We are using AEM 6.4.8 version.
Tried to lock a page through AEM interface as an admin and that was successfull
Tried to unlock the same page as an admin and it is not working. Unable to unlock the page eventhough I am part of admin group.
This is happening in all our environment across al projects. So seems like a instance wide issue.
Can anyone shed some light whats happening here?
Have read in many threads that admin should be able to unloack in any case. But in this scenario, thats also not working
Any specific permissions or so we need to check ?
Can see it is failing in the below line of code.
I as an admin tried to lock a page and tried to unloack a page and that itself is not working.
Solved! Go to Solution.
Topics help categorize Community content and increase your ability to discover relevant content.
Hello @P_Vishnu,
As per https://helpx.adobe.com/in/experience-manager/kb/UnlockALockedPage.html
The "admin" account can unlock any page by opening the page and clicking on "Unlock Page" from the page properties drop down
NOTE: The original user holding the lock does have permission to unlock the page. However, other users, even if a member of the administrators group, DO NOT have the right to unlock pages that have been locked. Only the "admin" account has this right.
In case if you are still unable to unlock the page, try the following:
- Go to crxde in aem and log in as an admin user.
- Locate the page that needs to be unlocked and open jcr:content of that page.
- You will notice mix:lockable mixin property on the page.
- Remove mix:lockable mixin from there by clicking Mixins in the topbar.
After removing the mix:lockable mixin from the page and the page would be unlocked.
Thanks!!
Hi,
Are you login as superuser i.e. admin user or normal user?
Yes, even the impersonate user will also won't work in this case.
The only solution as of today, If in case the locked user no more available or went on a vacation. Reach out to Adobe via a support ticket and ask them to unlock it. Only adobe holds the super admin access and even product admin with impersonate access to locked user will not work.(AEMasCS)
If by chance you are on AMS or inhouse ,There is one workaround for AMS and Inhouse users where they can go to Adobe legacy user admin page(http://localhost:4502/useradmin) and update the password of the locked user and login with that user id and new password by directly accessing the Author URL(direct URL with port number) and unlock the page.
When the locked user comes back from vacation and login via SSO it will overwrite the manually updated password and will not block the user access.
Views
Replies
Total Likes
Hi @P_Vishnu
Please see below Note as per https://helpx.adobe.com/uk/experience-manager/kb/UnlockALockedPage.html
The "admin" account can unlock any page by opening the page and clicking on "Unlock Page" from the page properties drop down
NOTE: The original user holding the lock does have permission to unlock the page. However, other users, even if a member of the administrators group, DO NOT have the right to unlock pages that have been locked. Only the "admin" account has this right.
Even if you are a member of administrators group, you wont be able to unlock the page - it has to be either the user who has locked page or admin.
I am not able to reproduce the issue on 6.4.8.1.
Are you using the same user to unlock the page, that had actually locked the same page? If not, then you would need the actual user who had locked the page, or OOTB superuser named "admin" to unlock that page.
I created a user named "testUser" and added it to Administrators group:
1) I unlocked /content/we-retail/us/en page.
2) Then, I locked it back using the same testUser.
The following document may be helpful:
https://helpx.adobe.com/uk/experience-manager/kb/UnlockALockedPage.html
Hope it helps !!
Hello @P_Vishnu,
As per https://helpx.adobe.com/in/experience-manager/kb/UnlockALockedPage.html
The "admin" account can unlock any page by opening the page and clicking on "Unlock Page" from the page properties drop down
NOTE: The original user holding the lock does have permission to unlock the page. However, other users, even if a member of the administrators group, DO NOT have the right to unlock pages that have been locked. Only the "admin" account has this right.
In case if you are still unable to unlock the page, try the following:
- Go to crxde in aem and log in as an admin user.
- Locate the page that needs to be unlocked and open jcr:content of that page.
- You will notice mix:lockable mixin property on the page.
- Remove mix:lockable mixin from there by clicking Mixins in the topbar.
After removing the mix:lockable mixin from the page and the page would be unlocked.
Thanks!!
Hello @P_Vishnu, I have the same issue on my instance. We've actually been dealing with this issue for awhile and have just been using the Super Admin account in order to unlock pages. But I, as a person who belongs to the admin group should still be able to unlock it. Also the author who locked the page is unable to unlock it. Must be some weird bug. We're upgrading to 6.5 soon, so hopefully that will solve this issue.
For the longest time, a locked page could be unlocked only by the user who locked the page or the default master “admin” user. Even some other member of the administrators group impersonating the user couldn't unlock it. We've implemented new features of Apache Jackrabbit OAK in AEMaaCS 2024.10 (this may be in the AMS/On-Prem code, or coming soon). The changes allow you to choose any principle, user or group, and allow them to impersonate ay user, and unlock what some other user had locked. It simply needs two OSGI config changes which you can deploy in your code. The configurations are:
UserConfiguration has a new property “impersonatorPrincipals” This takes multiple values for principles, user or group, that you’d like to have the ability to impersonate any user. Here is an example using the Inline values method in the cfg.json. In addition to the administrators group I've include a group, "unlockers".
{
"impersonatorPrincipals":[
"administrators",
"unlockers"
]
}
Now AuthorizationConfiguration has a property "Administrative Principals". Be sure to include your principles there as well, for example:
{
"administrativePrincipals":[
"administrators",
"unlockers"
]
}
There are several ways to accomplish this in AEMaaCS. For full details see the “Configuring OSGi for Adobe Experience Manager as a Cloud Service” page: https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/dep...
Else if you have access to configMgr you can simply make the changes there.
Views
Replies
Total Likes