AnsweredAssumed Answered

Set multiple O365 Permissions

Question asked by matthew.brown@kaust-imc.org on Jul 22, 2016
Latest reply on Mar 3, 2018 by harfmt

Hello,

In O365 I have a list where an employee submits a request and once that request is submitted they should not be able to modify or delete the request.  In order to achieve this goal the first thing I would like to do is to remove all existing permissions on the list item then add back in the necessary permissions.  I have configured the following:

Step 1 - Remove all existing permissions and assign full control to a user group.

Step 2 - Assign read to the user that submitted the request so they can monitor the status.

Step 3 - Assign additional read permissions to people that need to audit the list.

 

I have used the O365 update permission action to configure these.  When I add an item to the list as someone in the user group that is granted full control permissions step 2 and 3 work as expected.  But when a user that is not part of the full control group adds an item to the list the workflow goes into a Suspended state between steps 1 and 2.  This indicates to me that there is some permission issue.

 

Questions:

- What account do workflows run under?

- If the workflow runs under the user account of the person that starts the workflow then how can privileges be escalated?

- How can a workflow be set to always run under a designated service account?

- Or, how can configure the permission steps so that the workflow continues to run?

 

Thank you,

Matt

Outcomes