Automation principal - General

Name

Identifying name.

Description

Optional descriptive text.

Principal ID

Enter the name of the user account to which a role should be mapped. For example, you might enter Administrator.

Notes

• If you are using an automation principal for Microsoft Windows user mapping, the account you identify in this step must be granted the Windows "Logon as a batch job" privilege on each Windows server. To access this setting, use the Control Panel and go to Administrative Tools > Local Security Policy > Local Policies > User Rights Assignment. If you are using an automation principal for agent installation, you must grant the "Logon as a batch job" privilege to this account on the PsExec server.
• If you are using an automation principal for agent installation, additional configuration may be required for the account you specify here.

Domain

Enter the name of the domain that the user being impersonated uses for logging on to Windows.
The domain is optional. If the logon account is local to the managed server, do not enter a domain.

Passphrase

Enter the password or passphrase needed to authenticate the automation principal. Then enter it again for Confirm.

Path for the private key file

Enter the nsh path for the private key file location or use the Browse functionality to navigate to the file location. Private key authentication mechanism is enabled only for agent installation jobs. The user must have the relevant access permissions enabled for this file.

Notes:

• The Browse button for Private Key File Path option is disabled unless the user is BLAdmin. For other users (for example, RBACAdmin) to be able to browse to a different file location, you must explicitly grant Server.Browse authorization to the user.
• You can only use RSA2 keys for authentication.