Version 11.3.4 Release Notes

These release notes contain new features, changed features, fixed features, security fixes, deprecated features, and known limitations in Version 11.3.4 for Automation Anywhere Control Room, Enterprise Client, and Bot Insight.

New features

Control Room new features
Feature Description
Two-factor authentication for logging in to Control Room

Administrators can now enable Two Factor Authentication (2FA) for logging in to the Control Room, which can be set for users with specific roles.

Two-factor authentication is supported only in Active Directory and non-Active Directory user environments; it is not supported for an SSO environment. See Enabling Two-factor authentication.

When users are assigned a role that requires 2FA, they must set up an Authenticator application on their mobile device and establish a connection between the Authenticator application and Control Room. On subsequent log-ins, users are prompted to enter a time-based one-time password (OTP) from the Authenticator to complete the Control Room login process.
Hide multiple domains or set any one as the default on the Control Room login screen Administrators can now hide a single domain or multiple domains from being displayed on the Control Room login screen and the Create user page.
Note: Administrators cannot hide a domain for which users were added in the Control Room.
Additionally, administrators can set one of the available (unhidden) domains as default.

See Managing domains.
Disable the verification email when a new user account is created Administrators can disable a verification link when creating a new user account. The user then receives a welcome email without any verification link and can log in to the Control Room using:
  • The credentials provided by the administrator, if it is a Control Room DB authenticated environment.
  • Windows credentials, if it is an Active Directory environment.
  • SSO credentials, if it is a SAML-enabled environment.
SSO configuration: Select Signed Authentication Request to IdP from Control Room Administrators can now configure SAML to send a Signed Authentication Request to the IdP from the Control Room if they choose SSO configuration. All the authentication requests sent from the Control Room to the IdP have a signature that the IdP can validate.

If you upgrade the Control Room to Version 11.3.4 or later, users are automatically prompted to view the SAML configuration page where they can update the settings. However, only a user with administrator role can apply the SAML configuration changes.
Callback URL extensions supported in Bot deployment API The whitelisting of Callback URLs in the Control Room is only required for parent domains. You can then use any extension of these whitelisted parent domains as the Callback URLs in the Bot deployment API.
Output variable data is available in Bot Execution Orchestrator API responses The values of variables marked for Include in Output are now securely stored in the Control Room data along with the Bot execution data. This data can then be fetched by third-party systems using the Activity/List API.
Notification for new login session (Zendesk #206592) New settings in the Control Room display a notification when a user with an active login session tries to log in to the Control Room from a different browser or device in a non-Active Directory environment.

See Configuration settings.
Export all records to a CSV file (Zendesk #206592) A new option is added to export all records that are available on the Audit log page and the Historical activity page to a CSV file.

See Enterprise 11: Export data to CSV.
Installed Windows Services verification When the Control Room installation is complete, a Services Utility verifies the Windows Services installed, starts the services, and indicates if a service did not start.
Automatically update bots and dependent files on Attended Bot Runners To reduce manual intervention when downloading updated bots and dependent files from the Control Room repository, the Automatic Updates option is available in Administration > Settings > Client Application. Setting this option to On automatically updates bots on Attended Bot Runner machines during bot execution. The default value of this option is set to Off to match the current product behavior.
Oracle option to use SID or Service Name You now have an option to use either SID or Service Name to identify the Oracle Database instance.
Control Room License API (Zendesk #226575) The Control Room License API returns detailed license information for your Control Room installed licenses.

See Enterprise 11: License API.
Updated version of Elasticsearch to 7.1.0 Elasticsearch 7.1.0 version validation
Enterprise Client new features
Feature Description
New checkpoints introduced in AADiagnostic Utility The following features are introduced in the AADiagnostic Utility:
  • An Include Sensitive Information (Marked *) check box to show sensitive information for options that have an * (asterisk). For example, Machine Name.
  • System Details in the System section of the Checkpoints Verification grid.
  • Product Details in the Product section of the Checkpoints Verification grid.
Search for a field in a terminal (Zendesk #129752) The Search Field command is added in the Terminal Emulator command that enables you to search for a field based on the text it contains. This command returns the name of the field or index of the field based on the option selected.

