Impersonating Guest Account

Go to solution
tonyshabani
Kilo Expert

‎01-27-2016 02:26 PM

Is it possible to modify ServiceNow to impersonate a different user rather than the guest account when triggering inbound actions?

0 Helpfuls
  • 3,294 Views
1 ACCEPTED SOLUTION

Go to solution
Brian Dailey1
Kilo Sage
In response to tonyshabani

‎01-28-2016 07:21 AM

Hi Tony,



What you can do instead is place a (Before) Business Rule on [sys_email] with conditions of "Type is Received" and "UserID is Guest", and have it update the email message record before insert to use your customized guest user instead for user_id (or whichever field is the user reference on [sys_email]).



Then your unknown senders will get processed as the new guest account without your IEA knowing the difference.




Give that a try, I say.



-Brian



View solution in original post

0 Helpfuls
14 REPLIES 14

Go to solution
tony_barratt
ServiceNow Employee
ServiceNow Employee

‎01-27-2016 09:34 PM

Hi Tony,



My first reaction is this cannot be done.



Relevant wiki article is here:


Inbound Email Actions - ServiceNow Wiki


..


4.1 Impersonating Users to Run Inbound Actions


If the sender of an incoming email matches an existing user, the instance impersonates the matching user to complete any inbound email actions. If the sender does not match an existing user, the instance impersonates the Guest user to complete any inbound email actions. If the impersonated user is locked out, the inbound email action fails.


Note


Note: If inbound email comes from an untrusted domain, the instance impersonates the Guest user unless you explicitly prevent users from untrusted domains from triggering inbound actions.


However I expect you have a particular use case in mind, and want to do something specific.


What is it you would like to do?


There may be a way of adding code to your inbound action to do this.



Best Regards



Tony


Go to solution
bernyalvarado
Mega Sage

‎01-27-2016 10:12 PM

Indeed it's possible. Just create a user (lets say dude) with a valid email account (dude@gmail.com). From that email account you can send out your test email to try out the inbound email action. ServiceNow will detect that the email is coming from dude@gmail.com and will identify that the email address is associated to the account of dude, so the inbound action will take place using the dude user's privileges.



If you have an existing user, you can modify their email to your test email (dude@gmail.com) so that you can test the behavior for that existing user. (important note: just make sure your test email is not associated to more than 1 user at a time ).



I hope this helps.



Thanks,


Berny


Go to solution
tony_barratt
ServiceNow Employee
ServiceNow Employee
In response to bernyalvarado

‎01-27-2016 10:20 PM

Very interesting and creative suggestion 😉


edit:


useful too!


0 Helpfuls

Go to solution
bernyalvarado
Mega Sage
In response to tony_barratt

‎01-27-2016 10:22 PM

Thanks Tony!! I hope you're doing great!



Best regards,


Berny


0 Helpfuls