How can I hide some of the CMS consoles / tabs (like the Site Admin, DAM Admin, Tools, Security, Workflow and Tagging) via permissions?
Set the READ permission for users/groups on the corresponding console node (nodetype cq:Console).
As of CQ 5.3, the node paths are:
You can do this via the CRX Content Explorer
- Log into
http://<host>:<port>/crxas admin (via your web browser)
- Open Content Explorer
- In the left panel, browse to and select the node for the console you want to hide (see table of paths above)
- On the top right of the "CRX Explorer" window, open Security >> -> Access Control Editor
- Enable the checkbox for ACL and click Set Selected Policies
- Click New ACE
- Select the group you want to block the Tools icon for and set
- Click the green check mark to confirm
- On the bottom right of the dialog box click Ok or Apply
Warning: These paths are different in older CQ5 versions and can possibly change in future CQ5 versions. Just check the URLs of the consoles to get the correct node paths.
Warning: In CQ 5.3, you don't see those nodes in the Security "page permissions" user interface. As a workaround, use the CRX Content Explorer to set those permissions.