How do I create mini-admins for specific content areas within AEM? | Community
Skip to main content
mattpilgrim
mattpilgrim
New Member
March 7, 2017
Solved

How do I create mini-admins for specific content areas within AEM?

  • March 7, 2017
  • 3 replies
  • 799 views

How do I create mini-admins for specific content areas within AEM?

 

For context, in a test area of our AEM instance we have 4 groups, for starters we’re working w/ our “testarea” content folder (content/dam/testarea) so here are 4 groups and the access types I provided to them:

·         Test Area Member                        ta-member           Read

·         Test Area Contributor                   ta-contributor          Modify, Create

·         Test Area Lead                             ta-lead                    Delete, Replicate

·         Test Area Admin                           ta-admin                 Read ACL, Write ACL

 

The ta-admin group has each of the other 3 as groups, providing it all access to the content/dam/testarea folder.

 

I’ve added user “matttest” to the to the ta-admin group and verified that matttest has Read, Modify, Create, Delete, Read ACL, Write ACL and Replicate rights from the green “useradmin” console to the content/dam/testarea folder.

 

Additionally, I’ve created a user named jefftest, who is part of the ta-contributor group. I have verified that user jefftest has Read, Modify and Create rights from the green “useradmin” console to the content/dam/testarea folder.

 

When I login as matttest, I wish to add publishing/replicate rights to jefftest by adding him to the “ta-lead” group. The problem, is that from the “users” touch interface, or the “groups” touch interface, I cannot see the jefftest user to apply the additional rights. 

 

My question is how do I make users visible to a group that has Read ACL and Write ACL rights on a specific content folder?

 

Thanks for taking the time to review my question, I hope it’s concise and make sense.

 

-          Matt

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by mattpilgrim

Thanks for your help guys. I believe I found a solution.

1. The ta-admin group needs Edit ACL access to both the content area I want to affect (content/dam/testarea) and to a user folder which holds the users I want to effect (home/users/ta-users)

2. As new users are created that the ta-admin group should affect, the users must always be created to the path home/users/ta-admin

This allows ta-admin to provision rights to the content folder content/dam/testarea for only users that exist in home/users/ta-admin.

Thanks,

Matt

3 replies

smacdonald2008
smacdonald2008
Level 10
March 8, 2017

My question is how do I make users visible to a group that has Read ACL and Write ACL rights on a specific content folder?

Are the users part of that group? 

kautuk_sahni
Community Manager
kautuk_sahniCommunity Manager
Community Manager
March 14, 2017

"matttest" would not have rights to modify ACL of other users. For that you need to login from admin account.

It is correct that you have given access for "Edit ACL", but it is that the user can modify the access control list of the page or any child pages not the users.

~kautuk

Kautuk Sahni
mattpilgrim
mattpilgrimAuthorAccepted solution
New Member
March 14, 2017

Thanks for your help guys. I believe I found a solution.

1. The ta-admin group needs Edit ACL access to both the content area I want to affect (content/dam/testarea) and to a user folder which holds the users I want to effect (home/users/ta-users)

2. As new users are created that the ta-admin group should affect, the users must always be created to the path home/users/ta-admin

This allows ta-admin to provision rights to the content folder content/dam/testarea for only users that exist in home/users/ta-admin.

Thanks,

Matt

Terms & ConditionsAccessibility statement

Loading footer...