Windows™ impersonation is a mechanism that allows
IBM® Campaign administrators to associate
IBM® Campaign users with
Windows™ users, so that
IBM® Campaign processes invoked by an
IBM® Campaign user run under the credentials of the corresponding
Windows™ user.
For example, if Windows™ impersonation is enabled, when the
IBM® Campaign user
jsmith edits a flowchart, a
unica_acsvr process starts under the
Windows™ user ID associated with the
IBM® Marketing Platform login name
jsmith.
By using Windows™ impersonation, you are able to leverage the Windows-level security permissions for file access. If your system is set up to use NTFS, you can then control access to files and directories for users and groups.
Windows™ impersonation also allows you to use
Windows™ system monitoring tools to see which users are running which
unica_acsvr processes on the server.
To use Windows™ impersonation, you must establish a one-to-one relationship between
Campaign users and
Windows™ users. That is, each
Campaign user must correspond to a
Windows™ user with the exact same user name.
Typically, administration begins with a set of existing Windows™ users who will use
Campaign. You must create
Campaign users in
Marketing Platform with the exact same names as the associated
Windows™ users.
Each Windows™ user for whom you have set up a
Campaign user must be placed in a special
Windows™ impersonation group. You must then assign the group to specific policies.
To ease administrative tasks, you can then grant read/write/execute privileges to the
Campaign partition directory for the group.
When Windows™ impersonation is set up, once users have logged into
Windows™,
Campaign users are automatically logged into
IBM® EMM using a single sign-on. When they open a browser and go to the
IBM® EMM URL, they do not need to log in again, and they immediately see the
IBM® EMM start page.