This space contains documentation for TrueSight Server Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Server Automation 8.9.

Automation principal - General

Use the General panel to provide user credential information for the automation principal you are defining.

Field definitions




Identifying name.


Optional descriptive text.

Principal ID

Enter the name of the user account to which a role should be mapped. For example, you might enter Administrator.


  • If you are using an automation principal for Microsoft Windows user mapping, the account you identify in this step must be granted the Windows "Logon as a batch job" privilege on each Windows server. To access this setting, use the Control Panel and go to Administrative Tools > Local Security Policy > Local Policies > User Rights Assignment. If you are using an automation principal for agent installation, you must grant the "Logon as a batch job" privilege to this account on the PsExec server.
  • If you are using an automation principal for agent installation, additional configuration may be required for the account you specify here. For more information, see Troubleshooting agent installation.


Enter the name of the domain that the user being impersonated uses for logging on to Windows.
The domain is optional. If the logon account is local to the managed server, do not enter a domain.


Enter the password or passphrase needed to authenticate the automation principal. Then enter it again for Confirm.

Path for the private key file

Enter the nsh path for the private key file location or use the Browse functionality to navigate to the file location. Private key authentication mechanism is enabled only for agent installation jobs. The user must have the relevant access permissions enabled for this file.


  • The Browse button for Private Key File Path option is disabled unless the user is BLAdmin. For other users (for example, RBACAdmin) to be able to browse to a different file location, you must explicitly grant Server.Browse authorization to the user.
  • You can only use RSA2 keys for authentication.

Where to go next

Automation principal - Role Associations

Was this page helpful? Yes No Submitting... Thank you