since ‎15-07-2014
‎13-10-2020
ClintLundmark
Level 2
Re: Roles in AEM ClintLundmark - Adobe Experience Manager
AEM is very flexible for how permissions and "roles" are applied. Your approach will likely depend on how you want to manage users and what features of AEM you deploy. Because of the flexibility, a role based solution can easily get complex. We have decided to keep it fairly simple. We use groups to define a role based, usually, on job responsibility or department. All of our authoring users are at least "contributors". We define a role like "Marketing" or "Customer Service". A group is created ...
40
Views
1
Like
0
Answers
Crypto Support for LDAP Bind password ClintLundmark - Adobe Experience Manager
We use LDAP for authentication to the Author server. After configuring LDAP, the bind password used by the user to authenticate to the LDAP server is in plain text in the repository. We we hoping to encrypt that password using Crypto Support but it does not seem to work. We can encrypt using Web Console -> Main -> Crypto Support to come up with a hash. We replace the password with that hash in the OSGI node configuration. LDAP works fine until AEM is restarted. After the restart the LDAP bind is...
85
Views
0
Likes
0
Answers and Comments
Re: SSL Configuration Security Check Error ClintLundmark - Adobe Experience Manager
Just a follow up. After working with technical support this is my understanding of the issue... Turns out this is an issue when configuring OSGi using the content-node method. When using content-node and creating the configuration as a sling:OsgiConfig node with properties there is no type of Integer. Typically Long will work in place of integer, but the SSL Configuration Security Check code requires the number to be an Integer for the SSL port property. As a work around use the Adobe Web Consol...
51
Views
0
Likes
0
Answers
Re: 6.4.8.1 (6.4.8.0 SP + CFP 1) Create User and Create Groups options not working in touch UI ClintLundmark - Adobe Experience Manager
Hey @kishorek1264980 I am having a similar problem after 6.4.8.1. Did you ever find a solution?
222
Views
0
Likes
0
Comments
Re: Access report ClintLundmark - Adobe Experience Manager
It might help to better understand what you are after. Are you trying to find out when the account was created? When they were granted permission to a particular piece of content? The first time they edited content? Something else? I am sure there are multiple ways to do it. One is to look in CRXDE Lite (:/crx/de). Users are stored here: /home/users. Find the user in question and then refer to jcr:created property. This will tell you when the account was created. ...clint
394
Views
1
Like
0
Answers
Re: OSGi Web Console Password ClintLundmark - Adobe Experience Manager
Somewhat as a follow up to my original set of questions... How do I test the OSGI Password? If I set it to something like "sunnyday" how do I know it was actually set or set to what I think it is? Any help to better understand this is appreciated! Thanks...clint
331
Views
1
Like
1
Answers
SSL Configuration Security Check Error ClintLundmark - Adobe Experience Manager
We enabled SSL for Author and Publish using the SSL by Default method for AEM 6.4. SSL is working as expected. However in the Operations Dashboard the "SSL Configuration" security check is in status:CRITICAL. It is producing an error. I believe the error is caused by a data type mismatch in the code that does the health check rather than the health check finding something critical, but I am not sure. Error:Exception during execution of 'SSL Configuration': java.lang.ClassCastException: java.lang...
1316
Views
0
Likes
1
Answers and Comments
Re: Stop Apache Sling WebDAV or not ClintLundmark - Adobe Experience Manager
The instance was originally installed with -nosamplecontent run mode.
2588
Views
1
Like
0
Replies
Re: Stop Apache Sling WebDAV or not ClintLundmark - Adobe Experience Manager
Hey @ArpitVarshney, Thanks for the reply! Here are some screen shots of the bundles in question and the Security Checks -> WebDAV Health Check. The bundles are not active as suggested per the Security Checklist. However the WebDAV Health Check is giving me a warning [WARN]. If the bundles should not be active, then the WebDAV Health Check probably should not be in status:WARN, but instead should be in status:OK. Maybe I am missing something? ...clint
2606
Views
1
Like
2
Replies
Re: Stop Apache Sling WebDAV or not ClintLundmark - Adobe Experience Manager
@jbrar , Thanks for the reply. I am not certain that -nosamplecontent does disable both of those bundles. In my case, after installing using that runmode I found this bundle Active - "Apache Sling Simple WebDAV Access to repositories". Regardless of whether -nosamplecontent does or does not disable/stop the bundle, it still does not explain the discrepancy between the security checklist documentation and the security checks through the Operations Dashboard.
