Home
HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.2.
Planning and Installation
Reference
Certificates download to agents - AgentCertificateDownloader script
This script downloads and deploys certificates in .PEM format from the master domain manager to dynamic agents and fault-tolerant agents or enables authentication through JSON Web Token (JWT).
Downloading certificates or JWT using a different user
Procedure to download and deploy certificates or JWT from the master domain manager to agents using a user different from the user which installed the master domain manager.

HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.2.
- Planning and Installation
  - Planning
  - Installing HCL Workload Automation
    Available installation methods
  - Configuring
    Configuring HCL Workload Automation components after installation.
  - Upgrading
    How to upgrade HCL Workload Automation to the current version.
  - Moving from on-premises to cloud
    A quick procedure to move your workload from an on-premises to a cloud environment
  - Troubleshooting installation, migration, and uninstallation
    An overview on troubleshooting installation, migration, and uninstallation of the HCL Workload Automation.
  - Uninstalling
    An overview on how to uninstall the product.
  - Reference
    - Optional password encryption - secure script
      Optionally encrypt the passwords you use to install, upgrade, and manage HCL Workload Automation.
    - Database configuration - configureDB script
      This script creates and populates the HCL Workload Automation database
    - Server components installation - serverinst script
      The master domain manager, backup domain manager, dynamic domain manager, backup dynamic domain manager, and installation parameters that can be defined for the serverinst script.
    - Dynamic Workload Console installation - dwcinst script
      This script installs the Dynamic Workload Console
    - Agent installation parameters - twsinst script
      Agent installation parameters that can be passed to the twsinst script.
    - File Proxy installation - fileproxyinst script
      This script installs the File Proxy in SSL mode
    - File Proxy start - fileproxystart script
      This script starts the File Proxy in SSL mode
    - File Proxy stop - fileproxystop script
      This script stops the File Proxy
    - File Proxy uninstallation - uninstall script
      This script uninstalls the File Proxy
    - Certificates download to agents - AgentCertificateDownloader script
      This script downloads and deploys certificates in .PEM format from the master domain manager to dynamic agents and fault-tolerant agents or enables authentication through JSON Web Token (JWT).
      - Downloading certificates or JWT using a different user
        Procedure to download and deploy certificates or JWT from the master domain manager to agents using a user different from the user which installed the master domain manager.
- User's Guide and Reference
- Administration Guide
- Scheduling with the Agent for z/OS
- Database Views
- High Availability Cluster Environment
- Driving HCL Workload Automation
- Extending HCL Workload Automation

Downloading certificates or JWT using a different user

Procedure to download and deploy certificates or JWT from the master domain manager to agents using a user different from the user which installed the master domain manager.

About this task

To define a user different from the user which installed the master domain manager, perform the following steps:

Procedure

Browse to the authentication_config.xml file located in:

On UNIX operating systems

TWA_DATA_DIR/usr/servers/engineServer/configDropins/overrides

On Windows operating systems

TWA_home\usr\servers\engineServer\configDropins\overrides
Create a backup copy of the file to a different directory and add the new user and password to the file in the overrides directory.

Create a new role for the user, as follows:

composer new srol

SECURITYROLE DOWNLOAD_CERT_SROLE
FILE DISPLAY
END

Create a new domain for the user, as follows:

composer new sdom

SECURITYDOMAIN DOWNLOAD_DOMAIN
FILE NAME="AGENT_CERTIFICATE"
END

Create a new access control list for the user, as follows:
```
composer new acl
```
```
ACCESSCONTROLLIST FOR DOWNLOAD_DOMAIN
other_user DOWNLOAD_CERT_SROLE
END
```
where other_user is the user inserted into authentication_config.xml.
You can now use the other_user, which has only the DISPLAY role for file AGENT_CERTIFICATE, to install the agent and download certificates or JWT, or to run the AgentCertificateDownload script and download and deploy certificates or JWT.

You can also perform the same operations from the Dynamic Workload Console, as described in Managing Workload Security.