Advanced installation and configuration

Update or customize the Login Agent configuration

The configuration of Blue Prism Login Agent service, responsible for initialising the Login Agent runtime resource, is stored within a local configuration file:

C:\ProgramData\Blue Prism Limited\Automate V3\LoginAgentService.config

The workingdirectory element points to the installation directory for the Blue Prism software.

The startuparguments element gives the arguments that will be used when launching the Login Agent runtime resource.

Common start-up argument configuration changes include:

Updating the Blue Prism connection that the Login Agent runtime resource will use
Updating the port number that Login Agent runtime resource will listen on
Configuring the Login Agent runtime resource to apply certificate-based encryption
Adding custom parameters to be included in the start-up process of the Login Agent runtime resource

Set the Blue Prism connection used by the Login Agent runtime resource

The Login Agent runtime resource will use the default Blue Prism Connection to establish a connection into the Blue Prism environment. Alternatively, it is possible to use the dbconname parameter to force which connection will be used.

The value of the connection name must exactly match the name of an existing Blue Prism connection on the local device.

</argument>

<value>Prod: Financial Services</value>

</argument>

If no connection is specified in the configuration file, the first connection specified in the Blue Prism client connection list on the local device will be used.

Update the port that the Login Agent runtime resource listens on

The listening port, used by the Login Agent runtime resource, is configured separately to the listening port that will be used by the runtime resource used once the device has been logged on. There is no requirement for the Login Agent runtime resource and the Blue Prism runtime resource to use the same port.

</argument>

<value>Prod: Financial Services</value>

</argument>

Configure the Login Agent runtime resource with certificate-based encryption

Where the conventional runtime resources are configured to force encryption of incoming connections using a specified certificate (e.g. where the runtimes are started using the /sslcert switch), it is necessary to manually apply the appropriate configuration to the Login Agent runtime resource.

The startuparguments element within the configuration file can be updated to include the appropriate information:

<value>Prod: Financial Services</value>

</argument>

<value>[Certificate Thumbprint]</value>

</argument>

For example:

<value>Prod: Financial Services</value>

</argument>

</argument>

Certificate-based encryption is only applied to the traffic received on the listening port. Encryption is applied separately to the connection that retrieves the credentials that will be used as part of the login process.
Certificate-based encryption should only be applied to Login Agent runtime resources once the certificate has been applied and tested with a Blue Prism runtime resource

Configuring the Login Agent runtime resource to authenticate against Blue Prism

The Login Agent runtime resource can be configured to authenticate with the Blue Prism environment.

Blue Prism environments configured with native authentication – Start-up parameters will need to include /user [username] [password]

<value>[username]</value>

<value>[password]</value>

</argument>

Blue Prism environments configured for Single Sign-on – Start-up parameters will need to include /sso to pass the context of the currently logged in user.

Login Agent starts under the logon context of the Login Agent windows service.
When using single sign-on, the Login Agent service will need to be configured to start with a service account that has appropriate access to Blue Prism.

Set the Blue Prism Login Agent connection retry time

The /dbwait command can be used to set the length of time that the Blue Prism Login Agent Server service waits for a connection, before it times out. This is useful for situations where all resources are rebooted at the same time. In such cases, it is recommended that the /dbwait time is set to 300 (five minutes).

</argument>

Adding parameters to the start-up command

Where it is necessary to add additional start-up command parameters to the Login Agent runtime resource, they can be added in a similar fashion. For example, to add a DB password for a SQL Server authenticated database add the XML below before the closing </startuparguments> tag:

<value>Password$123</value>

</argument>

Setting up Windows login credentials

The login credential is a Windows user account and password used to log into a specified machine. An environment variable defines the format of the credential name that is used to log the machine in. The following process describes how to create the environment variable and add a credential for Login Agent.

In the System tab, select Objects > Environment Variables.
Click Add Variable from the options menu.
The name of the environment variable must be formatted according to the environment variable Login Format String.

It is recommended that Windows Login: {0} is used as the default value. The number in brackets is a placeholder for the machine name of the runtime resource that you want to log in to. The value is substituted with the machine name when the login process runs, and this is matched with an existing credential.
In the System tab, select Security > Credentials.

The credential must be created using the same connection type as the Blue Prism server. For example, if you create the credential whilst logged into a direct database connection but the Login Agent client machine specifies a Blue Prism Server type connection, the credential will not be found.
Click New from the options menu. The Credential Details dialog displays.
Enter the environment variable name as the credential name and the username and password for the specified machine.
Click OK to save the credential.

	Click here to see the documentation for all Blue Prism products.
© 2024 Blue Prism Limited \| Last updated on 05 Feb 2024