Automation Engine

License Key Checks

The requirement for a License Key based on customer contracted entitlement has been removed from the products. This was for various reasons:

• Multiple Customer requests
• Customer survey feedback
• Removal of a License Generation process which does not add any meaningful value for the customer or Broadcom
• Removal of any risk of a customer outage due to a missing/expired license key

Telemetry

The Telemetry capability enables information about product usage to be sent to CA Technologies, a Broadcom Company (CA).

Telemetry does not collect Personal Identifiable Information (PII) that could identify components (Servers, Network addresses).

The information is restricted to the following:

• Automic Workload Automation and Automic Automation

  • Number of Automation Engine / HA instances

  • Number of technology nodes, application nodes, mainframe/midrange nodes

• Task based Automic Workload Automation

  • Number of successfully executed tasks

• Automic Service Orchestration

  • Number of Automation Engine / HA instances

  • Number of Orchestration Targets

  For more information, see Telemetry.

Automation Engine INI File Changes: New Port Definition for Server Processes

The port definition for work processes (PWP, WP), Java work processes (JWP), communication processes (CP), and Java communication process (JCP) has changed:

• PWP: The PWP is the only WP that must have a port assigned. You do so in the pwpPort= parameter in the [TCP/IP] section of the INI file of the AE.

• WPs: WPs connect to the PWP and to the CPs. Therefore, you do not have to assign ports for WPs in INI file of the AE.

• CPs: The ports assigned to CPs are defined in the CP.PORTS= parameter in the [PORTS] section of the INI file of the AE.

  If CP.PORTS are defined, these values are used. If not, the previous port definition is used.

• JWP: The JWP is contacted by other WPs to carry out sync calls. JWPs can connect to any available port but you can define specific ports in the JWP.SYNC.PORTS= parameter in the [PORTS] section of the INI file of the AE.

  If JWP.SYNC.PORTS are defined, these values are used. If they are not defined but the previous WP*=Port pairs are defined, the JWP consumes these ports. If none of these are defined, the JWP binds to any port available.

• JCP: The ports assigned to the JCP are defined in the JCP.PORTS= parameter in the [PORTS] section of the INI file of the AE.

  If JCP.PORTS are defined, these values are used. If they are not defined but the previous CP*=Port pairs are defined, the JCP consumes these ports in reverse order. f none of these are defined, the JCP binds to any port available.

Important! Pay attention when performing a ZDU to this version, specially when old processes (12.2) are started after new ones (12.3) have been introduced into the system.

For more information, see:

• Types of Server Processes
• Automation Engine INI file

Security Enhancements

The following security enhancements have been implemented in this version:

ServiceManager

• ServiceManager Dialog Program: Access Levels and Password Security 

  As of this release, the ServiceManager Dialog Program has three different access levels of authorizations: 1. Read, 2. Read and Execute, and 3. Read, Execute, and Administrate. You need the third access level to change passwords. For security reasons, the passwords are not encrypted but stored as hashes in the INI file of the ServiceManager.

  For more information, see

  • ServiceManager - Dialog Program
  • Service Manager Service INI file

• ServiceManager Client Certification

  In addition to password authentication, if the Client Certification is enabled in the ServiceManager, the ServiceManager Dialog and Command Line programs require a certificate for authentication. For more information, see CAPKI - Securing the ServiceManager.

• UNIX ServiceManager: Separation of Privileges

  The UNIX ServiceManager now has two processes running. One process with a listener port, which must run with a non-privileged user (nobody) and that communicates via IPC with the parent process, which executes the commands that are requested by the clients.

Single Sign-On (SSO): Security Assertion Markup Language 2.0 (SAML 2.0)

As of this release, the Automation Engine also supports the Security Assertion Markup Language 2.0 (SAML 2.0) protocol for single sign-on.

Each department defined in the Automation Engine can be assigned to a SAML Identity Provider. Once this has been done, the login type Automation Engine is not accepted anymore. For more information, see Setting up Single Sign-On - SAML.

External Password Vaults

• New Solution Supported: CA PAM

  The Automation Engine now supports the CA PAM external password vault solution to store passwords and agent credentials defined in the Login objects.

• UC_EX_CYBERARK Variable Renamed

  The name of the UC_EX_CYBERARK variable introduced in the last release with the CyberArk solution has been renamed to UC_VAULT_CYBERARK. It is recommended to use the new name. However, if you are using the variable with the previous name and do not want to change it, you can leave the setup as is. The system is able to work with the previous name too.

For more information, see Password Vaults.

Next Generation Forecast

The existing forecasting functionality has been enhanced and uses a new, more flexible calculation model. As a result, the performance of the forecast calculation has increased, see Forecasting.

Extension of the Automation Engine REST API

The AE REST API has been enhanced to cover also the forecasting functionality. The capabilities that have been added in this release allow you to get forecast items and item details, rename and delete forecast items as well as trigger forecast and autoforecast calculations.

For more information, see:

• REST API Reference
• AE REST API - Forecasting

Centralized Agent Upgrade (CAU) available for Java-based agents

The agents for SAP, SQL, PeopleSoft, Intelligent Automation (IA), and Rapid Automation (RA solutions) can now be upgraded using CAU. The CAU behavior is the same as with UNIX and Windows agents. CAU packages are available through the Package Manager. For more information, see Centralized Agent Upgrade.

JSON Support

• New JSON functions in AE Script

  You can query and transform JSON documents in AE Script to prepare JSON payloads for REST requests and process JSON responses from REST requests in more complex ways, such as conditional execution of script parts.

  The script functions include:

  • JSON_GET_VALUE
  • JSON_SET_VALUE
  • JSON_TO_PROCESS
  • JSON_ADD_ITEM
  • JSON_REMOVE_ITEM
  • JSON_COUNT_MATCHES
  • JSON_GET_TYPE

  For more information, see JSON Processing.

• Improved JSON string handling in AE

  • Inbound JSON data size increase
  • Improved string escaping

Support for AdoptOpenJDK 11

AdoptOpenJDK 11 is now supported for all Automic Automation core components. You can download it from https://adoptopenjdk.net/. The compatibility of previously released versions does not change. For more information, see Automic Compatibility Matrix.

Important! The Analytics Rule Engine (Apache Flink) is not compatible with Java 11 yet. You must use Java 8 to run this component.