Install the server
Learn how to install the IBM RPA server and configure the on premises environment around it.
Before you begin
- Meet the prerequisites described in Prerequisites to install the server.
- Download the installer.
- Prepare your environment before you install the server.
- If you are going to use IBM® MQ as your system queue provider, download and configure it before you install the server. See Install IBM MQ for details.
- If you have created the UMS database, you need an LDAP identity provider server to communicate with the UMS server. See Installing and configuring LDAP before you proceed.
- The IBM Robotic Process Automation default installation directory is
C:\Program Files
. You cannot change the installation directory.
⚠ Attention for IBM RPA on premises offering only: Due to an MSMQ limitation, when you use it as your system queue provider, you must install the IBM RPA server and the client on the same subnet in order to schedule or orchestrate scripts.
Running the installer
- Extract the contents of the
zip
file into a folder. - Run the executable file.
⚠ Attention: Do not move or remove any of the files contained in the downloaded folder. - Select the language and click Next.
- Carefully read the User License Agreement and select I accept the terms in the License Agreement.
- Click Next to continue.
Configuring the email provider
You can use SendGrid or a custom SMTP mail provider. Notice that you must set up an outgoing mail server or use a third-party service before you proceed with the installation.
Using SendGrid
-
Select Sendgrid.
-
Type the Sender Email. For example:
no-reply-debug@ibmrpa.com
-
Type the Sender Name.Example:
IBM Robotic Process Automation
-
Click Next to continue.
🛈 Remember: To use SendGrid, you must use the same sender email that is attached to the SendGrid Authentication key.
-
Enter the Sendgrid authentication key and the template identifiers:
-
Authentication Key
Enter the SendGrid API key.
-
Templates identifiers
Enter the template identifier for each template on this screen. For more information about how to get the templates identifiers, see Email routine templates.
-
Using a custom SMTP mail provider
-
Select Custom SMTP E-mail provider and click Next.
-
Fill the fields according to the SMTP mail provider you use:
🛈 Remember: Create the user account email on SMTP mail provider before you continue with the installation.
-
Server address
The SMTP server address.
-
Secure port
The secure port to the SMTP server.
-
User name
The user account email.
-
Password and Confirm password
The account password.
-
-
Click Next to continue.
Database information
Provide the data needed to connect to IBM RPA databases and enable the use of Redis, if you have a Redis instance.
IBM RPA uses Redis as an in-memory data storage server. It acts as publish/subscribe external link for semaphore commands and internal notifications, and can significantly enhance performance in these cases. If you don't use Redis, the IBM RPA API saves that data in memory.
Optional: Enabling Redis
Starting from version 21.0.2:, Redis became optional for the IBM RPA server. If you want to use it, you must provide your own instance of Redis. Redis is no longer bundled with the installer.
To use it, enable Use Redis (recommended to enhance performance) and fill the fields as follows:
-
Connection String
The connection string to connect with Redis instance. You must provide an existing connection string to a Redis server. Incorrect values make it impossible to use server services.
If Redis is installed in the same machine as the server, most likely the connection string is the IP address to the server followed by the
6379
port. For example,127.0.0.1:6379
.If Redis is installed in another machine, enter the IP address to the machine with the port, or enter only the domain name assigned to the machine. For example,
198.51.100.51:6379
orredis.example.com
. -
Password
Optional: The password that you use to connect to Redis. For greater security, enter a strong password.
-
Database index
Database index that is used by the Redis instance integration. In most cases, the default database index is
0
.
❕ Important: You must enable Redis for high availability and disaster recovery capabilities.
Databases connection
In the Databases section, enter the connection strings for ADDRESS
, AUTOMATION
, KNOWLEDGE
, WORDNET
, and AUDIT
databases. For example:
Server=<SERVER_ADDRESS>;Database=<DB_NAME>;User Id=<DB_USER>;Password=<DB_PASSWORD>;
🛈 Remember: You create these connection strings when you configure the IBM RPA databases.
Click Next to continue.
Storage, log, antivirus, and NLP information
Provide the path of the folders to store logs, storage, and antivirus files. See Analyzing Server error logs for more details.
For the antivirus and IBM Watson NLP, you need to provide a local port.
-
In the Storage section, provide the following information:
-
Path for Hot folder
Select the path to the Hot folder. This folder stores files that are frequently used by the IBM RPA platform.
-
Path for Archive folder
Select the path to the Archive folder. This folder stores the content of files that are not frequently used by the IBM RPA platform.