See Terminal Emulator command.
UI Automation technology support from Google Chrome You can now use the Object Cloning command to capture objects based on the UI Automation technology from the Google Chrome browser.

See Using object play mode.
Support for Exchange Web Services (Zendesk #122765, 133847, 187251) You can now use Exchange Web Services (EWS) with:
Uninstall Google Chrome plug-in You can now uninstall the Chrome plug-in from the Enterprise Client using the following options:
  • From the AAPluginInstallation application
  • Using the command line
  • From the Enterprise Client Tools settings
See Uninstall or reinstall plug-ins.
Microsoft Active Accessibility (MSAA) technology support from Google Chrome When you are creating MetaBots on a Google Chrome browser, you can now use the Microsoft Active Accessibility (MSAA) technology.
Option to automatically download updated parent Task Bots during runtime Parent Task Bots are Task Bots that are not called by any other Task Bot or MetaBot. Attended Bot Runners are provided a separate screen displaying only the parent Task Bots using the new Parent Task option. The updated parent Task Bots are downloaded automatically when you run a bot.

See Automatically update Task Bots.

Schedule operation not allowed with Attended Bot Runner license

Users with an Attended Bot Runner license can no longer create, edit, or delete schedules using the Enterprise Client. Task Bots already scheduled by the same user or a different user from the same machine will continue to be executed based on the previously defined schedule.
Uninstall Flex plug-in from UI You can now uninstall the Flex plug-in from the Enterprise Client UI using the following options:
  • From the AAPluginInstallation application
  • From the Enterprise Client Tools settings

See Uninstall or reinstall plug-ins.
Support for Autologin with locked, logged-off, or disconnected machines on Microsoft Azure and Amazon Web Services VMs

On Microsoft Azure and Amazon Web Services instances, Autologin is supported for attended and unattended bots in locked, logged-off, or disconnected mode. This applies to single-user logins. Multi-user logins are not supported for this feature.
Bot Insight new features
Feature Description
Bot Device Utilization - Bar Chart and Bot Device Utilization - Pivot Table widgets The Bot Device Utilization - Bar Chart and the Bot Device Utilization - Pivot Table widgets are added to the Devices Dashboard. The widgets display the following information:
  • Bot Name
  • Host Name
  • Start Date
  • End Date
  • Duration (Hours)
  • Duration (Minutes)
  • Activity Status
Upgrade from PostgreSQL Server to Microsoft SQL Server You can now upgrade the Bot Insight metadata from the PostgreSQL Server to Microsoft SQL Server. This upgrade is supported for Bot Insight custom dashboards, as well. However, you cannot perform the upgrade using the Microsoft SQL SSL certificate.
Note: You can migrate from Automation Anywhere Enterprise Version 11.3.2 to Version 11.3.4 directly. However, if you want to migrate from Automation Anywhere Enterprise Version 11.3.1 or earlier, you must first upgrade to Automation Anywhere Enterprise Version 11.3.2 or Version 11.3.3, and then migrate to Version 11.3.4. You can upgrade the Bot Insight metadata from the PostgreSQL Server to Microsoft SQL Server, only when you upgrade from Automation Anywhere Enterprise Version 11.3.2 or later.
Oracle Database service name support for Bot Insight installation You can now install Bot Insight with the Oracle Database using the Service Name function.
API to visualize the COE dashboard The http://hostname/analytics/rest/api/coe_dashboard API is introduced, which enables you to visualize the COE dashboard.

See Bot Insight API details.
PostgreSQL Server support Bot Insight now supports PostgreSQL Server Release 9.5.19.
Bot Insight APIs The following parameters are updated in the Bot Insight APIs:
  • Limit Parameter
  • To Date
  • BotName
  • DeptName
See Bot Insight API details.
Mobile App support Bot Insight now supports Mobile App. Log in to Bot Insight with the AAE_COE_Admin role to view:
  • Published COE dashboards
  • COE dashboards that are published during a specific time
See Enterprise 11 roles.
API to delete business data The /v1/botinsight/data/api/deletetasklogdata API is introduced, which enables you to delete all the data that is logged for a particular bot during a specific interval.

See Bot Insight API details.

