[v7]{class="badge informative" title="Applies to Campaign Classic v7 only"}
Create and manage operators operators
Get started with Campaign operators about-operators
An operator is an Adobe Campaign user who has permissions to log in and perform actions.
By default, operators are stored in the Administration > Access management > Operators node.
Operators can be created manually or mapped on an existing LDAP directory.
Complete procedure to create an operator is described in this page.
For more on Adobe Campaign and LDAP integration, refer to this page.
Users can also directly connect to Adobe Campaign using their Adobe ID. For more on this, refer to this page.
Create an operator creating-an-operator
To create a new operator and grant permissions, follow the steps below:
-
Click the New button located above the list of operators, and enter the details of the new operator.
-
Specify the Identification parameters of the user: its login, password and name. The login and password will be used by the operator to log on to Adobe Campaign. Once the user is logged on, they can change their password via the Tools > Change password menu. The email of the operator is essential as it enables the operator to receive notifications, for instance when processing approvals.
This section also enables you to link an operator to an organizational entity. For more on this, refer to the this page.
-
Select the permissions granted to the operator in the Operator access rights section.
To assign rights to the operator, click the Add button located above the list of rights, then select a group of operators from the list of available groups:
You can also select one or more named rights (refer to Named rights). To do this, click the arrow to the right of the Folder field, and select Named rights:
Select groups and/or named rights to be assigned and click OK to validate.
-
Click Ok to create the operator: the profile is added to the list of existing operators.
Once the operator’s profile has been created, you can add to or update their information. To do this, click the Edit tab.
Define the operator’s time zone time-zone-of-the-operator
In the General tab, you can select the time zone of the operator. By default, operators work in the server time zone. However, it is possible to select another time zone using the drop-down list.
The configuration of time zones is described in this page.
In addition, the Regional settings drop-down list lets you select the format to display dates and numbers.
Add permissions access-rights-options
Use the Access rights tab to update the groups and named rights linked to the operator.
The Edit the access parameters… link lets you access the following options:
-
The Disable account option lets you disable the operator’s account: this user will no longer access Adobe Campaign.
note note NOTE Even if their account is disabled, the operator can still receive alerts or notifications from Campaign. To stop sending Campaign notifications to this operator, Adobe recommends you to remove the email address from their profile. -
The Forbid access from the rich client option lets you restrict the use of Adobe Campaign to Web access or through APIs: access to the Adobe Campaign client console is no longer available.
-
It’s possible to link a safety zone to the operator. For more on this, refer to this page.
-
You can also define a trusted IP mask using the appropriate link.
The operator will be able to connect to Adobe Campaign without entering their password if their IP address is in this list.
You can also specify a set of IP addresses that will be authorized to connect without a password, such as in the following example:
note note NOTE To keep access to your platform secure, this option must be used with care. -
The Restrict to information found in sub-folders of: option lets you limit the rights attributed to the operator of a folder. Only the subfolders of the node specified in this option will be visible to the user:
note important IMPORTANT This is a very tight restriction, and it must be used with caution. An operator logged in with this type of rights can ONLY see the content of the specified folder, and has no access to any other node of the tree via the explorer. However, depending on the functionalities this operator has access to (for example: workflows), the user can display data that is usually stored in nodes which are not accessible.
Check settings check-settings
The Audit tab lets you view information related to the operator. The various tabs are added to automatically based on the settings defined in the operator’s area of intervention.
You can access:
-
The list of rights on folders linked to the operator.
note note NOTE For more on this, refer to Folder access management. -
The operator approvals log.
-
The list of discussion forums which they are subscribed to.
-
Events in their calendar.
-
The list of tasks assigned to them.
Default operators default-operators
Adobe Campaign uses technical operators with profiles configured by default: Administrator (‘admin’), Billing (‘billing’), Monitoring, Web application agent (‘webapp’), etc. Some of these depend on the applications and options installed on the platform: ‘central’ and ‘local’ operators, for instance, are only visible if the Distributed Marketing option is installed.
By default, the ‘webapp’ technical operator has the named ADMINISTRATION right, which can lead to security risks. To fix this problem, we recommend removing this right. To do this:
-
From the Administration > Access management > Named rights node, click New to create a right and name it WEBAPP.
Named rights are detailed in the Named rights section.
-
From the Administration > Access management > Operators node, select the Web applications agent operator (‘webapp’).
Select the Edit tab, then the Access rights tab and delete the ADMINISTRATION named right from the list.
Click Add and select the WEBAPP right that you have just created, then save your changes.
-
Assign the ‘webapp’ operator read and write data access rights on the folders that concern this operator, which is primarily the ‘Recipient’ folders.
Modifying rights on tree folders is detailed in the Folder access management section.