One of the new APIs for 7.x is ARSetImpersonatedUser. We thought that we could use it in workflow to conduct Remedy activity as a named user, as specified on page 446 of the 7.0 API Reference Guide. It turns out that (and I'm getting this secondhand, so I may be wrong), the API is only effective from within a Remedy Web Service.
I'm hoping that someone else can verify that either the manual is correct or the input we got is correct. Rick _____ From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Axton Sent: Wednesday, February 27, 2008 6:20 PM To: arslist@ARSLIST.ORG Subject: Re: A way to mimic a users account ** Can you elaborate? Axton Grams On Wed, Feb 27, 2008 at 5:09 PM, Rick Cook <[EMAIL PROTECTED]> wrote: ** On topic (mostly), has anyone played with the new 7.1 user impersonation API feature yet? Our preliminary testing and subsequent conversations with engineering have left us with the conclusion that it promised more than it actually delivered (or perhaps we inferred more functionality than was intended). Anyone see the same or different? Rick On Thu, Feb 21, 2008 at 5:54 PM, Carey Matthew Black <[EMAIL PROTECTED]> wrote: Mary, We use an external authentication method (with blank passwords in ARS) with our ARS and I use the following approach. The only down side is that you "kick the user out" while you are testing because your are literally hijacking their account. The up side is that it really _is_ their account. (So you get the same preference record, the same 'Login Name' ect... The only thing that are really still different are local client host [for User Tool specific issues] and network paths.) http://www.remedy.com/customers/dht/archive/11-04-2002.htm Ref the 'Authentication Login Name' field. Basically you would set 'Authentication Login Name' to the username that you know the password for in your external authentication source on the Users record that you want to test. Then you login to the ARS client with their 'Login Name' and your password. When done you clear the field and then they can login with their password again. The same thing can be done if your using external authentication method (with blank passwords) if you set an ARS level password then login with that value and later clear it. However, that may cause issues if your doing any kind of "Password Management" with rules like "Must change every 60 days", or "must track how long since the user changed their password" etc... If your not using an external authentication method, then export the record to ARX format. Change the password. Do your testing. and import the ARX record so that it OVERWRITES the DB record. That should restore the record to the starting condition. (or you can even just force a "user must change password" type condition. (If your custom processes supports that.) ( Basically what Jason Miller said... just with a slight difference in approach. :) ) BTW (and a bit off topic): Using the above approach (assuming you are using an external authentication method and 'Authentication Login Name' ) you can "lock" an account by setting this fields value with some username/account that does not exist. Then later when the account should be "unlocked" you clear the field. ( A custom AREA plugin,a User.log monitoring process, or even a trusted ARS user could "lock the account" and stash a record that will clear the value after time="x" and let an escalation "unlock" the account by removing the 'Authentication Login Name' value.) -- Carey Matthew Black Remedy Skilled Professional (RSP) ARS = Action Request System(Remedy) Love, then teach Solution = People + Process + Tools Fast, Accurate, Cheap.... Pick two. On Thu, Feb 21, 2008 at 11:48 AM, Mary Dollus <[EMAIL PROTECTED]> wrote: > Hi Everyone, > > I thought I heard that there is a way to mimic a user's account so you can log in as them, but not really using their login and password. > > Is that possible? I want to test a user's account as it is... I could add one and set it up like hers... but all of those work... so I want to see what she's seeing exactly. > > Thanks!!! > Mary Dollus > ARS 7.0.01 > > ____________________________________________________________________________ ___ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" > ____________________________________________________________________________ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" __Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" html___ __Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" html___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
