Installing Control Room on Microsoft Windows Server using scripts

Silent Control Room installation, also known as unattended installation, uses a customized script for a full setup or an update setup. Silent installation runs the entire installation process in the background, without requiring user interaction or displaying messages.

Prerequisites

To perform the task, you must have a Control Room administrator account with the required rights and permissions.

Disable the User Access Control (UAC) on host VM for Control Room.
Verify Automation 360 On-Premises prerequisites.
Ensure that you have the following:
- Automation Anywhere Control Room installation file
- TLS certificate
- License file

Create a Powershell script.
See the installation parameters and sample scripts.
Run the script in Powershell.

Note: For instructions on performing silent install and configuration of Automation 360 separately, see .Silent installation and configuration of Automation 360 using scripts (A-People login required.

Procedure

Review the parameters and identify the settings you require.

Control Room installation parameters


Variable name	Description
AA_CRCLUSTERCONFIG	if AA_SETCLUSTERMODE=1 then cluster IP comma separated
AA_CRDBPORT	Control Room database port. Default value is 1433
AA_CRDBSSLMODE	Secure SQL connection
AA_CRFORCEHTTPSCONFIG=" "	--
AA_CRFORCETOHTTPS="1"	Force traffic from HTTP to HTTPS
AA_CRHTTPPORT	Control Room HTTP port. Default is 5432
AA_CRHTTPSPORT	Control Room HTTPS port
AA_CRLISTENPORT	Web server port. Default value is 80
AA_CRSERVICECONFIRMPASSWD	If AA_CRSETLOCALSERVICECRED= 0, then confirm password
AA_CRSERVICEPASSWD	If AA_CRSETLOCALSERVICECRED= 0, then confirm password
AA_CRSERVICEUSERNAME	if AA_CRSETLOCALSERVICECRED= 0, then add domain\user name
AA_CRSETLOCALSERVICECRED	1 if service logon as System 0 if service logon as specific user
AA_CRWCCERTPASSWD	Certificate password
AA_CRSELFSIGNCERT	1 for self-signed certificate
AA_CRWCCERTPATH	Certificate path
AA_SDSFEATURE	true=Cloud deployment type false=On-Premises deployment type
AA_SETCLUSTERMODE	For cluster set 1, otherwise 0
AA_SETUPTYPE	Setup type Custom or Express
INSTALLDIR	Installation Directory
IS_SQLSERVER_AUTHENTICATION	0 for Windows authentication 1 for SQL authentication 2 for Azure AD authentication
IS_SQLSERVER_DATABASE	SQL database name
IS_SQLSERVER_SERVER	SQL server name (host name)

Elasticsearch related parameters


Parameter	Description
AA_ELASTICSEARCH_BACKUP	Used only if installing on the first node of a backup server. Enter 1 if yes. Note: The AA_ELASTICSEARCH_BACKUP parameter is used when you install an Control Room as backup server for audit.
AA_ELASTICSEARCHSYSIP	Valid IP address
AA_ESPASSWD	Password for Elasticsearch Note: An additional parameter for confirming the password is not available. The password must have a minimum of 6 characters.

Key-vault related parameters


Parameter	Description
AA_KEYVAULTTYPE	Enter any of the following: NONE if you do not want to define a key vault AWSS for AWS Secrets Manager CARK for CyberArk
IS_SQLSERVER_AUTHENTICATION	Enter any of the following: 0 if SQL server authentication is not set 1 if SQL server authentication is set
IS_SQLSERVER_EKVAUTHENTICATION	Use this if the SQL server authentication is configured for an external key vault. Enter any of the following: 0 if SQL server authentication does not use an external key vault 1 if SQL server authentication for a key vault is configured for CyberArk 2 if SQL server authentication for a key vault is configured for AWS Secrets Manager
AA_CRSERVICECREDTYPE	Enter any of the following: LOCAL if the Control Room database uses local authentication. SERVICE if the Control Room database uses custom authentication. SERVICEEKV if the Control Room database uses external key vault for authentication.
AWS Secrets Manager key vault parameters
AA_AWSSREGION	AWS region
AA_DBAUTHAWSSECRET	AWS sqllogin secret
AA_CRSERVAWSSECRET	AWS service secret
CyberArk key vault parameters
AA_CARKAPPID	CyberArk app ID
AA_CARKCERTIFICATE	Full certificate filename with path
AA_CARKOPTIONALCERT	Optional certificate filename with path
AA_CARKCERTPASSPHRASE	Certificate passphrase
AA_CARKVAULTURL	CyberArk URL
AA_DBAUTHCARKOBJECTNAME	CyberArk sqllogin object name
AA_DBAUTHCARKSAFENAME	CyberArk sqllogin safe name
AA_CRSERVCARKOBJECTNAME	CyberArk service credential
AA_CRSERVCARKSAFENAME	CyberArk service locker

IPv6-related parameters


Parameter	Description
AA_IPV6ENABLED	Enter 1 to enable IPv6 addresses To disable IPv6 addresses, do not enter the parameter.

