Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

User sync doesn't sync groups associated with the user in AEM 6.3

Avatar

Avatar
Validate 1
Level 1
karthikreddii
Level 1

Likes

2 likes

Total Posts

5 posts

Correct Reply

0 solutions
Top badges earned
Validate 1
Give Back
Ignite 1
Boost 1
View profile

Avatar
Validate 1
Level 1
karthikreddii
Level 1

Likes

2 likes

Total Posts

5 posts

Correct Reply

0 solutions
Top badges earned
Validate 1
Give Back
Ignite 1
Boost 1
View profile
karthikreddii
Level 1

20-04-2018

I'm trying to setup user synchronization in aem 6.3. I have one author and 2 publish instances.

I followed this below document and set up the user synchronization between publishers. I have a self registration component. User submits the form data and I create the user and add to the group(which was already created using useradmin console) which has necessary permissions. I also activated the tunnel service to get to author(verified in author communities console).

User Synchronization

The problem is Users are syncing with the profile. But the user group doesn't gets updated. So in the other publisher user is not part of that group. Please let me know if I'm missing anything to configure, appreciate your help.

Replies

Avatar

Avatar
Level 1
preetir53235517
Level 1

Likes

0 likes

Total Posts

1 post

Correct Reply

0 solutions
View profile

Avatar
Level 1
preetir53235517
Level 1

Likes

0 likes

Total Posts

1 post

Correct Reply

0 solutions
View profile
preetir53235517
Level 1

18-02-2019

Were you able to fix this issue ? I have the same issue after Upgrading aem to 6.4

Avatar

Avatar
Validate 1
Level 2
sawan051
Level 2

Likes

12 likes

Total Posts

31 posts

Correct Reply

1 solution
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 10
Boost 1
View profile

Avatar
Validate 1
Level 2
sawan051
Level 2

Likes

12 likes

Total Posts

31 posts

Correct Reply

1 solution
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 10
Boost 1
View profile
sawan051
Level 2

06-05-2019

Hi Karthik, were you able to figure out the root cause?

I also have same issue.

Please share your findings, thanks in advance.

Avatar

Avatar
Give Back 50
Employee
Vish_dhaliwal
Employee

Likes

188 likes

Total Posts

356 posts

Correct Reply

123 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 10
View profile

Avatar
Give Back 50
Employee
Vish_dhaliwal
Employee

Likes

188 likes

Total Posts

356 posts

Correct Reply

123 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 10
View profile
Vish_dhaliwal
Employee

07-05-2019

Hello,

Some troubleshooting tips:

- Check if all the tests are passed on libs/granite/operations/content/diagnosis/tool.html/syncdiagnostics

- Check the socialpubsync queue on Author. Clear pending items.

http://localhost:4502/libs/granite/distribution/content/distribution-agent.html?agentName=socialpubs...

- Check the socialpubsync-reverse-queue on both Publishers. Clear pending items.

http://host:port/libs/granite/distribution/content/distribution-agent.html?agentName=socialpubsync-r...

- Make sure usersync-admin user has correct permissions on both publishers.

The user that is set up in the "Adobe Granite Distribution – Encrypted Password Transport Secret Provider" must have the following permissions on all publishers:

jcr:read, rep:write on /home

jcr:all on /home/users and /home/groups

rep:write on /etc/packages/sling/distribution jcr:read on /libs/sling/distribution rep:write on /var jcr:read, rep:write on /var/eventing jcr:read, rep:write on /var/sling/distribution

- Put debug log on following classes and check the logs.

Log Level -> Debug

Log File -> logs/usersync.log

Loggers

org.apache.sling.distribution

org.apache.sling.event

com.adobe.cq.social.sync

Regards,

Vishu

Avatar

Avatar
Validate 1
Level 2
sawan051
Level 2

Likes

12 likes

Total Posts

31 posts

Correct Reply

1 solution
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 10
Boost 1
View profile

Avatar
Validate 1
Level 2
sawan051
Level 2

Likes

12 likes

Total Posts

31 posts

Correct Reply

1 solution
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 10
Boost 1
View profile
sawan051
Level 2

09-05-2019

Hi,

We raised a daycare ticket for this issue, there was a property value missing in "Diff Observer Factory"

Property serviceUser.target

This was introduced in 6.3, thanks for looking into this.

Avatar

Avatar
Give Back 5
Employee
Andrew_Khoury
Employee

Likes

75 likes

Total Posts

93 posts

Correct Reply

33 solutions
Top badges earned
Give Back 5
Give Back 3
Give Back 10
Give Back
Boost 50
View profile

Avatar
Give Back 5
Employee
Andrew_Khoury
Employee

Likes

75 likes

Total Posts

93 posts

Correct Reply

33 solutions
Top badges earned
Give Back 5
Give Back 3
Give Back 10
Give Back
Boost 50
View profile
Andrew_Khoury
Employee

09-05-2019

Thanks for the update Sawan.

What you mention is a match to product issue GRANITE-25203.

To add more details to this, usually the issue occurs with an error like this during user sync:

javax.jcr.nodetype.ConstraintViolationException: OakConstraint0025: Authorizable property rep:password may not be removed.

The issue can be resolved with the following steps:

1. Make sure that communities-user-admin and usersync-admin are members of administrators group on the publish instances.

2. Edit the configurations per the details below on the publish instances via the /system/console/configMgr UI:

Configuration #1:

com.adobe.granite.distribution.core.impl.diff.DiffEventListener

Set property serviceUser.target with value of (.serviceName=com.adobe.granite.distribution.core) including the parentheses.

Configuration #2

com.adobe.granite.distribution.core.impl.diff.DiffChangesObserver

Set property serviceUser.target with value of (.serviceName=com.adobe.granite.distribution.core) including the parentheses.