The CreatorCon Call for Content is officially open! Get started here.

Internal integration user for scheduled job

Go to solution
Community Alums
Not applicable

‎10-25-2020 08:55 PM

Hi All,

Healthscan ran for our Instance.

We have multiple script excution script and data import which has been scheduled by scheduled job, currently all are running all by Default user which is System.

find_real_file.png

 

But As per best practice servicenow suggest as below:

Issue by healthscan: "There is a dedicated integration user that runs actions in place of the default admin user"

Recommanded : Run as user in automated scripts should have internal_integration_user field checked in user record

 

Can I create normal user with "Internal integration user " mark as true and without any role.

Or I need to provide any role for that user.

 

 

 

 

 

Preview file
3 KB
Preview file
37 KB
Preview file
3 KB
0 Helpfuls
  • 2,588 Views
1 ACCEPTED SOLUTION

Go to solution
Community Alums
Not applicable

‎12-02-2020 12:41 AM

Hi All , 

 

I have tested scheduled job which imports data from Mid server and for that Scheduled job I have use Mid server user as Run as.

 

and its working all data getting import from mid server as this user having import Role.

 

 

View solution in original post

0 Helpfuls
6 REPLIES 6

Go to solution
Willem
Giga Sage
Giga Sage

‎10-25-2020 09:24 PM

You have to create the user with "Internal integration user " mark as true and assign appropriate roles.

Depending on what the scheduled jobs do, you need to assign roles (as limited as possible).

 

So yes the integration user need roles. But try to limit the amount of roles. So for example, do not assign Admin role if not needed.

 

I have seen customers use multiple users to identify specific interfaces/jobs. That will allow you to see for example which interface of job was the updated by of specific records.

Go to solution
Community Alums
Not applicable
In response to Willem

‎10-25-2020 09:35 PM

Hi Willem,

 

Thanks for reply.

Actually that field is optional on that form, so if I create user with no role it will work ? need clarification on actually purpose of that field. or whether is just for showing that scheduled job ran by particular user profile.

 

 

0 Helpfuls

Go to solution
Willem
Giga Sage
Giga Sage
In response to Community Alums

‎10-25-2020 09:54 PM

Hi,

Yes it is optional. If you do not fill in a user it will run as System.

If you do fill in a user, it will run as that user. Meaning all role based restrictions apply. So setting a user with no roles will result in that script running into a lot of restrictions.

With no roles, that user will not be allowed to do anything in the system, thus the scheduled job will not be able to execute properly.

Hope this helps! 🙂

0 Helpfuls

Go to solution
Community Alums
Not applicable
In response to Willem

‎10-25-2020 09:58 PM

I understand your point but some of finding shows as that scheduled jobs will run, even that run as user is without any role.

 https://www.servicenowguru.com/system-definition/imports/defining-run-as-user-scheduled-import/ 

So still i am not sure about this.

 

Hope you understand my point 🙂 Thank you so much for your help

0 Helpfuls