Client library overlays aren't working and wrapper divs not generated around components


In AEM6.1 and later versions, there are system users that are included with AEM out of the box.  The users already have ACLs created under various paths such as /apps, /libs, /etc, /var, /content. and some of the subpaths.  If ACLs are accidentally overwritten during a data migration from an older AEM version to a newer one,  they can break various features in AEM.

The /apps, /etc/clientlibs, /var/clientlibs, and /libs path ACLs are if overwritten, can break AEM:

  • Client library overlay files under /apps do not work.
  • The div tags which are generated around components do not show up
  • Other issues such as broken user interface, authentication.


The clientlibs-service user and other users are missing their access to the previously mentioned paths.


  1. Install a clean AEM instance (same version and patches as your destination upgrade instance).

  2. Follow the steps in this article to create an ACL package of the ACLs o be migrated.

  3. Install the ACL package to the instance from step 1.

  4. Following the same method as step 2, create a package containing all ACLs from the new AEM instance.

  5. Install that package to the broken environment. This will ensure that all of the out-of-the-box ACLs are restored and your custom ACLs are ordered in the list after the out-of-the-box ones.

  6. In case the service users under /home/users/system were also deleted by the migration then you can also package and migrate the system users. Create a package of /home/users/system from the fresh AEM instance.

  7. Install the package to the broken environment.