Changed features

Control Room changed features
Feature Description
New permission to view all in-progress activity (Zendesk # 137069, 179060) To optimize the use of Bot Runner machines, a new permission is introduced in Roles that allows you to view all ongoing automations.

See Enterprise 11: Feature permissions for a role.
Activity > List API to view value of variables tagged for output Use the Control Room Bot Execution Orchestrator API > Activity > List API to view details of an automation, including the value of variables that are tagged as output after you run a bot that contains such variables.
Specific audit entry for failure to delete a user The audit log in the Audit page is enhanced to show the specific reason for not allowing a user to be deleted from the Users page.
API to get list of parent bots Introduced an API in the v1/Repository Management API that enables you to get the list of parent bots organized by the bot name. This is especially useful for Attended Bot Runners where you want to see the top-level bots that you can run.
Insert Work Item in bulk using a newer version of the Insert Work Item API (Service Cloud case # 00370443) A newer version (v2) of the Insert Work Item API is introduced, which enables you to add new Work Items in bulk to the queue.
Error when registering IQ Bot with wrong URL When you register IQ Bot with the Control Room, the system now shows an error if you have provided additional text apart from the actual URL. For example, if the URL for IQ Bot is http://example.com:3000, the system encounters an error if you provide http://example.com:3000sdfad.
Delete dependent files associated with the earlier version of the bot (Zendesk #136192, 140103, 176471) When Version control is enabled and the Production version is set, you can now delete the dependent files from the Control Room Repository manager, even if the dependencies are associated with the earlier version of the bot and not with the latest or production version.

See Deleting a Task Bot.
Updated timezone library The timezone library has been updated in Version 11.3.4, so when you upgrade to Control Room Version 11.3.4, you must manually update the schedules created in the Brazil (Sao Paulo) timezone as Brazil opted out of Daylight Saving Time in 2019.
Installing database permissions Minimum database permissions to create and update required databases changed from database owner (DBO) to datareader, datawriter, and ddladmin. For Oracle Database, required permissions are: GRANT CONNECT, RESOURCE, CREATE TABLE, CREATE VIEW
Required: If you are using the Microsoft SQL Server database, create the Control Room and Bot Insight databases before installing the Control Room.
Entering multiple IP addresses for a cluster Use the listed guidelines for entering IP addresses:
  • Enter the IP addresses in the exact same order on every node in the cluster. This order cannot be changed later.
  • Install the cluster nodes in the same order as the listed IP addresses.
  • If a new node is added, add it to the end of the list of IP addresses. For example: ipaddress1, ipaddress2, newipaddress3
Enterprise Client changed features
Feature Description
Relative path included in exported CSV file (Zendesk # 00328783) When you upload or download a Task Bot with dependent files to or from the Automation Anywhere Control Room repository, the relative path of the dependent files is also included in the CSV file when you use the Export to CSV option.
Identify disabled lines when a Task Bot is saved as a text file (Zendesk # 174179) When you save a Task Bot as a text file, the Disabled: True text is appended at the end of all the lines that are disabled in that Task Bot.
-- The PDFFileName system variable now returns the name of the PDF file with .pdf extension.
Retrieve emails with Korean language in the subject In the Enterprise Client, the $Email Subject$ variable supports Korean language. If your email subject contains Korean characters, the variable retrieves the email subject by using the $Email Subject$ system variable.
SMTP port range expanded to include ports 1 through 65535 The Enterprise Client supports ports in the range of 1 through 65535 for the SMTP server. You can now successfully run the Send Email command by configuring the SMTP port in this range.
Column title changed to Parameter Name/Value in Database command (Zendesk #173518) In the Database command, the column title is now changed to Parameter Name/Value to indicate that you can now use the parameter name or the parameter value for the Run Stored Procedure command. You can hover your mouse over the information icon to know more about using Add Parameter.
Support for Amazon Workspace cloud license and BYOL (Service Cloud case ID: 00410043) Enterprise Client is now certified and compliant to support Amazon Workspace cloud license and bring your own license (BYOL).

Operating system and platform compatibility in Enterprise 11

Bot Insight changed features
Feature Description
Scheduler service stops after successful Automation Anywhere Enterprise installation The Bot Insight scheduler service no longer runs in the background by default after a successful installation of Automation Anywhere Enterprise. If required, you can manually start the scheduler service.

