My client has a setup with several robot servers that all have their own robot account. Having the accounts set on the “Robot” level requires them to allow the robot accounts to access all applications they need to work in (they usually go with single sign on). This makes the robot accounts “superusers” that is not appreciated by IT etc. If we keep the robots separated to a collections of processes, we can keep the access down to a selection of applications but forces us to only run certain process on certain robots.
We would like to have a scenario where we can use separate process account that run on any robot really. Same process always run under this account no matter what Robot/Server it uses. Tracing the robots in the applications logs will reveal the process account name, rather than the robot account.
One way to explain this would be to imagine that setting the account in orchestrator on “Processes” items instead of “Robots”.
Any suggestions on how this can be achieved?