02b - Administration (User rights)

Previous step: 02a - Administration

You can generate user logins with limited access to certain sections. For instance you can configure a user login (account) which is able to view reports, but cannot create/edit campaigns or insertions.

Determine requirements

As a first step, you should determine the requirements for the logins for your network. These questions may be helpful:

  • Which groups of users do you need (e. g. Administrators, Campaign managers, External users etc.)?
  • Who should get editing rights for which categories (e. g. campaign managers need to be able to create and modify the "insertions" category)?
  • Who should get read-only access for which categories (e. g. a client needs access to reporting data but not to the "campaigns" and "insertions" categories)?
  • Do some users need access to specific websites/advertisers/agencies only (e. g. user 1 gets access to websites A, B and C while user 2 user gets access to websites D, E and F)?

User groups

With user groups, you can determine a set of user rights. These user rights will be shared by all users that you will later assign to the user group (the users inherit the settings of the user group they belong to).

Note 1
The inherited user rights can be modified on user level. See below: "One by one access"

Note 2
Initially (in new networks), Smart Ad Server creates a user group called "Administrators"


Go to Administration > User groups and click New

Main data

This table describes each option:

Option Description
  • Level 1 (Administrators) - no restrictions at all
  • Level 2 (Managers & Traffic Managers) - for Managers & Traffic Managers access; rarely used 
  • Level 3 (Sales & Customers) - used for users with access to reporting/statistics only
Managed by the group
You can specify a parent user group and choose from the following options:
  • Inherits this group's advertisers - the advertisers assigned to the parent user group will be adopted
  • Inherits this group's sites - the websites assigned to the parent user group will be adopted
  • Contains the external clients of this Group - the external clients (users) of the parent user group will be adopted
Default access to advertisers
  • No default access (determined one by one) - access to specific/individual advertisers (to be determined on user level); otherwise, no access to any advertiser at all; see below: "One by one access“; 
  • All the advertisers of this group - access to the advertisers which are assigned to this group; no access to advertisers created by (and thus assigned to) other user groups; you can assign an advertiser to the user group in the menu: Administration > Advertisers > Advertiser group
  • All network advertisers - access to all advertisers (no restrictions)
Default access to sites
same concept as in Default access to advertisers (see above)
Default access to agencies
same concept as in Default access to advertisers (see above); however, agencies cannot be assigned to a user group; thus, the option "All the … of this group" is not available

Default Permissions

Under Default Permissions, you specify the operations a user can perform. For most categories (e. g. the "advertiser" category), you can specify the operations: Add, Edit, Delete, View. Some Permissions do not support all operations (e. g. Delivery rules : Edit delivery rules).


Users are the actual accounts (user name and password). They belong to a user group from which they inherit the user rights.


Go to Administration > Users

  • select the User group where to add this user (e. g. "DEMO", as shown below)
  • click New

User details

Fill in the user-related details (Lastname etc.).


Using a generic login (account) for multiple persons (account sharing) in your organization is not recommended. Some drawbacks when sharing an account:

  • you need to communicate each password update to all users sharing the account
  • you need to change the password when a users leaves your organization
  • no way to determine who made changes to insertions (tracked in insertion history)

Access rights and job permission

The user inherits the settings made on user group level (see above "User groups")

You can modify these settings for this specific user.
However, you can only remove individual rights; you cannot add user rights which had not been specified on user group level!

One by one access

For a given user, you can determine access to individual Campaigns/Advertisers, Sites and Agencies. This is only relevant if "No default access (determined one by one)" is selected (see above: "Access rights and job permissions")

  • add the appropriate items (e. g. the Sites) to the right column
  • click on each item to validate it (only items with a green checkmark will be kept)
  • click Save changes => items with green checkbox remain selected, items with red cross are removed)

Send user credentials

  • go to Send the login data
  • optionally, modify the text
  • click Send Email

The E-mail will contain a temporary password which must be changed upon initial login.


Check the Connection data to get details about the password.

To disable an account, go to Lock the account

Next step: 03 - Campaigns

Was this article helpful?
0 out of 0 found this helpful
Powered by Zendesk