Expand my Community achievements bar.

SOLVED

AEM 6.5 Tracking configuration changes

Avatar

Level 4
Level 4
1/2/23 7:40:10 PM

Hi Everyone,

 

I'm struggling to find the best way to manage and track any configuration changes done using config manager http://localhost:4502/system/console/configMgr. It's hard to track the changes done by someone with a team having a large number of team members with Admin rights on the AEM instance. I can see the configuration files available at path <Install Path>\crx-quickstart\launchpad\config\ but wondering if there is a way to check who made the changes.

 

Wondering if anyone can suggest the best practice to track the changes in configurations.

 

Thanks.

Mukesh 

Views

364

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
1/2/23 9:09:20 PM

Hi @MukeshAEM ,

 

You can check access.log and error.log

 

However In this case, the best practice would be:-

1.) To limit the "admin" permission to the user who actually needs it, too many people should not have these permissions, especially in the upper environments.

2.) Create a group whose members are to be granted access to Web Console instead of allowing access to individual users, you can add these groups to "Apache Sling Web Console Security Provider" in the configuration.

3.) Make sure the OSGi configurations are only deployed with code that is committed in the source control (this is more future-proof if you are planning to move to the cloud in the future) and also provide proper tracking of the changes.

 

Hope this helps.

 

Regards,

Nitesh

View solution in original post

Views

351

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Employee Advisor
Employee Advisor
1/2/23 9:09:20 PM

Hi @MukeshAEM ,

 

You can check access.log and error.log

 

However In this case, the best practice would be:-

1.) To limit the "admin" permission to the user who actually needs it, too many people should not have these permissions, especially in the upper environments.

2.) Create a group whose members are to be granted access to Web Console instead of allowing access to individual users, you can add these groups to "Apache Sling Web Console Security Provider" in the configuration.

3.) Make sure the OSGi configurations are only deployed with code that is committed in the source control (this is more future-proof if you are planning to move to the cloud in the future) and also provide proper tracking of the changes.

 

Hope this helps.

 

Regards,

Nitesh

Views

352

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply