System User AEM Cloud

Avatar

Avatar
Boost 10
Level 2
AD-Engineer
Level 2

Likes

10 likes

Total Posts

28 posts

Correct reply

0 solutions
Top badges earned
Boost 10
Validate 1
Ignite 1
Give Back 3
Give Back
View profile

Avatar
Boost 10
Level 2
AD-Engineer
Level 2

Likes

10 likes

Total Posts

28 posts

Correct reply

0 solutions
Top badges earned
Boost 10
Validate 1
Ignite 1
Give Back 3
Give Back
View profile
AD-Engineer
Level 2

16-06-2021

Hi,

I am trying to create a system user on AEM Cloud, but the url where the system users are created is not available on Cloud. How can I create or at least export/import a system user on Cloud? Thanks!

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Applaud 25
Level 10
asutosh_jena
Level 10

Likes

593 likes

Total Posts

705 posts

Correct reply

207 solutions
Top badges earned
Applaud 25
Give Back 100
Boost 500
Affirm 100
Ignite 1
View profile

Avatar
Applaud 25
Level 10
asutosh_jena
Level 10

Likes

593 likes

Total Posts

705 posts

Correct reply

207 solutions
Top badges earned
Applaud 25
Give Back 100
Boost 500
Affirm 100
Ignite 1
View profile
asutosh_jena
Level 10

17-06-2021

Hi @AD-Engineer 

 

You can create a system user using RepositoryInitializer configuration which is available in AEM as Cloud.

It will automatically create the system user with appropriate level of permision as mentioned in the script/config which can be added as an OSGi config.

 

Create an OSGi config with:

org.apache.sling.jcr.repoinit.RepositoryInitializer-project.config and add the below code where "systemuser" is the name of the user and /etc is the path with level of access.

scripts=[
"
create service user systemuser
set ACL for systemuser
allow jcr:read on /etc restriction(rep:glob,/productfeed)
allow jcr:write on /etc restriction(rep:glob,/productfeed)
end
"
]

 

Please see my answer here as well:

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-as-a-cloud-system-user...

 

More information available here:

https://sling.apache.org/documentation/bundles/repository-initialization.html

 

Thanks!

Answers (4)

Answers (4)

Avatar

Avatar
Boost 5
Level 7
Ritesh_M
Level 7

Likes

179 likes

Total Posts

142 posts

Correct reply

44 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile

Avatar
Boost 5
Level 7
Ritesh_M
Level 7

Likes

179 likes

Total Posts

142 posts

Correct reply

44 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile
Ritesh_M
Level 7

16-06-2021

Hi @kchaurasiya @Prince_Shivhare ,

 

Can you point out where it is mentioned that keeping system user in GIT repo is not a best practice?

 

Also, notably, moving forward (with AEM as Cloud Service), Adobe is even recommending (forcing, wink) to have configuration as part of GIT repository.

 

@AD-Engineer  To answer your question, you can put the system user folder under below path-

 

/ui.content/src/main/content/jcr_root/home/users/system/

 

Also, you need to add the entry in filter.xml, the path should be "/ui.content/src/main/content/META-INF/vault/filter.xml"

<filter root="/home/users/system/mysystemuser"/>

 

 

 

 

Avatar

Avatar
Springboard
Level 7
Prince_Shivhare
Level 7

Likes

123 likes

Total Posts

407 posts

Correct reply

65 solutions
Top badges earned
Springboard
Establish
Give Back 100
Boost 100
Validate 1
View profile

Avatar
Springboard
Level 7
Prince_Shivhare
Level 7

Likes

123 likes

Total Posts

407 posts

Correct reply

65 solutions
Top badges earned
Springboard
Establish
Give Back 100
Boost 100
Validate 1
View profile
Prince_Shivhare
Level 7

16-06-2021

It is not a best practice to deploy the system user with code or package.

I had the same problem earlier and we discussed the same thing with Adobe techincal team and they suggested about the REPOINT.

I rasied this question on forum and got the answer. you can refer this url -
https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-as-a-cloud-system-user...

Avatar

Avatar
Establish
Level 4
kchaurasiya
Level 4

Likes

63 likes

Total Posts

57 posts

Correct reply

8 solutions
Top badges earned
Establish
View profile

Avatar
Establish
Level 4
kchaurasiya
Level 4

Likes

63 likes

Total Posts

57 posts

Correct reply

8 solutions
Top badges earned
Establish
View profile
kchaurasiya
Level 4

16-06-2021

Hi @AD-Engineer , Keeping the system user in the code is not a good practice.As @Prince_Shivhare  said.

 

We are also using the system user in our project and that we have kept in the package.So whenever system user is required to run some workflow or service on the environment such as dav/qa/uat . We just Deploy the user package on the environment.

 

You can create the package as @Ritesh_M already explained and once package is created download it at your local and upload and install the same package wherever you required and provide the read and write permission of that user for specific folder or as per your requirement.

 

Thank You.

Avatar

Avatar
Boost 5
Level 7
Ritesh_M
Level 7

Likes

179 likes

Total Posts

142 posts

Correct reply

44 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile

Avatar
Boost 5
Level 7
Ritesh_M
Level 7

Likes

179 likes

Total Posts

142 posts

Correct reply

44 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile
Ritesh_M
Level 7

16-06-2021

Hi @AD-Engineer ,

You can create the system user on your local AEM instance and it must be stored on location /home/users/system/<sys user> and provide proper permission.

Then follow below steps-

1. Create package of system user.
2. Download and unzip there you should see the system user folder ( .content.xml inside ) for system user, which you can commit as part of codebase

 

Sample .content.xml will look like below-

 

<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" xmlns:rep="internal"
jcr:primaryType="rep:SystemUser"
jcr:uuid="5d9c68c6-c50e-33d0-aa2f-cf54f63993b6"
rep:authorizableId="testSystemUser"
rep:principalName="testSystemUser"/>