Automation Anywhere ドキュメントを読んで確認する

Automation Anywhere Automation 360

コンテンツを閉じる

コンテンツ

コンテンツを開く

Migrate RBAC to Automation 360 IQ Bot On-Premises

  • 更新済み: 7/22/2020
    • Automation 360 v.x
    • 移行
    • IQ Bot

Migrate RBAC to Automation 360 IQ Bot On-Premises

Migrate RBAC from an earlier IQ Bot version (11.3.5.x or later) to Automation 360 IQ Bot On-Premises for the latest features and enhancements.

手順

  1. Create new custom roles (department roles) corresponding to each department or organizational unit in Control Room.

    Consider a scenario where you have setup the RBAC across various departments in your organization with HR_Dept, Finance_Dept and Sales_Dept as the department roles. For sub-divisions within these departments, the roles can be Finance_AP_Payments, Finance_Cash_Payments, and so on.

  2. Ensure you give the following permissions for each department role that you create:
    • View IQ Bot
    • View learning Instances
    • View learning instances for same role in Control Room
  3. Add the respective department roles to all of the IQ Bot users in Control Room.

    For example, Sam from the Human Resource department is assigned the HR_Dept role and Susan from the Finance department is assigned the Finance_Dept role.

  4. Associate users who create learning instances with the corresponding roles.

    Users creating learning instances for a department can only be associated with IQ Bot roles. For example, these users cannot be associated with roles such as AA Basic, AA Bot Developer, and so on.

    Additionally, only the IQ Bot custom role with Create learning instance permission must be assigned along with the corresponding department role.

  5. Backup the LearningInstanceRoles table in the Automation 360 IQ Bot database.

    The database schema name is IQBot.

  6. Use the following database query to get the list of learning instances and the roles from the migrated Automation 360 IQ Bot database:
    SELECT p.name as LearningInstance, 
    r.projectid as LearningInstanceID, 
    r.role as Role FROM [IQBot].[dbo].LearningInstanceRoles r inner join [IQBot].[dbo].ProjectDetail p on r.projectid=p.id;
  7. Download the output query of the database to a local CSV file.

    For example, learninginstanceroles.csv

  8. Remove all the role entries against the learning instances in the local CSV file.

    For example, learninginstanceroles.csv. After removing the role entries, duplicate rows for each learning instance must be removed to keep just 1 row per learning instance in the CSV file.

    注: If there are learning instances which are not RBAC controlled, then role entries must not be changed
  9. Assign the department role (Step 3) to each of the learning instance in the local CSV file and save your changes.
  10. Remove all the entries from the LearningInstanceRoles table in IQBot database scheme.

    You can use the following SQL command to remove the entries:

    DELETE from [IQBot].[dbo].LearningInstanceRoles;

  11. Insert the modified learning instance role association defined in local CSV file (Step 8) into the LearningInstanceRoles table.
    For example, use the following SQL statement:
    INSERT INTO [IQBot].[dbo].LearningInstanceRoles 
    (projectid, role) values
     (‘i13454546erty’, ‘HR_Dept’);
  12. Verify the RBAC setup in Automation 360 IQ Bot and ensure that only the correct users have the access to the learning instances.
フィードバックを送る