Fixed features

Control Room fixed features
Zendesk ticket ID or Service Cloud case ID Description
00229459 If a role is added or removed from the Consumers of a locker, the role modification information (Last Modified and Modified By) is retained.
00378254 You can now convert the Work Item status from PUSHED to FAIL using the following API with the PUT method without any error:

http://{{hostname}}/v2/wlm/queues/{queue ID}/workitems/{workitem ID

00345051 If SVN is enabled in the Control Room, users can use the View Log option in the Enterprise Client to now view various log details for the selected task file.
63122, 135631 If the Bypass Legal Disclaimer option is enabled on the Bot Runner (Tools > Options > Login Settings in Enterprise Client), the Run Bot Runner session on Control Room (RDP-based deployment) is successful even if the Enterprise Client has legal disclaimers enabled.
Note: Ensure the Control Room and Enterprise Client are upgraded to Version 11.3.4 before deploying the bot with Run Bot Runner session on Control Room and Legal Disclaimers enabled.
00328783 You can now add manual dependencies using API without errors.
177418 You can now deploy Task Bots that contain Unicode characters such as superscript or subscript in their filenames using Run bot now and Schedule bot options from the Control Room.
00375000 Updates to the configuration in the Syslog section of the Control Room Settings are saved as expected.
00351171, 00353215, 00351519, 00371150 When you upgrade to the current version of the Control Room, the upgrade process does not fail if the Bot Store subfolder exists in the repository.
00375039 Importing and uploading a bot to the Control Room works as expected when version control is enabled and even if connection to the database is slow.
00374725 Fixed the Apache Ignite cursor leak issue that was causing the device to disconnect and logging off users every few minutes.
00404972 An error message is no longer displayed when the port number is part of the machines IP address on which you want to install the Control Room.
--

Database metric for the AUTOMATION_SCHEDULE table does not have an index created for "id" column.

Database metric for the JOBEXECUTIONS table does not have an index created for "device_id" or "deployment_id" columns.

This can cause a deadlock on both tables. To correct this, upgrade to Version 11.3.4.

Alternatively, create the indexes for the AUTOMATION_SCHEDULE and JOBEXECUTIONS tables. Use the sample SQL code:

CREATE NONCLUSTERED INDEX [IX_automation_schedule_id] ON [AUTOMATION_SCHEDULE]

( [id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, ONLINE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY];

CREATE NONCLUSTERED INDEX [IX_device_id_deployment_id] ON [JOBEXECUTIONS]

( [device_id] ASC, [deployment_id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, ONLINE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]