2054
Views
1
Like
0
Replies
Stop Apache Sling WebDAV or not ClintLundmark - Adobe Experience Manager
In the Security Checklist for AEM 6.4 in the section Disable WebDAV, it mentions stopping the following bundles:Apache Sling Simple WebDAV Access to repositories (org.apache.sling.jcr.webdav)Apache Sling DavEx Access to repositories (org.apache.sling.jcr.davex)However in Security Checks in the Operation Dashboard there is a health check for WebDAV Health Check. (Tools -> Operations -> Health Reports -> Security Checks -> WebDAV Health Check). In that Health Check it will issue a warning if "Apac...
4787
Views
1
Like
7
Replies
OSGi Web Console Password ClintLundmark - Adobe Experience Manager
I am doing a security review of our AEM instance and going through the Security Checklist. It is not clear to me what "Changing the OSGi Web Console Password" actually does. I changed the AEM admin user password to "rainyday". I changed the OSGi Web Console password to something distinct per the instructions - "sunnyday". To get to the OSGi Web Console the AEM admin user password "rainyday" allows access NOT the password set for OSGi Web Console. Why is is recommended to set an OSGi Web Console ...
500
Views
0
Likes
3
Answers and Comments
Re: Clarification on nonsamplecontent rundmode always ClintLundmark - Adobe Experience Manager
It might be helpful for others if the documentation clarified when a runmode is more of a install option verses an always used option. The documentation on this page is unclear and seems to imply that it is used always and not just once at install. https://docs.adobe.com/content/help/en/experience-manager-64/administering/security/production-ready.html . "In order to run AEM in production ready mode all you need to do is add the nosamplecontent via the -r runmode switch to your existing startup ...
6084
Views
0
Likes
0
Comments
Re: Clarification on nonsamplecontent rundmode always ClintLundmark - Adobe Experience Manager
Thanks for the responses. Aside from the sample content that is not installed, let's suppose an administrator has bypassed or otherwise disabled some of the "Production Ready" settings post installation. Will using -nosamplecontent replace or recover those?
6329
Views
0
Likes
0
Comments
Clarification on nosamplecontent rundmode always ClintLundmark - Adobe Experience Manager
Just seeking clarification on the nosamplecontent runmode. Is this is one-time runmode used for the initial installation only? Or, in order to maintain the "production ready" status, should it be used on every start of AEM for the lifetime of the instance? If it varies by AEM version it would be helpful to know . In this particular case I am asking for AEM 6.4.8. Hopefully a simple question with a simple answer.
7654
Views
1
Like
8
Answers and Comments
Re: AEM 6.4 /api/screens-dcc/devices/stati WARNING ClintLundmark - Adobe Experience Manager
If Screens is not being used, a work around is to change the Author to Publish polling schedule so it occurs very infrequently. Create an OSGI Configuration on com.adobe.cq.screens.impl.jobs.DistributedDevicesStatiUpdateJob that changes the schedule to something like 0 0 1 1 * ? - which would amount to once a year on January 1st.
10209
Views
1
Like
2
Replies
Re: Google Map Data Files ClintLundmark - Adobe Experience Manager
Any best practice thoughts out there?
1827
Views
0
Likes
0
Replies
Google Map Data Files ClintLundmark - Adobe Experience Manager
We are planning to create a component in AEM 6.1 that will show multiple markers on a Google Map. It will look kind of like a Store Locator Map or a Power Company Outage Map. The Google Map javascript, API key, .css etc will be integrated into AEM as a component on a special purpose template. The map markers will be drawn based on data in several JSON files that will be updated every 15 minutes or so. We plan to use curl commands to automate upload to author then replicate to the publish servers...
1865
Views
0
Likes
1
Replies
Re: AEM 6.1 CSRF token rejection ClintLundmark - Adobe Experience Manager
Just a side note... The RECAP tool (https://marketing.adobe.com/resources/content/resources/en/exchange/marketplace/apps/RECAP.html) in Package Share does not work with AEM 6.1 due to the CSRF protection change. This is what happens when trying to create an address:POST /home/users/x/x6TeJhtxt3GQ4GfZmzI9/recapAddresses/* HTTP/1.1] com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalidPOST /home/users/x/x6TeJhtxt3GQ4GfZmzI9/recapAddresses/* HTTP/1.1] com.adobe.granite...