-
-
In the Log section, provide the following information:
-
Path for Logs
Select the path where the platform saves logs. You can use environment variables in this field.
-
-
In the Antivirus section, provide the following information:
-
Antivirus port (only local port)
Enter the antivirus port. You can get the port needed for this step in Open ports.
-
Antivirus folder path
Enter the path to unpack the server antivirus files. The antivirus checks the files that are sent to the server. The antivirus software provided is ClamAV🡥.
✪ Tip: By default, the paths to these folders are automatically completed, but you can change it by clicking the ellipsis button .
-
-
In the IBM Watson NLP section, provide the following information:
-
IBM Watson NLP port (only local port)
Enter the IBM Watson NLP port. You can get the port needed for this step in Open ports.
-
-
Click Next to continue.
Choose a certificate
Provide the data needed to make IBM RPA features work properly such as certificate and server hostname, IBM RPA Control Center, API, Abbyy, and Bot ports.
You can get the ports needed for this step in Open ports. The Create an SSL certificate section provides more information about how to get your SSL certificate.
❕ Important: Computer names have proper values and they must be a fully qualified domain name. For more information about what are the conventions of names for Windows™ servers, see NetBIOS computer names🡥 and DNS host names🡥.
-
Select the Certificate. Example:
IBM RPA API
-
Complete the fields according to the examples:
-
Hostname, DNS name or IP address
10.0.0.1
orexample.com
-
Web client (IBM RPA Control Center) port
7780
-
API port
7790
-
Abbyy port
5200
-
Bot port
20001
-
Bot handle
The Bot handle is optional for this step. You need to provide it only if you want to build and deploy chatbots. See Requirements for developing chatbots in IBM RPA on premises for more information on how to get your Bot handle. Otherwise, leave it empty.
-
-
Click Next to continue.
Authentication method configuration
Choose your authentication method.
The Default authentication method uses IBM RPA's internal user registry for authentication and authorization.
The Single Sign-On (IAM) method uses IAM to provide access to IBM RPA applications, and it is only valid for IBM RPA versions prior to 21.0.2. For IBM RPA 21.0.2 and higher, the Single Sign-On method uses UMS with an LDAP server to provide authentication to IBM RPA applications.
Skip to the selected authentication method:
Default authentication
- Select Default Authentication.
- Click Next to proceed to Create the first tenant and user.
Single Sign-On (Before 21.0.2)
For IBM RPA 21.0.1 and 21.0.0: IBM RPA uses Identity and Access Management (IAM) from IBM Cloud Pak for authentication and authorization. IAM might be configured to use the enterprise LDAP as the user registry. These versions do not support other LDAP servers. Install newer versions of IBM RPA for LDAP support.
For more information about how to get the following values, see How to register IBM RPA as OIDC client with IAM.
-
Select Single Sign-ON (IAM).
-
Provide the following information:
-
Client ID
The client ID, for example,
bc48420df3c24218bd476b88540as03b
. -
Client Secret
The client secret, for example,
uke4al8k2Dqev8RfzxJF0MxqqojA3TrsWzaUFlCP8xsjFCHnrwE2EzmJKvbC
. -
Authorization Endpoint
The authorization endpoint, for example,
https://cp-console.apps.<HOSTNAME_OCP_INSTALLATION>/oidc/endpoint/OP/authorize
. -
Token Endpoint
The token endpoint, for example,
https://cp-console.apps.<HOSTNAME_OCP_INSTALLATION>/idprovider/v1/auth/token
. -
UserInfo Endpoint
The userInfo endpoint, for example,
https://cp-console.apps.<HOSTNAME_OCP_INSTALLATION>/idprovider/v1/auth/userInfo
.
Replace
<HOSTNAME_OCP_INSTALLATION>
with your IBM RPA on Red Hat® OpenShift® Container Platform installation address. For more information about how to get these values, see How to register IBM RPA as OIDC client with IAM. -
Single Sign-On (Starting from 21.0.2)
Starting from IBM RPA 21.0.2: IBM RPA uses User Management Service (UMS) for authentication and authorization. UMS requires an LDAP server to work, so you must have an LDAP server configured and you should also have created the UMS database.
If you don't have the UMS database, see Create the databases to create one and restart the installation.
If you don't have an LDAP identity provider installed, see Installing and configuring LDAP for information about how to install and configure an LDAP server before you install. Otherwise, use the Default authentication instead.
