Expand my Community achievements bar.

SOLVED

Minimum permission to manage user and Groups

Avatar

Level 3

Hi,

I want to create a group in AEM 6.3 which can manage user and groups permission. I mean user of this group can create, edit, delete, modify new users and groups, can assign permissions to newly created user and groups.

I created a user and gave it all the permissions on root folder, then also I am getting access denied exception when trying to create user or group using this user id.

Thanks in advance for any help.

1 Accepted Solution

Avatar

Correct answer by
Employee

Hi Rajeev,

AEM comes with a group called "user-administrators" which does what you're looking for. No need for a custom made group.

View solution in original post

5 Replies

Avatar

Level 2

Hi Steve, although the doc describes a log about access rights in AEM, it does not define which permissions a user would require to create new groups.

Would you perhaps be able to enumerate which specific permissions a user would require in order to create other groups?

Avatar

Level 10

We will log a bug for docs so this can be updated in the AEM Doc set.

Avatar

Correct answer by
Employee

Hi Rajeev,

AEM comes with a group called "user-administrators" which does what you're looking for. No need for a custom made group.

Avatar

Level 1

hey @Rajeev_Kumar ,

I know I'm too late to reply on this, But it works when you go in touch-ui permissions,(from tools>security tab)

Select your group > add ace> select /home/users or /home/groups path and give privileges as jcr:all.

The issue will get resolved.

It doesn't work same way in classic-ui