2423
Views
0
Likes
0
Answers
AEM 6.1 Web Console change component back to active ClintLundmark - Adobe Experience Manager
In AEM 6.1 web console, when a component is disabled using the stop button (square) it disappears from the list and there is no control to change it back to active. In previous versions of CQ/AEM the component would remain in the list with a status of disabled. Clicking the play button (right facing triangle) would change the status back to active. Where did the "play" button go? Is there a way to change the status back to active without restarting AEM?Steps to duplicate:Launch the web consoleSe...
1081
Views
0
Likes
1
Answers and Comments
Re: AEM 6.1 User/Group Node Name is Random String ClintLundmark - Adobe Experience Manager
Thanks smacdonald8 and Jörg for the quick response.It's mostly a nuisance issue.I have configured LDAP many times and this time I thought I had something misconfigured. I spent quite a bit time determining it was configured properly and the system changed.I will be "importing," via package, many groups and possibly users. They are coming from CQ 5.5. The package will work fine, but the old users and groups will be different than any new users and groups making an inconsistency.Manually browsing ...
1319
Views
0
Likes
0
Answers
AEM 6.1 User/Group Node Name is Random String ClintLundmark - Adobe Experience Manager
In AEM 6.1 when a new user is created the node name for the user appears to be a random alphanumeric string. The user is placed in the repository based on the first character of the string. The same happens for groups. For example, a user created with the ID of oscar might get created at:/home/users/A/Av1DJBJvjDKqRWn0d4OTIn AEM 6.0 and prior the same user account would get created at:/home/users/o/oscarIs this intentional or a bug? If intentional why? Is there a configuration somewhere that can ...
2883
Views
0
Likes
6
Answers and Comments
Re: Getting exception while Integrating Active Directory With CQ5 ClintLundmark - Adobe Experience Manager
Rajesh,Not sure I understand your problem completely. The only major difference I see is that for authDN you start with uid= instead of cn=. Here is our configuration using LDAP and AD that works well with CQ5. (AEM 6 is configured differently). Of course make sure your HOST and USER are in proper LDAP format and match your environment.Once configured a user can login with their AD user ID and password. It will create a user node in the repository as well as create all the groups they are a memb...
945
Views
0
Likes
0
Answers
Re: Is there a better way to check for broken internal and external links using CQ 5.5? ClintLundmark - Adobe Experience Manager
Sham,Does this process check internal links? I have a similar question from one of our users. They want to know something like - "What are all the broken links in our HR pages?" Specifically they are looking for internal.Also in the second step, what do you mean by "find for that url"?...clint
826
Views
0
Likes
0
Answers
Re: Experience Manager 6.0 - Oak TarMK uses too much disk space ClintLundmark - Adobe Experience Manager
Some detailed information about this patch from Adobe and what it is supposed to do would be helpful. It does not seem to be working quite right or maybe it is not understood. I have installed the 1.0.2 version of the patch.Today I started with 22.2 GB and 85 files in repository/segmentstore. I ran Web Console -> JMX -> org.apache.jackrabbit.oak Repository Management -> startRevisionGC(). It ran for about a minute. Afterwards 22.2 GB and 86 files.04.08.2014 12:09:52.140 *INFO* [TarMK compaction ...
414
Views
0
Likes
2
Replies
Re: Experience Manager 6.0 - Oak TarMK uses too much disk space ClintLundmark - Adobe Experience Manager
Ondrej Semotan wrote... We have problem with DataStoreGarbage Collection and all "utilities" from http://localhost:4502/system/console/jmx/com.adobe.granite%3Atype%3DRepository. DataStoreGarbage Collection worked on new installation of CQ5, if i installed hotfixies (4135 and 4562), i have problem: DSGC, tarOptimization and other functions say: javax.jcr.UnsupportedRepositoryOperationException. Is it OK or where is something wrong? I cant find anything about this failure. Assuming you are using A...
14738
Views
0
Likes
0
Replies
Re: Experience Manager 6.0 - Oak TarMK uses too much disk space ClintLundmark - Adobe Experience Manager
Installed AEM 6.0 a few weeks ago in a non-prod environment and it grew rapidly up to about 25 GB. It is an out-of-the-box install with only Geometrixx sites. After installing this hotfix the rapid growth has stopped, but it does not seem to be reducing the number of .tar files and the space used. I can't find the equivalent of a CRX 2 Tar Optimization to start manually or one that is running scheduled. Does OAK TarMK have something similar? How do I get the .tar files reduced to a normal size a...
14738
Views
0
Likes
1
Replies
Likes from