You cannot. There are a few repository level permissions which are included just for admin user by default.FOr eg. - default access to admin console- admin Session access to repository

I think you might need to include /etc/tags in the CUG configuration in 6.3Given tags have been moved to /content/cq:tags in 6.4, you might need to adjust that as well.(1) : http://HOST:PORT/system/console/configMgr/org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugConfigur…

CUG policies are to be managed by Page Properties of the pages.  See (1)(1) : Dropbox - Screen Shot 2018-06-08 at 10.10.38 AM.png

The groups created in the IDP are to be pre-created in AEM. Once the use tries to login and authenticated by the IDP, the success SAML response would contain the list of groups mapped over the group sync attribute.SAML auth handler would update the group membership in accordance to the group values ...

It's an open source tool, if need be we can change the code and use it per our need. See (1)(1)  : Releases · Adobe-Marketing-Cloud/aem-dialog-conversion · GitHub

Rollout button is missing or disabled ? If it is disabled, Go to the livecopy page and the jcr:content where the cq:LiveSync config node resides. Check for the excluded pages and isDeep value. Adjust the excluded pages to remove the page where page is disabled and set isDeep is true and try replicat...

No. Still a work in progress.

Compatible Feature pack for Content fragment models for 6.3.2.1 isn't available at the moment and still a work in progress. SO behaviro you are seeing is expected

Don't see any change w.r.t 6.4, Did you look at (1) for detailed information(1) : Asset Selector

No it's not a known issues. Something is wrong with the repository for sure, deeper analysis on the logs would he. I'd suggest to open a daycare ticket for this.