00358693 The Work Item assigned to a Bot Runner in a device pool now does not show an Active status. The status is automatically changed to Unsuccessful if the device does not respond. The Work Item can therefore be used by another Bot Runner after you change its state to Ready to Run.
234363 In the distributed environment, the source device of the Bot Runner session now properly shows the server host name in the Audit log.
00347840 If the Control Room server has multiple IP addresses, caching service clustering could have issues. This is now fixed. When the server has multiple IP addresses, one of the IPs is configured during installation as the static IP. This IP is used as the caching service local IP.
-- Control Room fails to install with a port busy error message. The actual error, the chkport.bat file was unable to execute, is fixed.
00362547 When an Attended bot is run on the Bot Runner machine and that bot is not uploaded on the Control Room, the task run data for that bot is not included in the history. As a result, exceptions are not displayed.
00344921 When you configure the Control Room in a clustered environment and use a port in the range of 1 through 65535, the configuration now works as expected.
205484 You can now import files and bots to an Control Room configured for version control using the Import Bots option even if the upload comments contain non-line feed characters. If the files are located in the QueueStore folder, ensure that you manually replace the line-feed characters with space in the database, and restart the Automation Anywhere Control Room service.
Enterprise Client fixed features
Zendesk ticket ID or Service Cloud case ID Description
-- Japanese characters in an automation are read correctly when you use the Get Node option of the XML command in a Task Bot with Data Source added as Text.
-- The Automation Anywhere Diagnostic Utility now shows the correct CPU usage instead of 0% (zero percent) when you run a diagnosis after you install the Enterprise Client.
213697 The Shutdown screen does not appear when the Close Window command is executed with a blank value. It now displays an error message when the blank value is passed in the Close Window command.
141976, 211932 The Terminal Emulator command now works as expected when a later version of Enterprise Client is uninstalled in a dual Enterprise Client setup and the Advanced Technology option is enabled.
74810, 91275 The system does not encounter an error when you open a Microsoft Excel file created by using the Create File command.
-- Blank spaces are trimmed at the beginning and end of the key in the dictionary key variable, which now returns the correct value.
201361, 217915 When you install the Enterprise Client, the installation process grants the appropriate permissions to access the ABBYY folder for the users of that device.
-- The system encounters an error when you append text on a read-only field using the Append Text or Set Text action from the Object Cloning command.
136672 When used within a Loop command, the Dataset Column variable now resets and does not return a value if an SQL query does not have any result.
-- The KEY_CLEAR option in the Terminal Emulator command clears the terminal screen for ANSI and VT terminal types when the Advanced Technology option is selected.
209762 GDI handle is now reduced. The handle kept increasing and resulted in an error due to a UI issue in the runtime window.
- In the Run Task command, when you manually update the file location path and use the Quick Map option, the variable mapping is updated by default as expected.
00368721 The Email Automation command now downloads an empty text file attached to an email.
192781, 200807, 226172 If a task that does not have an error handling block encounters an error when auto-login is enabled, the Control Room displays the correct status of the task on the In progress activity page.
178856, 00267151 When you save an XML file using the Save Session Data command of the XML command, an XML declaration is not added to the file if it is not available.
- When you run a script that contains invalid parameters such as an invalid path or filename using the Run Script command, the Automation Anywhere Player now shows an error. The Player also does not become nonresponsive when the Task Bot is paused or canceled, and you do not have to forcibly end the task from the Task Manager.
-- When you debug a bot, the values of a variable do not persist and are not shown in the variable watch table after the bot completes its execution.
-- Unicode characters such as Japanese text are now supported as Passphrase to encrypt and decrypt using the PGP command with AES256 encryption.
--

In the SOAP Web Service command, when a parameter is used in the $a($i,$j)$ format with the Dictionary or Array variables, the Test output now shows the correct output without any error.
-- When editing the SOAP Web Service command, if you select the same service from the Select a Service drop-down list on the Build SOAP Web Service URI screen, the old port values are not deleted and are now retained in the Port drop-down list.
00372525 If a Task Bot configured to use the Workload command with the Set work item result option encounters an error, it does not show the data for the previous Work Item, the bot execution stops, and the system shows an error.
00376702 Two threads in the caching service were using the same JDBC statement: one for reading the status of the Ignite cluster and the other for updating the status of the Ignite cluster. Two threads concurrently using the same statement object was sometimes resulting in null pointer exception in the Ignite segmentation processor. When this occurred, the segmentation processor logic stopped functioning. This issue is fixed by ensuring each thread uses its own JDBC statement.
00363307 Caching service was restarting due to a lost connection between the SQL database and the Control Room node. The lost connection might be due to network connectivity issues, routing issues, or SQL server availability. When the connection is lost, the segmentation processor logic marks the node as segmented. This triggers the Ignite service restart. This was fixed by trying to reconnect with the database. If the connection can be reestablished within approximately 7 seconds, the caching service does not restart. In short, this fix applies to short-term database connection losses.
00378981 Issue with workload manager not being able to distribute work item threads across multiple Bot Runners is fixed by a new algorithm for reestablishing bot Player connections.
In the Database command, using the Run Stored Procedure command now clears the parameter variables when an exception occurs.
111782, 160787, 200471, 203301, 211366, 221401 Bots now successfully run when deploying a task from the nested repository path of the Control Room.
Note: The best practices are:
  • Not to create many nested folders under the My Tasks folder.
  • Keep the subfolders and Task Bots names short to qualify the Windows API maximum path length limitation.

