Announcing the launch of new sub-community for Campaign Web UI to cater specifically to the needs of Campaign Web UI users!
Forbid acess to Rich client: Adobe Campagin
Hi All,
Hope you guys are doing well.
I want to disable users who left the organization or no longer on project WITH ADMIN ACESS. If I disable users who already left OR Revoke their admin acess , all the technical workflows which are created by them and running are throwing error and go on paused state.
I do not want this to happen. Is there any way to achieve this by not doing lot of manual work(restart workflow by another user).
I dont want to go with the approach where we can modifiy the "last moddifies by /Created by " for that wkf --as we have so many teach wkfs and its hard to do
One of the approach I found is to reset their password and keep the same with support team
Another approach i found is :to check the second option in screen shot is to forbid their acess to console--so that if another person will try to login with the credentials of THOSE USERS who left ---they will not be able to login with that account credential
Please let me know if this approach is fine?
if we check the check box "forbid acess from rich client" what will happen?
I am not very sure on this just tried in UAT nad it was showing
Any other solutions are welcome.
Thanks in advance..!
Hi @Shruti1,
Both the approaches mentioned by you are not full proof. Please find the potential issues you might face and also my recommendation,
- First approach you mentioned might not work if a user has their fall-back or backup email configured. They might try to rest their password via fall-back email id so to avoid this, you should first update their profile first and remove their backup email before resetting their password
- Second approach you mentioned will only restrict the access from Rich client but these folks still can access the thin client using browser and API’s (if any)
I will recommend, along with above two steps, you update the profile of these Admins and fix the IP range to Application server IP range only so these users cannot access both thin and rich client from anywhere. You can do this from Add a trusted IP mask option.
In addition, you should also ask your campaign server Admin to configure the Adobe campaign server access restricted to only certain IP ranges. This can be achieved via small changes in your Application server configuration file(Admin can include org specific IP ranges which also include the IP range of VPN). This will ensure no one are allowed to access the Adobe campaign client console from personal network or without connecting to VPN.
Hope this helps.
With Regards,
Amit
Related Conversations
