- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2016 04:30 PM
When you first install a wireless router in your home you are encouraged to change the password to your admin account so others can't get in using that common id and password. By the same token should the generic "guest" account in your ServiceNow instance be either disabled, deleted, or have a password changed to prevent a login? What would be the consequences?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2016 04:33 PM
Hi Scott,
I recommend disabling it. There are some esoteric places in the system that use the guest account. You obviously don't want people to login with that account, but you don't want to lose reference to the account itself. Set the active field to false and perhaps even set Locked out to true, just for good measure.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2016 04:33 PM
Hi Scott,
I recommend disabling it. There are some esoteric places in the system that use the guest account. You obviously don't want people to login with that account, but you don't want to lose reference to the account itself. Set the active field to false and perhaps even set Locked out to true, just for good measure.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2016 04:33 PM
Hi Scott,
Here is one of the use case required for use case of guest account. You can however change the password for security reasons.
When a user from a trusted domain sends an email to the instance, ServiceNow either matches the email to an existing user or creates a new user. Since the incoming email matches a user record (either an existing or new one), the email can trigger an inbound action.
When a user from an untrusted domain sends an email to the instance, ServiceNow attempts to impersonate the guest user. Since the guest user is locked out, the impersonation fails and the incoming email cannot trigger an inbound action.
Inbound Email Actions - ServiceNow Wiki
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2016 04:40 PM
Interesting... so you COULD use this to ignore email from untrusted domains. But... the trusted domains system property defaults to "*" (all domains).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2016 04:44 PM
I enjoy a thorough discussion
