DocumentationAEM 6.4Forms Guide

Adding and configuring users adding-and-configuring-users

Last update: Wed May 03 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

  • User
CAUTION
AEM 6.4 has reached the end of extended support and this documentation is no longer updated. For further details, see our technical support periods. Find the supported versions here.

User and group information is maintained in a third-party storage system, such as an LDAP directory. User Management does not write to the third-party storage system. Instead, User Management synchronizes the user and group information with its own database

Create a user create-a-user

When you create users, you can add the them to groups and assign roles to the them.

  1. In administration console, click Settings > User Management > Users and Groups, and click New User.
    .

  2. Under General Settings, provide information as required, and then click Next. For details about the settings, see User settings.

  3. (Optional) To add the user to a group, click Find Groups, and do these tasks:

    • In the Find box, type all or part of the group name.
    • Select the domain to search, select the number of items to display, and click Find.
    • (Optional) To view group details, select the group name, and then click OK to return to the search results page.
    • Select the check box for the group and click OK.
    • Click Next.

  4. (Optional) To assign roles to the user, click Find Roles, select the check box for the roles to assign, and then click OK.

  5. Click Finish.

    note note
    NOTE
    If you enounter any login issue with the user, see AEM Forms on JEE user fails to login on AEM Forms on OSGi side.

User settings user-settings

Specify the following settings when you create or edit a user.

Canonical Name: (Mandatory) Unique identifier for the user. Each user and group in a domain must have a unique canonical name. Select the System Generated checkbox to let User Management assign a unique value, or clear the checkbox and specify a custom value for the Canonical Name.

Avoid using underscore characters (_) in canonical names, for example, sample_user. When you search for users based on their canonical name, those containing underscore characters are not returned.

First Name: (Mandatory) User’s given name

Last Name: (Mandatory) User’s family name

Common Name: Full name or display name for the user. For example, if First Name = Gloria and Last Name = Rios, then Common Name = Gloria Rios.

Email: User’s email address

Telephone: User’s telephone number

Description: Optional description. Use this field as suits your organization’s needs.

Address: User’s mailing address

Organization: Organization to which the user belongs

Email Aliases: User’s email aliases. Separate the email aliases with commas.

Domain: Domain to which the user belongs

Locale: User’s ISO locale

Business Calendar Key: Enables you to map a business calendar to a user, based on the value for this setting. Business calendars define business and non-business days. AEM forms can use business calendars when calculating future dates and times for events such as reminders, deadlines, and escalations. The way that you assign business calendar keys to users depends on whether you are using an enterprise, local, or hybrid domain. (See Adding domains.)

If you are using a local or hybrid domain, information about users is stored only in the User Management database. For these users, set the Business Calendar Key to a string. Then map the business calendar key (the string) to a business calendar in forms workflow.

If you are using an enterprise domain, information about users resides in a third-party storage system, such as an LDAP directory. User Management synchronizes user information from the directory with the User Management database. This feature allows you to map a business calendar key to a field in the LDAP directory. For example, consider a scenario where each user record in your directory contains a country field, and you want to assign business calendars based on the country where the user is located. In this case, you specify the country field name as the value for the Business Calendar Key setting. You can then map the business calendar keys (the values defined for the country field in the LDAP directory) to business calendars in forms workflow.

For additional information on business calendars, including how to map business calendar keys to business calendars, see Configuring Business Calendars.

Limit the name to less than 53 characters. A shorter name helps prevent problems displaying the business calendar key in the Process Management pages in administration console.

User ID: (Mandatory) User ID that the user uses to log in. User ID is not case sensitive and it must be unique across the domain.

In enterprise domains, use a non-DN attribute as the user ID because a user’s DN can change if they move to another part of the organization. This setting depends on the directory server. The value is objectGUID for Active Directory 2003, nsuniqueID for Sun™ One, and guid for eDirectory.

Ensure that the user ID is unique. Do not use one that was assigned to a deleted user.

AEM forms cannot differentiate between user accounts that have identical user IDs and passwords but belong to different domains. To avoid this problem, do not create accounts that have the same user ID on multiple domains.

When using SQL Server as your database, you cannot create a user ID that exceeds 255 characters.

