Install the server
Learn how to install the IBM RPA server and configure the on premises environment around it.
Before you begin
- Meet the prerequisites described in Prerequisites to install the server.
- Download the installer.
- Prepare your environment before you install the server.
- If you are going to use IBM® MQ as your system queue provider, download and configure it before you install the server. See Install IBM MQ for details.
- If you have created the UMS database, you need an LDAP identity provider server to communicate with the UMS server. See Installing and configuring LDAP before you proceed.
- The IBM Robotic Process Automation default installation directory is
C:\Program Files
. You cannot change the installation directory.
Running the installer
- Extract the contents of the
zip
file into a folder. - Run the executable file.
⚠ Attention: Do not move or remove any of the files contained in the downloaded folder. - Select the language and click Next.
- Carefully read the User License Agreement and select I accept the terms in the License Agreement.
- Click Next to continue.
Configuring the email provider
You can use SendGrid or a custom SMTP mail provider. Notice that you must set up an outgoing mail server or use a third-party service before you proceed with the installation.
Using SendGrid
-
Select Sendgrid.
-
Type the Sender Email. For example:
no-reply-debug@ibmrpa.com
-
Type the Sender Name.Example:
IBM Robotic Process Automation
-
Click Next to continue.
🛈 Remember: To use SendGrid, you must use the same sender email that is attached to the SendGrid Authentication key.
-
Enter the Sendgrid authentication key and the template identifiers:
-
Authentication Key
Enter the SendGrid API key.
-
Templates identifiers
Enter the template identifier for each template on this screen. For more information about how to get the templates identifiers, see Email routine templates.
-
Using a custom SMTP mail provider
-
Select Custom SMTP E-mail provider and click Next.
-
Choose if you want to disable the server from checking if the SMTP certificate was revoked. Check this box if you use a self-signed certificate in your SMTP server. You can change this option later in the IBM RPA Control Center.
-
Fill the fields according to the SMTP mail provider you use:
🛈 Remember: Create the user account email on SMTP mail provider before you continue with the installation.
-
Server address
The SMTP server address.
-
Secure port
The secure port to the SMTP server.
-
User name
The user account email.
-
Password and Confirm password
The account password.
-
-
Click Next to continue.
Database information
Provide the data needed to connect to IBM RPA databases and enable the use of Redis, if you have a Redis instance.
IBM RPA uses Redis as an in-memory data storage server. It acts as publish/subscribe external link for semaphore commands and internal notifications, and can significantly enhance performance in these cases. If you don't use Redis, the IBM RPA API saves that data in memory.
Optional: Enabling Redis
To use it, enable Use Redis (recommended to enhance performance) and fill the fields as follows:
-
Connection String
The connection string to connect with Redis instance. You must provide an existing connection string to a Redis server. Incorrect values make it impossible to use server services.
If Redis is installed in the same machine as the server, most likely the connection string is the IP address to the server followed by the
6379
port. For example,127.0.0.1:6379
.If Redis is installed in another machine, enter the IP address to the machine with the port, or enter only the domain name assigned to the machine. For example,
198.51.100.51:6379
orredis.example.com
. -
Password
Optional: The password that you use to connect to Redis. For greater security, enter a strong password.
-
Database index
Database index that is used by the Redis instance integration. In most cases, the default database index is
0
. -
Use SSL
Check this option if you want to enable an SSL connection with Redis. You must have a valid SSL certificate to sign the connection with Redis.
-
Disable certificate revocation check
Choose if you want to disable the server from checking if the Redis certificate was revoked. Check this box if you use a self-signed certificate in your Redis server. You can change this option later in the IBM RPA Control Center.
Databases connection
In the Databases section, enter the connection strings for ADDRESS
, AUTOMATION
, KNOWLEDGE
, WORDNET
, and AUDIT
databases. For example:
Server=<SERVER_ADDRESS>;Database=<DATABASE_NAME>;User Id=<USERNAME>;Password=<PASSWORD>;
WORDNET
database must have the "MultipleActiveResultSets=True
" keyword pair. You create these connection strings when you configure the IBM
RPA databases. For more information, see Create the connection strings. For FIPS-compliant systems, see Enabling FIPS for adjusted connection strings.Click Next to continue.
Storage, log, antivirus, and NLP information
Provide the path of the folders to store logs, storage, and antivirus files.
For the antivirus and IBM Watson NLP, you need to provide a local port.
-
In the Storage section, provide the following information:
-
Path for Hot folder
Select the path to the Hot folder. This folder stores files that are frequently used by the IBM RPA platform.
-
Path for Archive folder
Select the path to the Archive folder. This folder stores the content of files that are not frequently used by the IBM RPA platform.
-
-
In the Log section, provide the following information:
-
Path for Logs
Select the path where the platform saves logs. You can use environment variables in this field. See Analyzing Server error logs for more details.
-
-
In the Antivirus section, provide the following information:
-
Antivirus port (only local port)
Enter the antivirus port. You can get the port needed for this step in Open ports.
-
Antivirus folder path
Enter the path to unpack the server antivirus files. The antivirus checks the files that are sent to the server. The antivirus software provided is ClamAV🡥.
Tip:By default, the paths to these folders are automatically completed, but you can change it by clicking the ellipsis button -
-
In the IBM Watson NLP section, provide the following information:
-
IBM Watson NLP port (only local port)
Enter the IBM Watson NLP port. You can get the port needed for this step in Open ports.
-
-
Click Next to continue.
Choose a certificate
Provide the data needed to connect and access each component of IBM RPA, and to protect this connection.
