Triggering Workflow by Anonymous User in SharePoint Using Powershell

Problem: 

We have a Request for Information form that can be accessed anonymously and the anonymous users have Add and View privileges to the respective list. What we want is when the user submits the form to have a workflow kick off that sends an email to the user who submitted the form using the email address within the form data and also send an email to an administrator.

However, we are seeing some problems with anonymous users and workflow playing nice together.

·         If a user is logged in (windows authentication), then the form works as expected, the data is stored into the list, the user is directed to the appropriate page and the workflow runs.

·         If no workflow is tied to the list, the anonymous user can submit their request for information as expected. The data goes into the list and the user is directed to the appropriate page.

·         If a workflow is attached to the list, the user can still submit their request and the data makes it into the list, but the workflow is not started and remains with Failed on Starting error. 

Work Around:

Normally Anonymous Users doesn’t have permission to trigger a workflow automatically. Below are the steps to enable anonymous users to trigger workflow automatically.

1.       Create a user or use the existing user and make sure that user has given proper write permissions to the list, to which the workflow is attached.

2.       Through Powershell we can iterate through the items in the list by impersonating the anonymous user with the user mentioned in the first step.

3.       Copy the below code to the notepad and save it as “filename.ps1”, Change the SiteCollectionUrl, Site title and List name to the appropriate one.

[System.reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")          Add-PSSnapin Microsoft.SharePoint.Powershell          Start-SPAssignment -Global          $Site = Get-SPSite http://servername:portnumber/          $web = $Site.AllWebs | where { $_.title -eq "Site Title"}                 if ($web -ne $null)                 {                                 $list =$web.Lists["List Name"]                   if($list -ne $null)                    { foreach ($item in $list.Items | where {$_.Workflows.InternalState -ne "Completed"})                              {                                           $item.Update()                               }                                $list.Update()                                    start-sleep 45                                                                                                         }                                                                              $Web.Dispose()                      }          $Site.Dispose ()          Stop-SPAssignment –Global

4.       Now we need to schedule this script in Task scheduler. Navigate to Start à Administrative tools à Task Scheduler 

5.       Click on the Create Task from the Actions pane in the right.

6.       Give the name of the job and the select the account which we mentioned in the first point which has the write permissions to the list.

7.       In the Triggers tab, create a schedule which suits the requirement.

8.       In the Actions tab, click new to specify the action.

9.       Select “Start a Program” from the dropdown and type Powershell.exe in the Program/Script.

Then in arguments, mention the path of the script file we saved in 3^rd step.

Example:

-command "& 'D:\WorkflowAnonymous.PS1'"

10.   Once the Job has been scheduled, try to add a new item to the list using the anonymous access and wait for the scheduled job to run. Once the job has completed then check workflow status, Now the workflow has been triggered by anonymous access.