SOLVED

EPM Service Account Breaks User Context In Apps

Copper Contributor

Hi,

I am working with a customer who is wanting to make use of EPM for their developer team to run some applications with elevated permissions. They have noticed that when elevating certain applications with EPM that a service account is used (see MEM\AzureAD_AdeleVance_$ below), which therefore runs the app with a new user profile, removing things like user preferences, context and also breaks some apps that rely on domain permissions/credentials.  

 

From my testing, this service account only seems to be used by EPM when elevating already installed applications, not application installers. Is this by design and is there a possible workaround that avoids EPM using this service account? 

 

 

MEM user.png

 

 

5 Replies
Let's see if I can por @Rudy_Ooms_MVP for this.
best response confirmed by ethanchalmers (Copper Contributor)
Solution
Service account aka virtual account

https://call4cloud.nl/2023/05/the-virtual-account-that-rocks-the-epm/
And yeah… its by design… a virtual account with a virtual domain that cant be tempered with… but because of it , it has its flaws… not acces to the same user profile, no sso… …


Wow, what a great read. Cheers!
1 best response

Accepted Solutions
best response confirmed by ethanchalmers (Copper Contributor)
Solution
Service account aka virtual account

https://call4cloud.nl/2023/05/the-virtual-account-that-rocks-the-epm/
And yeah… its by design… a virtual account with a virtual domain that cant be tempered with… but because of it , it has its flaws… not acces to the same user profile, no sso… …


View solution in original post