Install and apply the customized configuration required for the Control Room cluster on Microsoft Azure.

1. Enable Cluster Setup.
   If the machine on which the installation is being run has local IP addresses configured, this check box is selected by default.
   To install the Control Room without a cluster, clear the Enable Cluster Setup check box.
2. Enter the Cluster IP addresses of the nodes for the cluster.
   • List the IP addresses in the cluster.
   • Use a comma (,) to specify more than one IP address. For example, to specify three IP addresses in the cluster, enter: 192.0.2.0,192.0.2.1,192.0.2.3.

     Install the Control Room on nodes in the order listed. Ensure that the IP addresses are entered in the same order in each of the nodes. This order cannot be changed later. Installation fails if you do not enter the IP addresses in the same order.

   • Install the Control Room on the cluster nodes in the same order as the listed IP addresses.

     Ensure that the same version of the Control Room is installed on all the cluster nodes.

   • If a new node is added, add it to the end of the list of IP addresses. For example: ipaddress1, ipaddress2, newipaddress3
   • If you Enable Cluster Setup and do not enter an IP address, an error message is displayed.
   • If you supply invalid numbers or characters, an error message is displayed.

   Important: After configuration, you cannot remove nodes from the list of IP addresses.
3. Click Next to configure the application Transport Layer Security (TLS).
4. The TLS Configuration screen displays where you can either:
   • Generate a Self-Signed Certificate

     When the Self-Signed Certificate option is enabled, the installer generates a unique private key and a self-signed certificate for the Control Room.

   • Import a Certificate

     To import a custom certificate, disable the Self Signed Certificate check box and use the Certificate Path field to import a certificate.

     Note: The certificate file must be in the PKCS12 format.
     Provide the following information:

     • Certificate Path: Click the Browse button to import the certificate.

     • Private Key Password: Type the password for the private key.

       Important: Password Limitation: Do not use "@" in passwords. Using the special character "@" in the password causes the certificate file import to fail.
     • Webserver Port: Type the Webserver port – either HTTP or HTTPS. If the port is already assigned, an error message displays.
       Important: The port validation message is also displayed when you add 8080 for Webserver and if that is already in use for Control Room license service. Use a different unassigned port in above cases.
     • Enable Force HTTP traffic to HTTPS: To redirect all HTTP port requests to HTTPS. To access the Control Room via HTTPS using the generated self-signed certificate. Ensure the port number is different for both.
5. Click Next to configure the service credentials.
6. The Service Credentials screen displays where you can choose from the listed options.

   The Windows Service credentials include a user name and password. The user specified needs to:

   • Be a member of the local system administrator group.
   • Have permission to manage services, including Automation Anywhere services.
   • To avoid any failure of Control Room services, ensure that windows service account is always included in the Administrator group.
   • For Microsoft Azure installations, the service account user needs to have read/write access to the remote Microsoft Azure repository share path.

   The these service credentials are used to create database tables and allow the Control Room processes to access the database and repository.

   • Local System Account—(default) The logged on user performing the installation.
   • Domain Account—Specify a user that is not the local system account user.
     1. Clear the Local System Account check box.
     2. Enter the user name and password for the domain account.
        Attention: Your service authentication password cannot include a space, semicolon (;), percent (%), or backslash (\). Also, the first character cannot be a minus sign (-) or forward slash (/), and you must include at least one alphabetical character. Change your password before the Control Room installation.

     Reasons and requirements for using a domain account user include:

     • Do not use the Windows domain credentials.

       Enter credentials valid for running Automation Anywhere services, or the Control Room fails to launch.

     • PowerShell script restrictions.

       Specify a user with permissions to launch PowerShell scripts, that is not a Windows domain user, or database table creation can fail.

     • Remote PostgreSQL Server for creating the database.

       Specify a domain user account. Do not use the local system account user when you are using a remote database server for creating the database.

       Database and Services Matrix.

7. Click Next to configure database type and server.
8. Set connection, authentication, and databases.
   • SQL Server

     This page appears if you select SQL Server for configuring your database.

     Note:

     • If possible, do not set the value for Database Server as localhost, or the Secure Connection to the database does not work.
     • Do not use Windows authentication if the Control Room and the SQL server are on separate accounts.
     • For Azure installations, the database names for Control Room and Bot Insight must be the same, or installation fails.
     • Click the Browse button to select the SQL server instance where the Control Room database will be created. Alternately, type a database server name or select one from the list.

     Provide the following details:

     Database Port

     Use the default port (1433) or specify a custom value.

     Use Secure Connection

     Select Use Secure Connection to use CA certificate as specified.

     Note: Use the same host name for certificate and database connections.

     Certificate

     This option is enabled when you select secure connection. Browse to select a CA certificate. See Enterprise 11: Import HTTPS and CA certificates for details on how to import this certificate using the command line.

     Windows authentication

     This option is selected by default. This allows for connecting to the SQL Server using Windows authentication.

     Note: If user selects Windows Authentication, then the user running the installer is used to test that the database exists, and create it if necessary, and grant db_owner to the service account user (NT Authority/System). See matrix for creating database, tables, and services in Enterprise 11: Working with SQL Servers.

