Credential requirements

Login credentials are required at different stages of Automation 360 deployment and use. Credentials are required for installation and data center servers, access to Automation 360 components, and to run tools in bots.

Access point Task Type
Data center servers Install Control Room.

User on the hosting server:

  • Windows - system administrator
  • Linux - superuser sudo, root
Data center servers Manage (run, stop, restart) Control Room. Administrator and Logon as Service permission for Windows services and the Domain or the VM technical user account.
Bot Agent devices Install, setup, or update Bot Agent. Administrator permission on the device.
Bot Agent devices Start or stop Bot Agent service.

Administrator permission on the device.

Write permission on Bot Agent device system paths:

C:\ProgramData

C:\Windows\System32\config\systemprofile

C:\Users\<loggedInUser>\AppData\Local\AutomationAnywhere

Local devices Register device.

Windows login to open a browser and login into the Control Room and register the local device.

Administrator permission not required.

Local devices

Download bots to local device.

Run new bots or existing (downloaded) bots.

Windows login.

Administrator permission not required.

Automation 360 login Perform specific tasks, such as create a bot or run a bot. License and role based permissions.

Bot Creator and Bot Runner users do not require administrator privileges.

Bot task Used by bots to perform bot tasks.

Credential Vault stores securely created credentials.

Read permission on bot machine system path:

C:\Windows\System32\config\systemprofile

\AppData\Local\AutomationAnywhere

Automation Anywhere Service Run all Windows services created by Automation 360. Local system account user or Domain user account

The Interactive logon rights should be enabled for the service account.

Remote Desktop Protocol (RDP) to a Windows machine Run bots on Bot Creators and unattended Bot Runners if RDP connection exists for the deployed user.

Administrator permission is not required.

RDP access for the bot is not required.

View the Control Room Activity page.

Remote Desktop Protocol (RDP) to a server OS or a hosted VM Run bots on Bot Creators and unattended Bot Runners if RDP connection exists for the deployed user.

Administrator permission required.

RDP access for the bot is required.

For confirmation, view the Control Room Activity page.

Data center server credentials
Data center server credentials for Automation Anywhere hosting servers and integrated product servers are required to deploy Automation 360.

To install and deploy Automation 360 requires that users log in to the hosting servers. These users must have permissions to install and run Automation 360 components on the servers. Permissions levels need to be assigned to the user on selected data center applications and servers.

Automation 360 login
Log in toAutomation 360 requires a username and password. These credentials are linked to the machine you use to access the Automation 360 components. Your credentials are assigned roles that give you permission to perform specific tasks, such as create a bot or run a bot.
Bot task
As an automation expert, Credential Vault provisions you to securely create and store your credentials. This ensures that your credentials can be used in bots without compromising security with safe deployment of tasks. Any authorized user can create credentials.
Windows services
The Windows service credentials include a user name and password. The user specified needs to be:
  • A member of the local system administrator group.
  • Have permission to manage services, including Automation Anywhere services.
  • If you use Windows authentication to connect to the SQL database, ensure you grant the db_owner permission to the service credential user.

The service credentials are used to create database tables and allow the Control Room processes to access the database and repository.

The service credential choices are:

User role Bot program folder Bot data folder Log folders or files User type
Install user
  • Read
  • Write
  • Delete
  • Read
  • Write
  • Delete
  • Read
  • Write
  • Delete
  • Admin
  • Non-Admin
Service run user
  • Local system account
  • Domain user account
Bot deployment user
  • Local system account
  • Domain user account

The following are the different user types:

Admin
A user who has administrator privileges.
Non-Admin
A user who does not have administrator privileges.
Local system account
The logged-on user performing the installation (default).
Domain user account
A user that is not the local system account user.
Reasons and requirements for using a domain account user include:
  • Use the Windows domain credentials

    Enter credentials valid for running Automation Anywhere services.

  • PowerShell script restrictions

    Specify a user with permissions to launch PowerShell scripts, who is not a Windows domain user, or database table creation can fail.

Install Bot Agent and register device