Error while running python script from MID server for ITIL user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2025 09:27 AM
Hello,
I am currently working on Orchestration using Python script. We have placed python script on MID server and calling using flow designers. we have using service accounts to connect MID server and one more service account to run and complete python script on application.
now entire end to end automation is working fine for me ( I have admin role) but if we run other user (like ITIL user) getting error saying access denied( 2nd Service Account).
BeloW are the errors:
PowerShell script execution failed. Script returned status 1 using account user XXXXXX
Failed while executing commandScript2133607263273777431.PS1 (Access denied)
Please anyone please let me know what will be the exact issue. if it will role issue for Service account then what roles will required or any other issue.
Note: this automation will use by end user those will have ITIL role only.
Thanks in advance,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2025 10:27 AM
Hi Ack,
The issue is likely due to permission restrictions on the second service account used to execute the Python script on the application. Since the automation works for you (admin role) but fails for ITIL users, it suggests a lack of necessary permissions for the service account when an ITIL user initiates the process.
Possible Causes and Solutions:
1. Service Account Lacks Necessary Roles/Permissions
The second service account (used for running the Python script) might not have the necessary permissions on the MID server or on the target application.
Solution:
Ensure the service account has permission to execute scripts on the MID server.
Grant the service account sys_script and sys_script_include roles if it's executing scripts within ServiceNow.
If PowerShell execution is involved, verify that the account has local administrator or necessary execution privileges.
2. PowerShell Execution Policy Restrictions
The PowerShell script execution might be restricted for non-admin users.
Solution:
Check the execution policy using:
Get-ExecutionPolicy -Scope CurrentUser
If restricted, allow execution:
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
Ensure the account has permission to execute PowerShell scripts on the target machine.
3. ServiceNow Flow Designer Execution Rights
ITIL users may not have the required execution permissions in ServiceNow Flow Designer.
Solution:
Grant ITIL users the flow_operator or flow_designer role.
Ensure ITIL users can trigger the execution by reviewing script execution permissions.
4. Credential Affinity and Binding Issues
The service account may not be mapped properly in the ServiceNow MID server settings.
Solution:
Verify the "Service Account Credential Affinity" in the MID server configuration.
Ensure that the correct credentials are associated with the execution.
5. Application-Specific Restrictions
The application where the Python script runs may have access controls that prevent execution under non-admin users.
Solution:
Check the logs of the target application for security restrictions.
Grant required permissions to the service account on the application side.
6. Local Machine Execution Restrictions
If the script interacts with files, registries, or other system components, non-admin users may lack permissions.
Solution:
Try running the script manually using the second service account.
If access is denied, adjust permissions for the required resources.
Let me know if this resolution works for you!
Kindly mark it as "Accepted Solution"/"helpful", as it resolves your query. Please press like button for the resolution provided.
With Regards,
Krishna Kumar M - Talk with AIT3ch
LinkedIn: https://www.linkedin.com/in/mkrishnak4/
YouTube: https://www.youtube.com/@KrishAIT3CH
Topmate: https://topmate.io/mkrishnak4 [ Connect for 1-1 Session]
