Articles on: ServiceNow

ConfigBot for ServiceNow – Impact Analysis Security: Overprovisioned Users

Sometimes, high-level roles such as admin or security_admin are assigned to users who may not actually need them. Identifying these over-provisioned roles typically requires manually reviewing each record — a time-consuming and error-prone process. 

With ConfigBot’s Impact Analysis Security module, administrators can quickly identify users who hold critical or excessive roles, helping ensure proper access control and compliance. 

The following article explains how to generate analysis and see Overprovisioned users in the instance using configbot 


Step 1: Log in to ConfigBot 


Enter your username and password, then click Submit to access the portal. 


 


Step 2: Access the Impact Analysis Security Module

 

From the Home Screen, click on the Impact Analysis Security module tile. 


 


Step 3: Select a Workspace 


Choose the workspace that best fits your analysis needs. 


 


Step 4: Create a New Iteration 


Click the Add Iteration button 


 


  • Enter the Iteration Number 
  • Select the Workspace 
  • Enter Host Address 
  • Choose the Instance Type 
  • Enter your Company ID and Username 
  • Add a short Description  
  • Then click Submit to create the iteration. 


 


 

Step 5: Open the Workbook 


Navigate to your newly created iteration (for example, Iteration #1) and open the Workbook

It will open in a new browser tab. 



Step 6: Configure the Role Filter (Optional) 


Within the workbook: 

  • Go to the Config worksheet tab. 
  • In the Fetch Over Provisioned Users Filter Type column, select Fetch only
  • In the Role Names column, specify the role name (e.g., admin, sn_hr_core.admin). 

 

Then close the workbook once configuration is complete. 


Step 7: Generate Workbook 


Click the Hamburger Menu and select Generate Workbook

 

 


 

In the pop-up window: 


  • Enter your ServiceNow instance password 
  • Add any execution notes 
  • Select the checkbox for Overprovisioned Users 

Then click Confirm and Start to begin the analysis. 



Step 8: Monitor Progress 


Click the Information (ℹ️) icon to track your iteration’s progress. 


 


Step 9: Review Results 


Once the status shows Complete, open the generated workbook. 

 

Navigate to the Overprovisioned Users sheet to view all users who have been assigned high-level or unnecessary roles. 



Using ConfigBot’s Impact Analysis Security – Overprovisioned Users feature, administrators can quickly detect and review accounts with excessive privileges. This proactive analysis helps:

 

  • Prevent unauthorized system access 
  • Improve compliance with security policies 
  • Streamline access management by removing redundant role assignments 


Thank you!


Updated on: 10/15/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!