By default all activities are executed with the account you have specified on the Orchestrator Runbook Service on your Runbook servers. In some scenario you need to configure a activity with a specific account, you can do that on the security tab on each activity.
But it is a lot of work to update each activity in the runbook with new security credentials information. What if you want to use the same runbook, but with different input parameters and different accounts? The solution to that could be to trigger the runbook with the Invoke Runbook activity and specify a account, instead of trigger the runbook direct. Then you can specify a account each time you trigger the runbook. In this example I have built two runbooks. Runbook A and runbook B.
Runbook A writes its credentials to a text file (command “whoamI” and writes pure output to C:\temp\Iam.txt) and triggers runbook B that does the same. The result will be a text file with two lines, both lines is SKYNET\svc-sco-sa. SKYNET\svc-sco-sa is my Orchestrator Runbook Server service account, and that is the account that executes runbooks by default in my sandbox.
If I now configure the Invoke Runbook activity, on the security credentials tab, to run with the SKYNET\andersbe account instead, we will see a difference in the result
As you can see the second runbook is now running with the SKYNET\andersbe account instead of the default account.