Optional: Edit the sample script to use a Microsoft SQL Server database.

Use the script to install the Control Room with the configuration options available in the installer.

Correct values for variables such as $service_username, $service_pwd, $db_server, $cr_port.
Run the script with Credentials in Service logon, and a non-secure connection using Microsoft SQL Server authentication with a new database.

Sample script:

$cr_port=80

$service_username= "domain\username" #e.g."aaspl-brd\ellie.brown"
$service_pwd="password"

#$certpath = "C:\SilentInstall\test256.pfx"
#$certpass = "changeit"

$db_server="localhost"
$cr_db_name="CRDB-NEW-SI-3"
$db_user="sa"
$db_pwd="Admin@123"

$elastic_password="Test@123"

$installation_path="C:\Program Files\Automation Anywhere"

#Install latest setup
$static_installation_path="\Enterprise\"""""
$silent_details=" /s ","v""" -join "/"
$installpath_details=" /qn INSTALLDIR=\"""

$deployment_details=" /AA_SDSFEATURE=true"

$custom_details=" /vAA_SETUPTYPE=Custom 
                  /vAA_CUSTOMMODETYPE=1"

$port_cluster_details=" /vAA_SETCLUSTERMODE=0 
                        /vAA_CRLISTENPORT=$cr_port"

#$service_details=" /vAA_CRSETLOCALSERVICECRED=0 
                    /vAA_CRSERVICEUSERNAME=$service_username 
                    /vAA_CRSERVICEPASSWD=$service_pwd 
                    /vAA_CRSERVICECONFIRMPASSWD=$service_pwd"

$service_details=" /vAA_CRSETLOCALSERVICECRED=1"

#$db_details=" /vAA_BIMETADATADBTYPE=AA_BIMETADATADBTYPE 
               /vIS_SQLSERVER_SERVER=$db_server 
               /vIS_SQLSERVER_DATABASE=$cr_db_name 
               /vIS_SQLSERVER_DATABASE1=$bi_db_name"

$db_details=" /vIS_SQLSERVER_SERVER=$db_server 
              /vIS_SQLSERVER_USERNAME=$db_user 
              /vIS_SQLSERVER_PASSWORD=$db_pwd 
              /vIS_SQLSERVER_DATABASE=$cr_db_name 
              /vIS_SQLSERVER_AUTHENTICATION=1"

$other=" /vAA_ESPASSWD=$elastic_password 
         /vAA_CRWCHTTPPORT=80 
         /vAA_CRWCHTTPSPORT=443 
         /vAA_CRSELFSIGNCERT=1 
         /vAA_OPTIONALCACERT=0 
         /vAA_CRWCCERTPATH=$certpath 
         /vAA_CRWCCERTPASSWD=$certpass 
         /vLAUNCHPROGRAM=1 
         /v""
         /LIweamoruc! log.txt"""

$final_commandline = -join($silent_details,
	$installpath_details,$installation_path,
	$static_installation_path,$custom_details,
	$port_cluster_details,$service_details,
	$db_details,$pg_details,$other)

Write-Host $final_commandline
$a=Get-ChildItem $PSScriptRoot\* -Include *.exe
#$a = "C:\Silent\AutomationAnywhereEnterprise_A2019_<build>.exe"

Write-Host $a
Write-Host "Starting the installation wait for sometime..."

$processdetail=(Start-Process -FilePath 
	$a -ArgumentList $final_commandline 
	 -Wait -PassThru).ExitCode

Write-Host $a.Name execution is done. 
If installation is not proper check msi logs in the temp folder.
pause

Note: When using Windows authentication for connecting to Microsoft SQL Server database, ensure that the following settings are configured:

The IS_SQLSERVER_AUTHENTICATION installation parameter should be set to 0
The user assigned to the $service_username parameter should be an active user in Microsoft SQL Server with permissions set as: db_datareader, db_datawriter, and db_ddladmin
The $db_user and $db_pwd parameter values should be disabled or commented out

Save the script you edit to the server for installation.
On the installation server, log on as an administrator, open Powershell in admin mode, and execute the following: Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
Start Powershell in admin mode and execute: .\install.ps1

Note: The silent installation logs are stored in the folder from which the installation script is executed. For example, if you run the script from C:\Silent Install, the logs are stored in C:\Silent Install folder.

Next steps

Complete the Control Room configuration and validation.

After installing the Control Room, complete the configuration settings to ensure timely Automation Anywhere communications are specified and confirm Automation Anywhere services are running.
After completing the post-installation tasks, validate the setup by logging in to the Control Room and installing a license. First time access to the Control Room walks you through the configuration for your authentication method.
As a Cloud user with administrator permissions, you can create, view, edit, delete, and enable or disable a user. Creating users steps vary depending on whether the user is a non-Active Directory, Active Directory, or single sign-on (SSO) user from an IdP server.