-
From the Certificate list, select a TLS/SSL certificate, for example,
IBM RPA API
. Refer to the "Create an SSL certificate" section to learn how to generate a Certificate Signing Request (CSR) and order the TLS/SSL certificate signed by a Certificate Authority (CA). -
In the Hostname, DNS name or IP address field, enter the FQDN of the IBM RPA API server, for example
www.example.com
. Use the same address as defined in the TLS/SSL certificate.Important:Use a Fully Qualified Domain Name (FQDN) for location addressing in your IBM RPA API server address instead of IP address. For more information about naming conventions for host names, see DNS host names 🡥. -
In the Web client (IBM RPA Control Center) port field, enter the port to access IBM RPA Control Center, for example,
7780
. -
In the API port field, enter the IBM RPA API server port, for example,
7790
. -
In the Abbyy port field, enter the Abbyy port, for example,
5200
. -
In the Bot port field, enter the Bot port, for example,
20001
. -
Optional: In the Bot handle field, enter the chatbot handle. You need to provide it only if you want to build and deploy chatbots. For more information, see Requirements for developing chatbots in IBM RPA on premises.
-
Click Next to continue.
Get detailed information about the ports that IBM RPA uses, which are needed for this step in Open ports.
Authentication method configuration
Choose your authentication method.
The Default authentication method uses IBM RPA's internal user registry for authentication and authorization.
The Single Sign-On (IAM) method uses UMS with an LDAP server to provide authentication to IBM RPA applications.
Skip to the selected authentication method:
Default authentication
- Select Default Authentication.
- Click Next to proceed to Create the first tenant and user.
Single Sign-On
If you don't have the UMS database, see Create the databases to create one and restart the installation.
If you don't have an LDAP identity provider installed, see Installing and configuring LDAP for information about how to install and configure an LDAP server before you install. Otherwise, use the Default authentication instead.
-
The installer requests information about the User Management Service (UMS), which is installed automatically by the IBM RPA server. Provide it as follows:
-
Admin Password
Create the password for the UMS server administrator. The default username for the administrator is
admin
.⚠ Attention:
- Do not use special characters (*\-+/_&%^$#@) in the administrator password.
- You must create a user in the LDAP server with the same username and password as provided here.
-
Port
Enter the UMS server port. The default port is
9443
. -
Hostname
Enter the computer hostname and the SQL server instance address to connect IBM RPA to it. You can use an external SQL Server instance to connect to the database. This instance must have the UMS database properly set up. See Create the databases for more information.
-
Name
Enter the database name.
-
User
Enter the SQL server user to access the database.
-
Password
Enter the user password to access the database.
-
Port
Enter the port number on which the database server is listening. Default port is
1433
.
-
-
Click Next to continue.
Create the first tenant and user
The First Tenant and user creation screen changes according to the IBM RPA version that you install and the authentication method that you use. On the following list, select the authentication method that you configured on the previous screen.
- Creating the first tenant and user with default authentication
- Creating the first tenant and user with single sign-on authentication
Creating the first tenant and user with default authentication
Provide the following data to create the first user and the tenant:
-
Tenant name
Create a name for the first tenant.
-
User name
Provide the user name of the first user account. The user name is only the display name for the user, and is not used as a "Username" to log in to IBM RPA Control Center. This user receives the Platform administrator and Tenant administrator roles.
-
User e-mail
Provide a valid email address. The email address is used as a "Username" in the IBM RPA Control Center. You receive an email confirming the tenant creation if the email provider was successfully configured. See Configuring the email provider for instructions on how to configure the email provider.
-
Password
Provide a valid password. The password must comply with the password complexity policy. See Password complexity policy for all requirements.
Creating the first tenant and user with single sign-on authentication
Provide the data that you have in your user LDAP entries to create the first user and the tenant:
-
Tenant name
Create a name for the first tenant.
-
User name
This is the first user account. You must provide a user that already exists in the LDAP server. This user receives the Platform administrator and Tenant administrator roles.
-
User e-mail
Provide a valid email address. If you use an identity provider, use the same email that is registered in the identity provider entry for this username.
System queue provider
Select the system queue provider to use with IBM RPA.
Microsoft Message Queue
Select Microsoft Message Queue (MSMQ) and click Install. Microsoft Message Queue does not need to be configured, as the installer does that for you. Your user must have privileges to enable Windows Server features, including privileges to enable MSMQ.
The installer prompts you to install after you select it.
IBM MQ
If you want to install IBM RPA with IBM MQ, make sure that you have IBM MQ installed and configured before proceeding with the server installation. See Installing IBM MQ for details.
-
Select IBM Message Queue and click Next.
-
Complete the following fields:
-
Use TLS (Transport Layer Security)
Check this box if you want to encrypt your connection with the IBM MQ server using TLS. This is required if you need to comply with FIPS standards. You must already own a TLS certificate file.
-
Cipher Spec
Select the cipher specification of your TLS certificate. For more information about cipher specifications, see SSL cipher specifications 🡥.
-
Server Certificate Name (Subject Name)
Enter the name of the server that the certificate applies to.
-
Server Certificate File Path
Enter the path to the TLS certificate file.
Important:To use the TLS protocol, your IBM MQ server must have TLS features enabled. For more information, see Installing IBM MQ🡥. -
Host name
The host name.
-
Port
The port to the IBM MQ provider. This is the same port that you opened to install IBM MQ. This port is user defined.
-
Queue Manager
The queue manager. For example,
queue-manager
. -
Channel
The queue channel. For example,
RPA.CHANNEL
. -
User
The user that you created when installing IBM MQ.
-
Password
The user's password.
-
Finish the installation
- Click Install to install the IBM RPA server. It might take a few minutes.
- Click Finish to complete the installation.
What to do next
After you install the server, proceed to the Post-installation configuration page to get instructions about how to configure your server.
If you had problems with the installation, check out the Troubleshooting on premises installation section for common issues and how to solve them.