AEM User Access Control: Groups and Permissions in Access Control Entries (ACEs) | Community
Skip to main content
N
nziaee-1
Level 2
September 22, 2022
Solved

AEM User Access Control: Groups and Permissions in Access Control Entries (ACEs)

  • September 22, 2022
  • 1 reply
  • 2035 views

What each of the Access Control Entries (ACEs) mean and what they are good for?  Where can I find a cheat sheet from Adobe to indicate what each of the ACE items such as: such as: /apps ; /conf ; /content ; /etc ; /home ; /libs ; /mnt ; /system ; /tmp ; var   are good for and what permission they control.  Does anyone have the OOTB best practices of how to give permissions and select groups for different roles. 

 

For example, I am not sure which one of those controls the drag and drop functionality, which one controls the filtering, which one controls the top navigation menu, etc.

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by digarg17

    https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?lang=en#built-in-users-and-groups

     

    Usually, you would want to create your project-specific groups as members of OOTB groups mentioned in the above link and then add/remove permissions on top of it.

    For what each folder do :- 

    https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/what-s-the-use-of-tmp-var-bin-conf-system-folders-in-aem/m-p/287333

    • /apps - components (content and pages) , templates,clientlibs
    • /content - site pages , dam assets , XF, TAGS
    • /tmp is for temporary space, which could get recreated on every startup. Do not store data there which should survive a restart.
    • /var: temporary data, which needs to survive a retart
    • /bin: shouldn't be there. Typically created by accident, when you hit some servlet bound to the /bin folder, but the servlet is not registered yet.
    • /conf: That's the place where configuration is stored. Check the documentation of Sling Context-Aware Configuration for it. , templates config, Workflows etc
    • /system: That's for the system, don't mess with it.

    1 reply

    D
    Adobe Employee
    digarg17Adobe EmployeeAccepted solution
    Adobe Employee
    September 23, 2022

    https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?lang=en#built-in-users-and-groups

     

    Usually, you would want to create your project-specific groups as members of OOTB groups mentioned in the above link and then add/remove permissions on top of it.

    For what each folder do :- 

    https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/what-s-the-use-of-tmp-var-bin-conf-system-folders-in-aem/m-p/287333

    • /apps - components (content and pages) , templates,clientlibs
    • /content - site pages , dam assets , XF, TAGS
    • /tmp is for temporary space, which could get recreated on every startup. Do not store data there which should survive a restart.
    • /var: temporary data, which needs to survive a retart
    • /bin: shouldn't be there. Typically created by accident, when you hit some servlet bound to the /bin folder, but the servlet is not registered yet.
    • /conf: That's the place where configuration is stored. Check the documentation of Sling Context-Aware Configuration for it. , templates config, Workflows etc
    • /system: That's for the system, don't mess with it.
      Terms & ConditionsAccessibility statement

      Loading footer...