Expand my Community achievements bar.

SOLVED

ACL Users Groups and Permissions using ACS-Commons ACL Packager

Avatar

Level 5

AEM 6.2 SP1

Here is what I have in terms of rules in the ACL Packager

Package Name:            PROD-EWCM Users Groups And Permissions
Package Group Name:        ACLs
Package Version:         230
Package Description:     ACL Package initially defined by a ACS AEM Commons - ACL Packager configuration.
Package ACL handling:    Overwrite
Conflict resolution:    Increment Version
Principal names:        {Listed all defined groups here}
Include Patters:        /content/.*
                        /etc/.*
Include principals:        unchecked
Include ACL Packager:    unchecked

Created    Package

Did this step for the source and destination servers
1.    Open CRX/DE
2.    Click on Tools, Query from the submenu
3.    Change Type to SQL2
4.    Query:
    a.    select * from [rep:User] as p where isdescendantnode (p, [/home/users]) AND ([rep:principalName] = 'admin' OR [rep:principalName] = 'anonymous')
5.    Copy the PATH for inclusion in the next steps.

In CRX/DE, Navigate to Package Manager .
1.    Click on package created in previous step.
2.    Click on Edit
3.    Click on the Filters tab.
4.    Click on Add filter
a.    Root path: /home/groups
5.    Click on Add filter
a.    Root path: /home/users/
b.    Rules:
i.    Click Add rule
        exclude    /home/users/.*/.tokens
        exclude    /home/users/g/gk-vIi0xyu2HJ5yJb8us
        exclude    /home/users/E/Efv1lYwK8OQ549YyZ_MG
        exclude    /home/users/a/admin
        exclude    /home/users/a/anonymous

I've also attached a word document with the steps we take to make this work.                   

I constantly see the following error: 

Could not Install Package
"javax.jcr.nodetype.ConstraintViolationException: OakConstraint0027: The admin user cannot be removed."

Log message Error:

28.02.2017 07:06:10.987 *ERROR* [qtp1274734333-2867] org.apache.jackrabbit.vault.fs.io.Importer Error while committing /home/users: javax.jcr.nodetype.ConstraintViolationException: OakConstraint0027: The admin user cannot be removed.
28.02.2017 07:06:10.987 *ERROR* [qtp1274734333-2867] org.apache.jackrabbit.vault.fs.io.Importer Error while committing /home: javax.jcr.nodetype.ConstraintViolationException: OakConstraint0027: The admin user cannot be removed.
28.02.2017 07:06:10.987 *ERROR* [qtp1274734333-2867] org.apache.jackrabbit.vault.fs.io.Importer Error while committing : javax.jcr.nodetype.ConstraintViolationException: OakConstraint0027: The admin user cannot be removed.
28.02.2017 07:06:10.987 *ERROR* [qtp1274734333-2867] org.apache.jackrabbit.vault.fs.io.Importer Error while committing changes. Aborting.
28.02.2017 07:06:10.987 *ERROR* [qtp1274734333-2867] org.apache.jackrabbit.vault.packaging.impl.ZipVaultPackage Error during install.
javax.jcr.nodetype.ConstraintViolationException: OakConstraint0027: The admin user cannot be removed.
    at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:225)
    at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:212)
    at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.newRepositoryException(SessionDelegate.java:670)

Any help is greatly appreciated.

Thanks,

-Dean

1 Accepted Solution

Avatar

Correct answer by
Level 5

I've updated our document and posted it here.

The mode="merge" step is critical.

Hopefully this guide will help others.

View solution in original post

3 Replies

Avatar

Correct answer by
Level 5

I've updated our document and posted it here.

The mode="merge" step is critical.

Hopefully this guide will help others.

Avatar

Level 3

Thank you for sharing this information. This was very useful.

Avatar

Level 2

Hi, I have followed all the steps mentioned in the document you shared yet im getting the following error when i tried to upload the package.

org.apache.jackrabbit.vault.fs.config.ConfigurationException: Configuration file syntax error.

Can you please guide me the resolution for this?