https://community.blueprism.com/t5/Product-Forum/Separate-AD-user-for-each-application/m-p/57097#M11161 Hi!<BR /><BR />I have troubles finding a good and secure structure for setting up a Blue Prism infrastructure where the IT-department wants a separate AD-user for each application the robot is using. At the same time they also want to set up Blue Prism with single sign on.&nbsp;<BR /><BR />What is the most elegant way to solve this problem?&nbsp;<BR /><BR />I have tried to see if I can use comand line params to launch applications from Blue Prism. However, this is not very secure do to the fact that Blue Prism then has to send the credentials for the user into the comand line.&nbsp;<BR /><BR />It would also not be optimal for each process to log into the machine for each time it is going into a new system. For us developing it will also not be optimal.&nbsp;<BR /><BR />Thanks!<BR />Edda<BR /><BR />------------------------------<BR />Edda Burheim<BR />Senior Consultant<BR />AVO consulting<BR />------------------------------<BR /> Tue, 18 Jun 2019 12:15:00 GMT EddaBurheim 2019-06-18T12:15:00Z https://community.blueprism.com/t5/Product-Forum/Separate-AD-user-for-each-application/m-p/57097#M11161 Hi!<BR /><BR />I have troubles finding a good and secure structure for setting up a Blue Prism infrastructure where the IT-department wants a separate AD-user for each application the robot is using. At the same time they also want to set up Blue Prism with single sign on.&nbsp;<BR /><BR />What is the most elegant way to solve this problem?&nbsp;<BR /><BR />I have tried to see if I can use comand line params to launch applications from Blue Prism. However, this is not very secure do to the fact that Blue Prism then has to send the credentials for the user into the comand line.&nbsp;<BR /><BR />It would also not be optimal for each process to log into the machine for each time it is going into a new system. For us developing it will also not be optimal.&nbsp;<BR /><BR />Thanks!<BR />Edda<BR /><BR />------------------------------<BR />Edda Burheim<BR />Senior Consultant<BR />AVO consulting<BR />------------------------------<BR /> Tue, 18 Jun 2019 12:15:00 GMT https://community.blueprism.com/t5/Product-Forum/Separate-AD-user-for-each-application/m-p/57097#M11161 EddaBurheim 2019-06-18T12:15:00Z https://community.blueprism.com/t5/Product-Forum/Separate-AD-user-for-each-application/m-p/57098#M11162 It sounds like you're trying to launch via the runas command? You can bypass the callback for a user's password and supply it in the same go by using PSExec from the PSTools package. The only thing with this is that you still have to store the credentials someplace, which even though they're encrypted, may violate security policies if you aren't using dedicated service accounts.<BR /><BR />------------------------------<BR />Ami Barrett<BR />Lead RPA Software Developer<BR />Solai &amp; Cameron<BR />America/Chicago<BR />------------------------------<BR /> Tue, 18 Jun 2019 15:26:00 GMT https://community.blueprism.com/t5/Product-Forum/Separate-AD-user-for-each-application/m-p/57098#M11162 AmiBarrett 2019-06-18T15:26:00Z