Operator with no access to web console

Avatar

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile
mary_joyg231170
Level 1

11-09-2019

Hi everyone.

Is there a way to create an operator that doesn't have access to web console particularly /view/campaign or /view/home but has an access to a web application i.e. https://<campaign instance url>/webApp/<web app name>?

Based on documentation, we can forbid an operator to access to the rich client:

1832159_pastedImage_0.png

However, I can't find any to forbid web console access.

Is this possible?

Any help is greatly appreciated.

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Validate 1
Level 4
DimaKudryavtsev
Level 4

Likes

43 likes

Total Posts

44 posts

Correct reply

10 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 25
Boost 10
View profile

Avatar
Validate 1
Level 4
DimaKudryavtsev
Level 4

Likes

43 likes

Total Posts

44 posts

Correct reply

10 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 25
Boost 10
View profile
DimaKudryavtsev
Level 4

12-09-2019

Yes, It is not possible to restrict access to view/home if the operator has at least some basic rights (like belongs to some group). However, If the operator does not have read access to a folder, where campaign actually exists, one will not be able to see it anywhere. Same goes for workflows, deliveries and any other records.

I have operators, who can access only designated folders and have only read-only access to them for monitoring purpose.

So it is possible to store web-app to a special folder, restrict operator access only to that folder and in theory, it should be secure.

Please check out this link: Access management

Answers (6)

Answers (6)

Avatar

Avatar
Validate 1
MVP
kapilKochar
MVP

Likes

130 likes

Total Posts

144 posts

Correct reply

45 solutions
Top badges earned
Validate 1
Contributor
Give Back 10
Give Back 5
Give Back 3
View profile

Avatar
Validate 1
MVP
kapilKochar
MVP

Likes

130 likes

Total Posts

144 posts

Correct reply

45 solutions
Top badges earned
Validate 1
Contributor
Give Back 10
Give Back 5
Give Back 3
View profile
kapilKochar
MVP

11-09-2019

Hi ,

Disabling rich client access option will restrict user to log in  via

https://<your Adobe Campaign server>:<port number>/nl/jsp/logon.jsp

but user will be able to Log in using below link

https://<your Adobe Campaign server>:<port number>/view/home

Now options we have to avoid access other modules

A) Based on access rights user can be restricted to view any modules except Web module .

B) If you already published your WebApp shared the link of your WebApp with the user and disable the rich client option by this user will only be able to view WEBAPP.

Hope this helps !

Thanks,

Kapil

Avatar

Avatar
Validate 1
Level 4
DimaKudryavtsev
Level 4

Likes

43 likes

Total Posts

44 posts

Correct reply

10 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 25
Boost 10
View profile

Avatar
Validate 1
Level 4
DimaKudryavtsev
Level 4

Likes

43 likes

Total Posts

44 posts

Correct reply

10 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 25
Boost 10
View profile
DimaKudryavtsev
Level 4

11-09-2019

Not to my knowledge.

Can you just restrict operator access to all folders apart of web app folder? You can see what folder access operator has in Audit -> Folder Rights

To make it easy, create operator group, that have required level of access and make the operator be a part of this group and make sure one does not have any access outside of the group access.

Avatar

Avatar
Validate 1
Level 4
DimaKudryavtsev
Level 4

Likes

43 likes

Total Posts

44 posts

Correct reply

10 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 25
Boost 10
View profile

Avatar
Validate 1
Level 4
DimaKudryavtsev
Level 4

Likes

43 likes

Total Posts

44 posts

Correct reply

10 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 25
Boost 10
View profile
DimaKudryavtsev
Level 4

11-09-2019

Hi

The Rich Client is the console. If you forbid the access to it, the operator will not be able to login to the console only. But one will be able to login to web app or perform a SOAP calls, if one have right permissions.

Avatar

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile
mary_joyg231170
Level 1

12-09-2019

Hi DimaKudryavtse
It's actually client's requirement to disable the /view/home of the web console to a specific operator.
Not sure if this is possible since web app are accessed via web console (like reports) and yet they wanted to disable this for a specific operator.

Avatar

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile
mary_joyg231170
Level 1

12-09-2019

Hi Kapil.

Apologies as I am kind of new to access management in Adobe Campaign.

May I ask what access rights to assigned to a user to restrict view of any modules except web module?
And will that restrict the user in accessing /view/home?
Thanks.

Avatar

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile

Avatar
Validate 1
Level 1
mary_joyg231170
Level 1

Likes

4 likes

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
View profile
mary_joyg231170
Level 1

11-09-2019

Hi DimaKudryavtsev

Yeah...that setting is to forbid access on the rich client console. How about forbid an operator to access the web console but still can access a web app? Is that possible?

1832161_pastedImage_0.png