    See Maximum Path Length Limitation.
00349408 Now MetaBots using Oracle EBS work correctly when moved from Development environments to UAT environments.
Bot Insight fixed features
Zendesk ticket ID or Service Cloud case ID Description
190704 When you upgrade from Automation Anywhere Enterprise Version 11.3.1 to Version 11.3.1.2, or from Automation Anywhere Enterprise Version 11.3.1.1 to Version 11.3.1.2, the Automation Anywhere Enterprise installer checks the SQL Server database for dashboard metadata generation and displays the upgrade status message.
161610 The OSS security vulnerabilities have been fixed.
193590 The database server performance degradation due to temp files being generated because of Bot Insight queries has been resolved.
196850, 197952, 204660 Control Room installation does not fail if you enable the Enforce password policy in Microsoft SQL Server. You can now install, create, and publish tables in Bot Insight with Microsoft SQL Server.
233940, 00356199, 352844 When you upgrade from Automation Anywhere Enterprise Version 11.3.2.2 or later, to Version 11.3.4, the Automation Anywhere Bot Insight EDCservice now resumes successfully after the upgrade. The Control Room dashboard is populated and displays the latest information.

Security fixes

Control Room security fixes
201841 Fixed an issue with Credential Vault that improves the initial values used for encryption.
160764 Added the View user basic permission that restricts a user from viewing basic information about other users. The new permission uses the non-published API /v1/usermanagement/users/* that now requires an explicit permission to view basic information about other users.

See Enterprise 11: Feature permissions for a role.

Deprecated features

Enterprise Client deprecated features
Zendesk ticket ID or Service Cloud case ID Description
Support removed for Enterprise Client version 6.0 Manage Window Controls command legacy player The Automation.MWCPlayEngine.dll and Interop.AAMWCPlayEngine.dll have been deprecated. This impacts Task Bots using the Manage Window Controls command and created with an Enterprise Client version earlier than 7.0. For Enterprise Client Version 11.3.4 or later, perform these steps to continue using the Task Bots.
  1. Open the Task Bot.
  2. Edit the Manage Windows Controls command in the Task Bot.
  3. Recapture the control.
  4. Save the Task Bot.

Known limitations

Control Room known limitations
  • If Two Factor Authentication (2FA) is enabled in the Control Room and a user has multiple tokens, the number of tokens is not displayed under the 2FA TOKEN COUNT column of the Users page.
  • The system might encounter an error when taking a backup of more than one million records for the Elasticsearch audit log.
  • Sometimes the Work Items are processed after a delay (of up to 15 minutes) in the following scenarios:
    • When you restart the Automation Anywhere Control Room Services.
    • When you pause and resume the queue automation.
  • When IQ Bot and Control Room are installed either on the same machine or different machines, after the Control Room services restart, the IQ Bot authentication might fail. To resolve the issue, you must restart the Automation Anywhere Control Room Reverse Proxy service.
  • You cannot install a bot directly in the Control Room if the bot was created in a version earlier than Enterprise Client Version 11.3.3 and was downloaded from the Bot Store. To install the bot, download and install the MSI file on the Bot Creator machine and then upload it to the Control Room.
  • When the frequency of the bot is set from Control Room > My bot > Schedule bot, the First, Second, Third, Fourth, and Last options are omitted from Japanese translation.

Enterprise Client known limitations

  • The Go Green message is not added at the end of an email when you are using a Microsoft Exchange Server version earlier than Exchange Server 2010.
  • When you use the Object Cloning command to capture objects from Google Chrome using UI Automation technology:
    • You cannot capture the scroll action in a list.
    • You cannot use the Select Item By Text action to select an item from a list.

Bot Insight known limitations

  • You cannot upgrade Bot Insight metadata from the PostgreSQL Server to Microsoft SQL Server using the Microsoft SQL SSL certificate.
  • You cannot migrate from PostgreSQL Server to Microsoft SQL Server with limited dbo (database owner) permissions.
    You must have the Db_owner permission for the following databases to successfully migrate from PostgreSQL Server to Microsoft SQL Server:
    • BIVisualization
    • BIVisualization-keyset
    • BIVisualization-upload
    • BIVisualization-scheduler
  • Keysets cannot be created in Bot Insight that was installed with Control Room versions prior to Version 11.3.4. When you create a keyset, the SQL account frequently gets locked and the keyset database does not connect to the SQL Server. This feature is not available from Version 11.3.4 or later and is not functional with earlier versions of the Control Room.