When using MySQL, the user ID can contain extended characters. However, when a comparison is made between two strings, such as abcde and âbcdè, they are considered the same. For example, when syncing, if a new user was added to the database, a comparison is made to check whether a user with the same user ID exists in the database. If user abcde already exists in the database when the new user *âbcdè * is added, the comparison cannot distinguish between the two names. It is assumed that the user already exists in the database, and the new user is ignored and not added.

Avoid creating user names that begin with a number sign (#). Performing task searches returns no results for those user names. (See Working with tasks.)

Password and Confirm Password: Password the user uses to log in. It must have a minimum of eight characters. A password is not required for a user who is part of a hybrid domain.

View details about a user view-details-about-a-user

  1. In administration console, click Settings > User Management > Users and Groups.

  2. Specify information to narrow the search and, in the In list, select Users and then click Find. The results of the search are listed at the bottom of the page. You can sort the list by clicking any of the column headings.

  3. Click the name of the user to display details about. The Edit User page displays such details as below about the user:

    • General identification information, such as name, email, address, domain, and organization
    • Roles assigned to the user
    • Groups the user is a member of

Change the password for a local user change-the-password-for-a-local-user

  1. In administration console, click Settings > User Management > Users and Groups.
  2. Specify information to narrow the search for a particular user and click Find. The results of the search are listed at the bottom of the page. You can sort the list by clicking any of the column headings.
  3. Click the name of the user and then click Change Password.
  4. Type and confirm the new password, and then click OK. The password must be a minimum of eight characters.

Edit a user’s properties edit-a-user-s-properties

  1. In administration console, click Settings > User Management > Users and Groups.

  2. To find the user to edit, do these tasks:

    • In the Find box, type your search criteria.
    • In the Using list, select Name, Email, or User ID.
    • In the In list, select Users.
    • Select the domain, select the number of items to display, and then click Find.

  3. Click the user to edit.

  4. For a user who is part of a local or hybrid domain, on the Detail tab, edit the General Settings and Login Settings, and click Save. For details about the settings, see User settings. You cannot edit the general and login settings for a user who belongs to an enterprise domain.

  5. To edit the group settings for the user, click the Group Membership tab and do these tasks:

    • Click Find Group and complete the search information.
    • To add the user to a new group, select the check box for the group, click OK, and then click Save.
    note note
    NOTE
    Local users cannot be added to directory groups. However, directory users can be added to local groups.
    • To remove the user from a group, select the check box for the group, click Delete, and then click Save.

  6. To edit the user’s roles, click the Role Assignments tab and do these tasks:

    • To display a list of roles, click Find Roles.
    • To add a role, select the check box for the role, click OK, and then click Save.
    • To remove a role, select the check box for the role, click Unassign, and then click Save.

Delete a user delete-a-user

  1. In administration console, click Settings > User Management > Users and Groups.

  2. To find the user to delete, do these tasks:

    • In the Find box, type your search criteria.
    • In the Using list, select Name, Email, or User ID.
    • In the In list, select Users.
    • Select the domain, select the number of items to display, and then click Find.

  3. Select the check box for the user, click Delete, and then click OK.

NOTE
AEM Forms on JEE also allows users of the AEM forms add-on running on an OSGi to be recognized as AEM users. This is required for scenarios where single sign-on between AEM Forms on JEE and AEM forms add-on running on an OSGi is required (for example, HTML workspace). The above-mentioned delete operation removes a user only from AEM Forms on JEE. The user is not deleted from AEM Forms add-on running on OSGi environment. But any login attempt made after deleting the user (a login attempt to AEM Forms add-on JEE server or AEM Forms add-on on OSGi environment) is denied.

Create custom login error handler create-custom-login-error-handler

If a user without the required AEM forms and CQ permissions, attempts to log into the following applications embedded in CQ, the user is redirected to the default CQ 404 page containing the error trace:

  • Correspondence Management solution

  • AEM forms Workspace

    note: The Flex Worksapce is deprecated for AEM forms release.

  • forms manager

  • Process Reporting

CQ provides a mechanism to override the default 404 handler jsp.

For details on how to to customize the error handling page, see Customizing Pages shown by the Error Handler in the Adobe Experience Manager Documentation.

recommendation-more-help
a6ebf046-2b8b-4543-bd46-42a0d77792da