    • Automation Anywhere Control Room Messaging
    • Automation Anywhere Control Room Service
    • Automation Anywhere Bot Insight Service
To configure the database settings for the external key vault (CyberArk), perform these steps:
  1. In the Control Room database and software tab, click Edit.

    The page opens in edit mode.

  2. Select the External key vault option.
    Note: The External key vault option is displayed if you have configured the external key vault integration in the Control Room.
  3. Enter the Safe name and Object name.
  4. Click Save changes.
    Note: Based on the database server selected during installation, one or more options are available for Control Room, Bot Insight, and Zoomdata credentials.
    • If you selected SQL Server, perform steps 2 through 4 for Control Room credentials.
    • If you selected SQL Server with PostgreSQL Server, perform steps 2 through 4 for Control Room and Zoomdata credentials.
    • If you selected Oracle Server, perform steps 2 through 4 for Control Room and Bot Insight credentials.
    • If you selected Oracle Server with PostgreSQL Server, perform steps 2 through 4 for Control Room and Bot Insight, and Zoomdata credentials.
  5. Restart the following services:
    • Automation Anywhere Control Room Caching
    • Automation Anywhere Control Room Messaging
    • Automation Anywhere Control Room Service
    • Automation Anywhere Bot Insight Visualization for SQL Server, SQL Server with PostgreSQL Server, or Oracle Server with PostgreSQL Server.
    • Automation Anywhere Bot Insight Service
    Important:
    • You must restart these services if you change the connection from External key vault back to Manually enter password and when the database password is changed.
    • When you change password in a cluster-based setup, navigate to node 1, restart the services and ensure that the node 1 is up and running. Then repeat the same steps for the remaining nodes.
    • When you change the Zoomdata password, restart the Automation Anywhere Bot Insight Visualization and Automation Anywhere Bot Insight Service services.
Control Room repository The location where all bots, application files, and supporting files are stored. The default path is set to C:\ProgramData\AutomationAnywhere\Server Files during installation, if this is not updated during installation. You can modify this path after installation through this setting.

To modify, perform these steps:

  1. Click Edit.

    The page opens in edit mode.

  2. In the Repository path field, enter the location of the repository ending with Server Files:
    • Use the Network Drive folders for the repository path.
    • If you enter an invalid pathname, an error is displayed.
  3. Click Save changes.
  4. Stop these services for each node:
    • Automation Anywhere Control Room Caching
    • Automation Anywhere Control Room Messaging
    • Automation Anywhere Control Room Service

    Your devices will be disconnected from the Control Room instance.

  5. Copy all the files from the old repository to the new repository.
  6. Restart these services for each node:
    • Automation Anywhere Control Room Caching
    • Automation Anywhere Control Room Messaging
    • Automation Anywhere Control Room Service
Session settings
  • The login settings enable you to automatically time out users from the Control Room browser session after the specified minutes of inactivity.

    By default, this setting is Enabled and the default value for inactivity time is set to 20 minutes.

    To modify the setting, perform these steps:

    1. Click Edit.

      The page opens in edit mode.

    2. Enable or disable the session timeout for users by selecting Enabled or Disabled.

      If you select Enabled, specify the inactivity time in the range of 10 - 60 minutes.

    The change in the session timeout is updated only after a new token is generated.

  • The session settings allow or disallow users to be automatically logged in to the Control Room when they navigate to the Control Room URL through a browser if the Control Room is configured for Kerberos-enabled Active Directory authentication.

    By default, this setting is Enabled.

  • To modify the setting, perform these steps:
    1. Click Edit.

      The page opens in edit mode.

    2. Select Enabled or Disabled to enable or disable auto-login for users to the Control Room.
  • The notification settings display a notification when a user with an active Control Room login session tries to log in to the Control Room from a different browser or device.

    By default, this setting is Disabled.

    To modify the setting, perform these steps:
    1. Click Edit.

      The page opens in edit mode.

    2. Select Enabled or Disabled to enable or disable the notification.
    Note: This feature is supported in only a non-Active Directory environment.
Deployment settings Bot Runner deployment session: Shows whether users with run and schedule privileges are allowed to run a Bot Runner session on Control Room when you deploy or schedule a bot.

See Run a bot and Schedule a Bot.

By default, this setting is Enabled.

To modify the setting, perform these steps:
  1. Click Edit.

    The page opens in edit mode.

  2. Select Enabled or Disabled as required for the Bot Runner deployment session on the Control Room.
Deployment settings Callback URLs: Allows a user to configure known callback URLs for the Bot Deployment API to send the bot status and the bot output from variables after the bot has finished execution.

To modify the setting, enter the Callback URL in the field and save your changes.

Security This field defines the password policy settings for all Control Room users. Customize the password length, password content, select the number of log-on attempts allowed, and enable or disable security-related questions and answers.

The password policy is applicable for a Control Room that is configured for Database authentication type.

To modify this, perform these steps:

  1. Click Edit.

    The page opens in edit mode.

  2. In the Password length field, specify the Minimum and Maximum characters based on your company policy. This can include any or all Alphabetical character, Number, Capital letter, and Special character.
  3. Specify the number of login attempts allowed before the user account is locked.
    Note: The user account is disabled in the Control Room if it is locked out.

    You cannot type invalid values in the following:

    • Password length field
    • Log on attempts field
  4. Choose either Enabled or Disabled for security questions and answers. When the option is enabled, users provide answers to security-related questions when they click the Forgot password link.
  5. Save changes.
Elasticsearch disaster recovery backup cluster

This field defines the disaster recovery server IP address for Elasticsearch disaster recovery.

Enter the IP address for your Automation Anywhere Enterprise disaster recovery site. Elasticsearch is installed on the same server as the Control Room.

API key duration This defines the validity of the Authentication API key, in days or minutes, for a user.
To specify the duration or validity of the API key in either day(s) or minute(s), click the plus and minus sign.
  • Default value is set to 1 day and the maximum limit is 45 days or 64800 minutes.
  • Validity of an existing API key for an authorized user is not affected if the Control Room admin changes the duration. For example, when a user is authorized to use the API key for 2 days and the admin updates it to 5 hours in the interim, the user is allowed to use the API key for 2 days. However, an API key created after that is valid for 5 hours.
Login banner settings The banner settings enable the admin user to configure a banner text and display it on the login page of the Control Room and Enterprise Client. This setting can provide legal protection in a secured environment.
To configure or modify the setting, perform these steps:
  1. Click Edit.

    The page opens in edit mode.

  2. Select the Enabled option to enter the text in the Banner text field.
    Note: The banner field has a 2000-character limit.
  3. Click Save changes.

    The banner text is displayed on the login screen of Control Room and Enterprise Client at the next login.

    You can select the Disabled option so that the banner text is not displayed.

Audit logs

All updates to the configuration settings are captured in the Audit Log page and all the actions performed to edit the general settings.

To view details of each audit entry:

  1. Go to the required data and move your mouse over view details icon.
  2. Click on the view Audit details icon.
  3. View the entries that are changed in the details page that is launched.

    To view the details for successfully disabling a Bot Session, open the Control Room and go to the password policy setting.