Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Robotic Process Automation with WinAutomation
In part three I covered how to assign a specific IP address to an Azure virtual machine in my test environment. In this post, I will cover some of the aspects involved in capturing a user workflow with WinAutomation and how the captured workflow can be executed with UI flows.
[Note: This research was completed prior to Microsoft’s release of Power Automate Desktop.]
Below is a high-level overview of how Power Automate, using an On-premises data gateway, communicates and performs robotic process automation (RPA) with WinAutomation on a virtual machine.
Before I can continue building out my flow, I need to take a step back and capture a user workflow that can be later simulated by Power Automate UI flows, Microsoft’s RPA. With UI flows, Power Automate has the capability to use RPA to automate some human tasks. RPA is different from security orchestration, automation and response (SOAR) platforms. SOAR platforms are intended to help integrate security solutions through APIs and the tasks associated with them, whereas RPA is intended for a wider range of task automation, usually business process automation. RPA solutions can connect systems without APIs and they have also the ability to perform mouse clicks, keystrokes and other behaviors that APIs themselves can’t emulate.
At a high level, there are two types of applications Microsoft can automate: Windows desktop and web applications.
The installation requirements for each UI flow are dependent on the type of workflow you are looking to create, with some caveats. UI flows require that the UI flows installer is running on a 64-bit version of Windows. UI flows has a recorder that can record desktop actions. It requires Chrome or the latest Chromium version of the Edge browser. I personally experienced limitations and varying degrees of success on my part when trying to use this.
For web applications, Power Automate relies on Selenium IDE, an open-source recorder and automation tester for web applications.
In addition to the UI flows installer and Selenium option, a second method is available to capture and play back desktop and web applications with UI flows. It was announced in May 2020 that Microsoft would be acquiring Softomotive, creators of WinAutomation. WinAutomation is software that is installed on a Windows host, which provides a development environment for capturing tasks, editing captures, logging, and automating applications.
It can become a little confusing because for each application type there are two different ways of capturing the user task and automating it. Unless you are attached to Selenium or the Power Automate’s out-of-the box macro recorder, I would recommend using WinAutomation. In my experience, WinAutomation provided more detailed control and a better way to automate tasks and it is what I used in this example.
In my use case, I am automating a task to be used as a simulation in a test environment – probably not the design intention, but it works just fine for this use case. In order to accomplish this, I needed to capture a specific user workflow. For testing and demo purposes, I decided that the workflow I wanted to capture would use a web application. Using WinAutomation, I captured the steps that take place in a case creation within Salesforce. All of the steps involved in the user’s workflow were captured using WinAutomation’s web recorder.
A lot goes into planning and capturing a user task so that it can be automated correctly. Key factors that I encountered during this process were timing, virtual machine start state and end state and webpage element recognition. It was also important to label each step in WinAutomation in case adjustments needed to be made to any control for successful execution. Below is a screenshot from the main function:
The main function of this process is a simple one: it will create a new case in Salesforce. I did not want to have an overly complex process to create, as the entire scenario is complex enough. I would rather just get a glimpse of what is possible with RPA and perhaps take a look at use cases that have not been explored yet. The main and only function in this process has a total of 37 different actions. Each action will perform a mouse click, populate text into a field or capture a screenshot. The process (a captured user workflow) is saved locally by WinAutomation in the folder structure shown below.
Once a user workflow is captured in WinAutomation or Power Automate Desktop, a UI flow needs to be created. A UI flow is a separate flow in Power Automate, but the design process is pretty much the same.
The Salesforce Case Creation UI flow is shown below. A one-minute delay was required because of a bug in the communication between Power Automate and WinAutomation. The Run WinAutomation action instructs the virtual machine running WinAutomation to execute a specific RPA process from a specific process path stored in the WinAutomation database. This process is the main function shown in the screenshot earlier in this blog.
The final UI flow is a separate flow called by the Power Automate as an action. I created an action that triggers a UI flow with in a flow. The action step containing the UI flow in our original flow looks like this.
In my next post, I will cover how I was able to copy a WinAutomation database that contained my new WinAutomation process from my development virtual machine to the newly created virtual machine. Copying the update WinAutomation database over to the virtual machines actually precedes the UI flow action in the screenshot above, but it is important to understand how WinAutomation works to understand why I needed to copy a new database file to the virtual machine.
Additional Links and Information:
UI Flows: https://flow.microsoft.com/en-us/ui-flows/https://docs.microsoft.com/en-us/power-automate/ui-flows/setup
Edged UI Flows Browser Plug-in: https://microsoftedge.microsoft.com/addons/detail/ui-flows-in-microsoft-pow/fkgaaaabjmlmanjbpjgfpnchcagmkkjf
Selenium IDE https://www.selenium.dev/selenium-ide/
On-Premise Data Gateway: https://docs.microsoft.com/en-us/data-integration/gateway/service-gateway-install
Executable Installer for the On-Premise Data Gateway can be found here: https://go.microsoft.com/fwlink/?LinkId=2116849&clcid=0x409https://flow.microsoft.com/en-us/blog/end-to-end-enterprise-automation-with-power-automate-ui-flows/#:~:text=The%20new%20UI%20flows%20connector,automated%2C%20instant%20or%20scheduled%20flow.https://docs.microsoft.com/en-us/dotnet/framework/ui-automation/ui-automation-overview
Here's a review of related posts on this series:
Copyright © 2022 Optiv Security Inc. All rights reserved.
No license, express or implied, to any intellectual property or other content is granted or intended hereby.
This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information.
Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards.
Complaints / questions should be directed to Legal@optiv.com
November 04, 2020
How to provision a test environment for robotic process automation with Azure automation runbooks: part two in a series.
How to assign a specific public IP address using Azure Automation runbook. Part three in a series.
How to copy updated WinAutomation databases for RPA with Azure custom script extensions – part five of a series.
Let us know what you need, and we will have an Optiv professional contact you shortly.