"Everyone" group added for each user of AEM 6 | Community
Skip to main content
radhikak8817019
radhikak8817019
Level 3
October 16, 2015
Solved

"Everyone" group added for each user of AEM 6

  • October 16, 2015
  • 5 replies
  • 3078 views

Hi All,

We recently upgraded our server from AEM 5.6.1 to AEM 6. Everything working fine except the strange behavior we noticed with user and group.

"Everyone" group is added to all users after upgrade and it cannot be removed manually from users using "\useradmin" console. As everyone group has deny permissions on most of the stuff so the users not able to view content on site.

Do we need to install any hotfix to fix this issue or is there any other customize way by creating script?

Please pour in your suggestions to resolve this issue.

Thanks In Advance,

RK

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Sham_HC

    Hi RK,

    everyone group  is  special &  all users (including 'anonymous') are implicitly member of that group and there is no way to add or remove someone from that group. in other words: nothing that is related to access control.  Verify the acl evaluation and identify the group that is causing & fix accordingly.  You are in wrong directing that everyone group causing it.

    Thanks,

    5 replies

    Sham_HC
    Sham_HCAccepted solution
    Level 10
    October 16, 2015

    Hi RK,

    everyone group  is  special &  all users (including 'anonymous') are implicitly member of that group and there is no way to add or remove someone from that group. in other words: nothing that is related to access control.  Verify the acl evaluation and identify the group that is causing & fix accordingly.  You are in wrong directing that everyone group causing it.

    Thanks,

      Stipo42
      Stipo42
      October 16, 2015

      I recently had this issue as well.

      This happens when you replicate a page BEFORE replicating the group it's secured against. 

      Even when a group is then replicated, the correct rep:policy node does NOT get created.

      Perhaps a workflow can be set up so that order doesn't matter, but for the time being always replicate your groups first.

      Sham_HC
      Sham_HC
      Level 10
      October 16, 2015

      Rep:policy will never be replicated. If it is cug it will auto create once activation reaches publishers. So you need to make sure group exist before that. Otherwise without group presence cug can't create rep:policy.

      smacdonald2008
      smacdonald2008
      Level 10
      October 16, 2015

      YOu might want to install SP1 - see if that addresses the issue. THey made some fixes in that service pack. 

      Also - here is some background on that group:

      http://jackrabbit.apache.org/oak/docs/security/user.html

      Everyone Group

      The default user management implementation in Oak contains special handling for the optional group that represents everyone, which is marked by the reserved name everyone and corresponds to theEveryonePrincipal.

      This special group always contains all Authorizable as member and cannot be edited with user management API. As of OAK this fact is consistently reflected in all group membership related methods. See also Principal Management.

      radhikak8817019
      radhikak8817019Author
      Level 3
      October 16, 2015

      Hi Smacdonald,

      Thanks for your reply.

      We are already using Adobe Experience Manager, Version 6.0.0.SP1. 

      /RK

      Terms & ConditionsAccessibility statement

      Loading footer...