On the resource PCs, the following settings must be configured in order to enable RPA Supervisor to reboot machines remotely using WMI
Configure the firewall on the resource machine
Open Windows Defender Firewall
Click Advanced Settings
Enable the following Inbound Rules
Windows Management Instrumentation (DCOM-In)
Windows Management Instrumentation (WMI-In)
Configure shutdown rights
⚠️The service account user is possibly part of a Group Policy that allows/denies the shutdown of the remote machine. Consult your IT department regarding these user groups.
The Service Account used to run the Blue Prism Adapter, should have appropriate permissions on the remote machine. The user/user group can be added directly to the Local Security Policy to allow for the shutdown of the system.
- On the resource PC, open Local Security Policy
- Navigate to Security Settings > Local Policies > User Rights Agreement and ensure the correct user/user group has the right to both
- Force shutdown from a remote system
- Shut down the system
Security in Remote Shutdown commands
In order to use the RPA Supervisor Reset Policy (Remote Shutdown), port 135 needs to be open to allow Remote Procedure Calls. RPA Supervisor is using Windows built-in tool WMI to initiate reboot and logout commands.
These commands are by default secured with PktPrivacy:
|PktPrivacy||Authenticates all previous impersonation levels and signs and encrypts each data packet. This ensures that all communication between the client and the server is confidential.|
If the reboot does not initiate as expected, you can troubleshoot the following.
Verify that the machine is rebootable
- Log on to the Blue Prism Application Server where the Adapter is installed.
⚠️ Please note, this test will determine if the machine is rebootable by the user you are logged in as on the application server.
- Run this command in Powershell (replace MyComputer with the name of your resource machine): (gwmi win32_operatingsystem -ComputerName MyComputer).Win32Shutdown(6)
Ensure the Reset Policy has been set
The reset policy defines what RPA Supervisor should do if an Underperformance rule has triggered a reset.
Find any errors regarding rebooting in the Adapter logs
- Find logs
- Open the adapter logs using a text editor, such as notepad
- In the logs, search for "RemoteShutdown"
- Find any error relating to the shutdown, could look like the one below. This error indicates that the service account running the service is not able to log in to the remote machine.
- See article: Set a service account to run the Blue Prism Adapter.
ReceiveCommand: RemoteShutdown, connection error/user name or password might be incorrect: System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
Consult your IT-department. Verify that there isn’t a restriction in your organizations
Group Policy that would prevent the reboot of remote machines.
Reach out to support by clicking here and we will help you out.