Automating File share access request approval

  • 1 October 2020
  • 1 reply

Hi all,

Not sure if this is the correct place for this or not, apologies if not.

Is there any way to automate access requests for file shares/ shared mailboxes etc?

We are looking for a way to have a dynamic list of available file shares, mailboxes etc, which the user can request through the portal.

There would then be a workflow to send an approval request out, depending on which share the approver will vary, and depending on the result of the approval it will either be passed to the correct queue for fulfilment, or rejected and the requester emailed.

I'm fine with the 2nd half of this, the automating rejection or approval, but struggling to get the first working dynamically.

For example I understand we could do a workflow for each request, based on share name, but then we would need to add a new one each time we create a new share.

So I am looking for a way for Freshservice to read a file with a list of shares, or ideally browse the server, and assign an approver to it based on which resource it is, maybe by a manual update of the list of shares.

So to summarize, user goes to the portal, selects file access, drop down list shows all available shares, they pick the one they need. Freshservice logs a ticket, sends an approval request out to the person responsible for that share, and then once it is approved or rejected a ticket is passed to the correct queue, or closed. And the only input needed to add new shares is to update a text file somewhere maybe?

Is this possible?

1 reply

Short answer: no

Long answer: yes but not the way you describe the UI without considerable customisation

Longer answer: yes but multiple service catalogue items is much easier (be warned there is still no API for creating / updating service catalogue items)

Longest answer:

The dynamic scenario you’re proposing could be achieved with a couple of drop won fields on the catalogue item (which you’ll have to manually maintain) however this doesn't achieve end-to-end automation easily as this has to work on the assumption that your group or mailbox names are unique and make sense to both end users and IT admins.

We’ve all seen groups with horrible or legacy names that get referred to with multiple aliases by end users.

The easier option which improves findability in the service catalogue is to have one service catalogue item per group / mailbox etc. you then have the short & long description fields to include grou alises etc and evn the name itself to be friendlier.

What we did was this plus using aa custom field to store group ID.

We then have

  1. FreshService workflows to do the basic approvals eg approval by requesters line manager
  2. For more complex approvals of individual “group owners” we use a number of Azure Logic apps called from FS WebHooks that lookup group owenrs from the grouops themselves
  3. Logic Apps then add end-users directly to Azure or AD groups (after FS approvals)
  4. No human intervention required

Also you dont need 1 workflow for each catalogue item - depending on the number of catalogue items you can filter your workflow trigger on requested item or other ticket fields.