Security, Package and Replication issues in AEM


This KB article discusses common AEM security and replication issues. 

Why is the LDAP user synchronization failing? (LDAP Group)

Delayed or "stuck" synchronization operations may be caused by problems with the LDAP server or issues on the AEM server. Follow these troubleshooting approaches:

  1. Ensure that the settings in your ldap_login.conf file are correct.
  2. Increase the log level of the LDAP module to DEBUG and look for messages in the log files. See this Help article for more information about CQ/CRX logs.
  3. Set up proxy logging between CRX/CQ and LDAP.  

Why are the permissions not working as expected for newly added users?

In general page permissions should not be replicated from the author to publish and are not by default. This is because access rights should be different in those two environments. Therefore it is recommended to configure ACLs on publish separately from author.

See this article for more information

Why are the SAML and Admin users not able to access the OSGI Console?

When accessing the Apache Felix Web Management Console, ensue that you specify a valid AEM user name and correponding password. Otherwise, you will not be able to access it.  It is also recommended that you change your password after the initial installation to ensure the security of your instance.

See this article for more information

Why does the AEM server become frozen or shuts down after installing the package?

There could be multiple factors causing the AEM system to shut down while installing the package. Please ensure that you follow these practices:

1. Make sure the AEM instance has enough memory to extract the package.
2. Check the log file for out of memory message.
3. Clean the unnecessary packages from the system.
4. Use tree activation from one instance to the other instead of package deployment.

Why is a valid LDAP user not being authenticated when trying to access AEM?

This error occurs when there are issues with the LDAP configuration. Please follow these steps to correct the issues:

1. Please enable logging for LDAP. See if you get any messages in the LDAP log when you enable debugging.
2. Try starting AEM manually instead of using the start script.
3. If nothing gets printed in the LDAP log, then there is something wrong with how LDAP is configured. Please see the product documentation for more information. 

See this article for more information. 


Get help faster and easier

New user?