Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

AEM Admin Group for Editor Groups

Avatar

Avatar
Boost 1
Level 1
erhn123
Level 1

Like

1 like

Total Posts

2 posts

Correct Reply

0 solutions
Top badges earned
Boost 1
View profile

Avatar
Boost 1
Level 1
erhn123
Level 1

Like

1 like

Total Posts

2 posts

Correct Reply

0 solutions
Top badges earned
Boost 1
View profile
erhn123
Level 1

24-06-2019

Hello,

I need an admin and editor group for each subtree and these admin groups should be able to add users to the related Editor group.

For example retail admin group users should be able to add users to retail editor group but they can’t add users to the corporate editor group. How can we achieve this?

The site hierarchy as follows;

-          en/retail

-          en/corporate-commercial

Security groups;

-          Retail Admin Group

-          Retail Editor Group

-          Corporate Admin Group

-          Corporate Editor Group

Replies

Avatar

Avatar
Contributor
Employee
hamidk92094312
Employee

Likes

102 likes

Total Posts

240 posts

Correct Reply

38 solutions
Top badges earned
Contributor
Shape 1
Ignite 1
Give Back 50
Give Back 5
View profile

Avatar
Contributor
Employee
hamidk92094312
Employee

Likes

102 likes

Total Posts

240 posts

Correct Reply

38 solutions
Top badges earned
Contributor
Shape 1
Ignite 1
Give Back 50
Give Back 5
View profile
hamidk92094312
Employee

24-06-2019

You may use AEM roles to achieve what you are looking for:

Adobe Experience Manager Help | Creating and configuring roles

Avatar

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,279 likes

Total Posts

3,155 posts

Correct Reply

889 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,279 likes

Total Posts

3,155 posts

Correct Reply

889 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile
Arun_Patidar
MVP

24-06-2019

Hi,

Create your groups in location say and give modify access to that location to a group only which can modify this.

Because whenever you add a member to group it saves at rep:memebers property of group node.

e.g.

/home/groups/c/content-authors

Avatar

Avatar
Boost 1
Level 1
erhn123
Level 1

Like

1 like

Total Posts

2 posts

Correct Reply

0 solutions
Top badges earned
Boost 1
View profile

Avatar
Boost 1
Level 1
erhn123
Level 1

Like

1 like

Total Posts

2 posts

Correct Reply

0 solutions
Top badges earned
Boost 1
View profile
erhn123
Level 1

24-06-2019

Hi Arun,

Thanks for your reply.

I did what you said but when I tried to add member into group I got error on below.

Error: javax.jcr.AccessDeniedException: OakAccess0000: Access denied

Avatar

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,279 likes

Total Posts

3,155 posts

Correct Reply

889 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,279 likes

Total Posts

3,155 posts

Correct Reply

889 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile
Arun_Patidar
MVP

25-06-2019

HI,

It should work if you set the permissions correctly.

For example -

I created author1 group at /home/groups/d/author1 and set read, create, modify for content, conf etc (except /home, no permission to home)

Created admin1 group and set read, create, modify and other permission at /home/groups/d/author1 and read permisison at  /home/users/

(or remove read and other permission from /home/groups/d/author2 , so admin1 user can't see author2)

I created author2 group at /home/groups/d/author2 and set read, create, modify for content, conf etc (except /home, no permission to home)

Created admin2 group and set read, create, modify and other permission at /home/groups/d/author2 and read permisison at  /home/users/

(or remove read and other permission from /home/groups/d/author1 , so admin2 user can't see author1)

Make sure you have added permission for root as well, if no permission is set to root then their would not be any effective permission.