-
The installer requests information about the User Management Service (UMS), which is installed automatically by the IBM RPA server. Provide it as follows:
-
Admin Password
Create the password for the UMS server administrator. The default username for the administrator is
admin
.⚠ Attention:
- Do not use special characters (*\-+/_&%^$#@) in the administrator password.
- You must create a user in the LDAP server with the same username and password as provided here.
-
Port
Enter the UMS server port. The default port is
9443
. -
Hostname
Starting from IBM RPA 21.0.2-IF003 (21.0.2.3): This field is only available starting from this version.
Enter the computer hostname and the SQL server instance address to connect IBM RPA to it. You can use an external SQL Server instance to connect to the database. This instance must have the UMS database properly set up. See Create the databases for more information.
-
Name
Enter the database name.
-
User
Enter the SQL server user to access the database.
-
Password
Enter the user password to access the database.
-
Port
Enter the port number on which the database server is listening. Default port is
1433
.
-
-
Click Next to continue.
Create the first tenant and user
The First Tenant and user creation screen changes according to the IBM RPA version that you install and the authentication method that you use. On the following list, select the authentication method that you configured on the previous screen.
Default authentication
Provide the following data to create the first user and the tenant:
-
Tenant name
Create a name for the first tenant.
-
User name
Provide the username of the first user account. This user receives the Platform administrator and Tenant administrator roles.
-
User email and Confirm user email
Provide a valid user email and password. You receive an email confirming the tenant creation if the Configuring the email provider
-
User password and Confirm user password
The user password.
Single Sign-On (Before 21.0.2)
Provide the following data according to what you have in the IAM to create the first tenant and map the IAM groups to IBM RPA roles:
-
Tenant name
Create a name for the first tenant.
-
User name
Provide the username of the first user account. This user receives the Super Admin role.
-
User email and Confirm user email
The user email.
-
IAM Groups for User Role Group
The IAM user groups, which receive the User role for the first tenant. You can enter one or more groups.
-
IAM Groups for Admin Role Group
The IAM user groups, which receive the Admin role for the first tenant. You can enter one or more groups.
-
IAM Groups for Super Admin Role Group
The IAM user groups, which receive the Super Admin role for the first tenant. You can enter one or more groups.
🛈 Remember: Starting from version 21.0.2, IBM RPA roles such as User, Admin, and Super Admin became obsolete.
Single Sign-On (Starting from 21.0.2)
Provide the data that you have in your user LDAP entries to create the first user and the tenant:
-
Tenant name
Create a name for the first tenant.
-
User name
This is the first user account. You must provide a user that already exists in the LDAP server. This user receives the Platform administrator and Tenant administrator roles.
-
User email and Confirm user email
The user email. Use the same email that is registered in the LDAP entry for this username.
❕ Important: After you install the IBM RPA server, you must edit the UMS configuration files to connect to the LDAP server. See Configuring UMS to connect to OpenLDAP for a detailed procedure.
System queue provider
Select the system queue provider to use with IBM RPA.
Starting from version 21.0.3, IBM RPA on premises offering now supports IBM Message Queue (IBM MQ) as a system queue provider. You can use Microsoft Message Queue or IBM Message Queue.
Microsoft Message Queue
Select Microsoft Message Queue (MSMQ) and click Install. Microsoft Message Queue does not need to be configured, as the installer does that for you. Your user must have privileges to enable Windows Server features, including privileges to enable MSMQ.
The installer prompts you to install after you select it.
⚠ Attention: Due to an MSMQ limitation, when you use it as your system queue provider, you must install the IBM RPA server and the client on the same subnet in order to schedule or orchestrate scripts.
IBM Message Queue
If you want to install IBM RPA with IBM MQ, make sure that you have IBM Message Queue installed and configured before proceeding with the server installation. See Installing IBM MQ for details.
-
Select IBM Message Queue and click Next.
-
Complete the following fields:
-
Host name
The host name.
-
Port
The port to the IBM MQ provider. This is the same port that you opened to install IBM MQ. This port is user defined.
-
Queue Manager
The queue manager, for example,
queue-manager
. -
Channel
The queue channel, for example,
RPA.CHANNEL
. -
User
The user that you created when installing IBM MQ.
-
Password
The user's password.
-
Finish the installation
- Click Install to install the IBM RPA server. It might take a few minutes.
- Click Finish to complete the installation.
What to do next
After you install the server, proceed to the Post-installation configuration page to get instructions about how to configure your server.
If you had problems with the installation, check out the Troubleshooting on premises installation section for common issues and how to solve them.