Solved: Syncing Users and Groups between two AEM authors. - Adobe Experience League Community

View profile · 08-08-2019

Hi All ,

Currently we have a requirement to sync users and Groups between two AEM authors in different environments.
Basically they want if a user is created in one aem instance it should get sync automatically to another instance.
Any help will be much appreciated.

Current AEM version : AEM 6.3

Thanks in Advance !
Kind Regards,
Kaushik

View profile · 08-08-2019

Hello Kaushik,

- One option is to use LDAP [1], where you can manage users and groups at one place and then sync to different authors.

- Another option is to create a package of users and groups in the author and automate the package replication to another author. Check link [2]

Curl command for replication:

curl -u admin:admin -X POST -F path="/content/path/to/page" -F cmd="activate" http://localhost:4502/bin/replicate.json

To create a package using the package manager for /home/users & /home/groups and permissions. Please follow doc [3]

[1] https://helpx.adobe.com/ca/experience-manager/6-3/sites/administering/using/ldap-config.html

[2] https://adobe-consulting-services.github.io/acs-aem-commons/features/automatic-package-replicator/in...

[3] Migrate users, groups, and ACLs between AEM instances

Regards,

Vishu

View profile · 09-08-2019

Hi,

I also strongly suggest using LDAP to synchronize all your users and groups (you could apply this to your Author instances and your Publishers).

Just one question though: you need to sync your users and groups but what about their access rights? Is that also a concern?

View profile · 08-08-2019

The only recommended way to do that(Sync users between AUTHORS) is using an external login Module like LDAP or SAML which 90 percent of AEM customers already use.

Users will be maintained on the external system and synced to AEM when a user logs in.

Check [1] and [2] for more details.

[1]Configuring LDAP with AEM 6

[2]SAML 2.0 Authentication Handler