     Attention: Your Windows authentication password cannot include a space, semicolon (;), percent (%), or backslash (\). Also, the first character cannot be a minus sign (-) or forward slash (/), and you must include at least one alphabetical character. Change your password before the Control Room installation.

     SQL Server authentication

     Select this option to use SQL server Authentication to connect to the database. Provide correct username and password for SQL Authentication.

     Attention: Your SQL Server authentication password cannot include a space, semicolon (;), percent (%), or backslash (\). Also, the first character cannot be a minus sign (-) or forward slash (/), and you must include at least one alphabetical character. Change your password before the Control Room installation.

     Name of Control Room database

     Enter the name for the Control Room database.

     Name of Bot Insight database

     Enter the name for the Bot Insight database. This database is used to store the Bot Insight data.

     Note: The database names cannot be blank, have spaces, or include % (percent character). It is recommended to restrict the names to alphanumeric, period (.), dash (-), and underscore (_).

     If the database (Control Room and or Bot Insight) does not exist, the installer will create one automatically.

     Note: This will not be applicable for Version 11.3.4.

   • Oracle Server

     This page appears if you select Oracle Server for configuring your database.

     Provide the following details:

     Database Server

     Provide the server host name details. The users should have been created in the Oracle database by the system admin before running the installation. See how to create users in Oracle.

     Database Port

     Connect using the default database port (1521) or with a custom port as defined by the system admin.

     Database Instance Name

     Control Room database instance name that was created initially by the system admin.

     Control Room cluster Database Username

     Control Room database username that was created initially by the system admin.

     Control Room cluster Password

     Password of the Control Room database user.

     Attention: Your Oracle Server authentication password cannot include a space, semicolon (;), percent (%), or backslash (\). Also, the first character cannot be a minus sign (-) or forward slash (/), and you must include at least one alphabetical character. Change your password before the Control Room installation.

     SID or Service Name

     Enter either the Oracle Service Identifier (SID) value or the Oracle service name. The specified value is used to identify the Oracle Server to the Automation Anywhere Enterprise cluster.

     Bot Insight Database Username

     Bot Insight database username that was created initially by the system admin.

     Bot Insight Password

     Password of the Bot Insight database user.

     Attention: Your Oracle Server authentication password cannot include a space, semicolon (;), percent (%), or backslash (\). Also, the first character cannot be a minus sign (-) or forward slash (/), and you must include at least one alphabetical character. Change your password before the Control Room installation.

     Use Secure Connection

     Select Use Secure Connection to use CA certificate as specified.

     Note: Use the same host name for certificate and database connections.

     Certificate

     This option is enabled when you select secure connection. Browse to select a CA certificate. See Enterprise 11: Import HTTPS and CA certificates for details on how to import this certificate using the command line.

9. Click Next to configure the Bot Insight database.
10. Select either PostgreSQL Server or Microsoft SQL Server database to store metadata for Bot Insight.
    Note: Microsoft SQL Server option is not available with Oracle database.
    • PostgreSQL Server
      Select PostgreSQL Server to establish a Bot Insight metadata database. This is in addition to the Control Room database.

      1. Click Next to configure PostgreSQL Server host name, port, database, username, and password details.
      2. On the Bot Insight PostgreSQL Configurations page, select the check box to install PostgreSQL Server. Clear this option if the PostgreSQL Server is already installed and supply the following:

         Hostname

         Enter the host name for the PostgreSQL Server. The default name is localhost.

         Port

         Enter the port number for the PostgreSQL Server. The default Port number is 5432.

         Database

         Enter the database name that will be used for Bot Insight. By default, the database name is zoomdata.

         Use Secure Connection

         Select this option if your PostgreSQL Server database uses a secure connection.

         Username

         Enter the user name for the PostgreSQL Server database. The default username is postgres.

         Password

         Enter the password for the PostgreSQL Server database.

         Attention: Your PostgreSQL Server authentication password must not be blank and it must include only the following special characters; underscore (_), at sign (@), dollar sign ($), and hash tag (#). Other special characters are not supported. Change your password before the Control Room installation.

         Confirm Password

         This is only visible when the Install PostgreSQL option is selected.

      Note: If PostgreSQL Server option is selected, the Host name and Use Secure Connection fields are disabled and set to default values.
    • Microsoft SQL Server

      When you select this option, four databases are created for Bot Insight. You can opt to change the database name. The four databases are:

      BIVisualization

      The default database for storing Bot Insight metadata.

      BIVisualization-keyset, BIVisualization-scheduler, BIVisualization-upload

      For storing dashboard configuration information

11. Click Next.
    The Ready to Install the Program screen appears.
12. Click Install and allow the installation process to complete.

    A services utility panel lists the Automation Anywhere Windows Services that are installed. If the service fails to start, a red X is displayed.

    The InstallShield Wizard Completed screen appears.
13. Click Finish.
    Launch Automation Anywhere is enabled by default.
    The Control Room launches in your default browser with the Configure Control Room settings page displayed.
    Enable Show installer settings to open the aae-installsummary.html file. By default, this is located at C:\Program Files\Automation Anywhere\Enterprise\. Use this file to view a summary of the installation.