scheduled job run as system administrator
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-30-2022 04:15 PM
All,
I have a question on running a scheduled job under the 'system administrator' user role.
I have created a scoped application which is responsible for reading data from other scoped application & populate data on servicenow foundation tables. The applications which contain the source data are having ACLs setup on the tables my scheduled script is reading from. These ACLs are also having 'override admin' unchecked .
My Question is , do I need to run these scheduled jobs under a different user to which I grant specific user roles which are req'd to read / update those different scoped tables ?.
The system administrator user cannot be modified with any user roles, so I cannot test it by granting it additional table roles. If such a needs comes up, then I need to create a service account & assign user roles req'd to successfully run these schedule scripts.
Appreciate any guidance.
Thx
ram.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-30-2022 05:03 PM
Hi,
With the admin override as false, you will most likely need to use a user account that has appropriate access. You can try replicating some of the script in background, within that scope impersonated as a particular user and see what your results may be. You can also create a temp scheduled job with some basic code and log statements and then use execute now and see how it goes. There's a few ways to test this for you to confirm on your own end.
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-30-2022 05:30 PM
Thank you for the reply.
The reason I had posted this question is , after completing the above tests, I am seeing the 'system administrator' user role is able to read & update those tables ( even though admin override is false ). There is no app specific user roles existing for that user, but still it goes thru which made me to make this post to get inputs.
I had to add myself to the specific groups containing roles in-order to execute these scripts from the bg scripts. For my ID from BG script, all read attempts were failing even though I am an admin.
My schedule scripts are running fine and dandy for now. But I am hesitant to go with the ''system administrator' user to higher instances suspecting some kind of read / write issue would happen.
