Login (LOGIN)

{"URL":["/*.*/awa/pa_view_LOGIN"],"heroDescriptionIdentifier":"ice_login_intro","customCards":[{"id":"ice_login_platform_specific_features","title":"Platform-Specific Features","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/*.*/Automic%20Automation%20Guides/Content/AWA/Objects/obj_login.htm","languages":["en-us"]},{"id":"ice_defining_login_objects","title":"Defining Login Objects","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/*.*/Automic%20Automation%20Guides/Content/AWA/Objects/obj_login.htm","languages":["en-us"]}]}

As a designer, you define executable objects that need access to third-party applications and operating systems (target systems). Login objects store the login information that Agents need to execute the objects on those target systems. By using Login objects, you do not have to remember the passwords; you simply assign the appropriate Login object to the executable objects.

As an administrator, you define and manage passwords centrally and safely in Login objects.

Agents pass the login information defined in the Login object to the operating system or application in which the executable object is processed. This information is validated and the following happens:

  • If it is correct, the task is processed using the operation system ID that is stored with the Login object.
  • If it is not correct, the operating system or application rejects processing the task.

Note: Some operating systems allow deactivating the login validation. Your administrator can do so in the Agent INI file.

This page includes the following:

Script Elements and Login Objects

You can also use the following script elements to handle Login objects:

Platform-Specific Features

login object,login,jmx and login objects,websphere and login objects,oracle and login objects,windows and login objects,OWN domain

Some platforms have special features:

  • JMX

    Usually, you need to specify one password. However, if you use WebSphere version 6 with activated administrative security, you must specify three passwords, namely User password, Keystore password and Truststore password. This also applies when defining a Login object for JMX objects.

  • Oracle applications

    In Login objects, you need to specify an internal OA user that is used for processing jobs. In addition, you must specify an OA database user in the ERP_LOGIN object.

  • Windows

    You can specify "*OWN" as domain when logging in to Windows. The Windows job is then processed with a local login authorization.

    Windows Agents require particular rights to process jobs that must be assigned to the user who starts the Agent.

Defining a Login Object

A Login object definition is made up of the following pages:

To Define the Login Information

  1. On the Login page you assign the Login object to one of the following:

    • A specific Agent

      In Agent/Name enter or select an Agent. The Type of the object is selected automatically.

    • All Agents of a type

      In Agent/Name enter *. The Agent Type can be either an OS or an application.

      Example

      A Login object has been defined for VVIEINTEGRATE02A with type WINDOWS. A second Login object has been defined for type WINDOWS, but this time using the "*" wildcard character as Agent/Name.

      This means that the second one (with the wildcard) is applied in all logins of WINDOWS Agents EXCEPT in those for which you enter a specific Agent name. In our example, the VVIEINTEGRATE02A login is always applied to this Agent. For all other WINDOWS Agents, the definitions in * are applied.

    • Server processes for a password protected Service Manager
      Enter * in the Agent/Name and in the Type field.

  2. If you have selected a specific Agent, the Type column is already populated. Otherwise, select a type. In addition to the Agents available in your system, this dropdown list also lets you select the following special Login types:

    • ILM (only in Client 0).
    • MAIL - used for e-mail connections via SMTP.
    • DB - used for the following:

      • Partitioning with Rapid Automation Agents. In this case, you must select the name of the solution.

      • Specifying the credentials of the database user. This is necessary to configure an additional security level by differentiating between the database user used for all AE processes and the database user used when executng SQLI or SEC_SQLI VARA objects. For more information, see Securing the Database and SQLI_LOGIN.

    • JWP_KEYSTORE - used to provide the password for the Keystore. This password is necessary to establish the connection to the JWP through TLS.

    The administrator can define additional types for Login objects in the UC_LOGIN_TYPES variable (see UC_LOGIN_TYPES - Defining Additional Platform and System Types for Login Objects). These types can be selected in the column when you either define * or any value for the name.

  3. Enter a Username/ID that complies with the format requirements of the target system. The platforms that are available for selection by default and some the most common ones are:

    • BS2000

      Format: User ID, account

      Conversion to capital letters: Entire field

    • Database

      Format: User name

      Conversion to capital letters: None

    • JMX

      Format: User name

      Conversion to capital letters: None

    • LDAP

      Format: Domain/User ID

      Conversion to capital letters:

      • Windows: Domains only

      • Oracle Active Directory: None

    • MAIL

      Format: SMTP user ID

      Conversion to capital letters: None

    • NSK

      Format: Group name, user ID

      Conversion to capital letters: None

    • Oracle Applications

      Format: User name

      Conversion to capital letters: None

    • OS/390

      Format: User ID

      Conversion to capital letters: Entire field

    • OS/400

      Format: User ID

      Conversion to capital letters: Entire field

    • PeopleSoft

      Format: Operator ID

      Conversion to capital letters: None

    • SAP (ABAP Engine/Business Intelligence)

      Format: Client, user ID

      Conversion to capital letters: None

    • SAP (Exchange Infrastructure)

      Format: XI user ID

      Conversion to capital letters: None

    • UNIX

      Format: User ID

      Conversion to capital letters: None

    • VMS

      Format: User ID

      Conversion to capital letters: Entire field

    • Windows

      Format: Domains\user ID

      Conversion to capital letters: Domains only

  4. Enter a Password.

    Passwords can be stored in the database or in a password vault. In this case, the password is sent directly to the Agent.

  5. In the Password Vault column, select one of the following options:

    • Automation Engine to store your password in the AE database.

      Passwords stored in the database are unlimited in length, allow all characters (including commas) and are displayed as bullets.

    • The external vault that is configured to use a vault password

      If the password come from an external password storage, the password field is disabled and indicates that a vault password is being used.

    Note: JMX Agents require you to specify three passwords: User password, Keystore password and Truststore password. When you store your passwords in the database, the Password button opens up a dialog where you can set them. When using an external password storage, you need to set up three accounts for the same Agent.

For more information, seeCA PAM Accounts or CyberArk Accounts respectively.

See also: