Short Answer
To create a system user in Adobe Experience Manager (AEM), access the AEM Web Console, navigate to the User Management section, create a new user, and specify that it’s a system user.
What Are System Users
A system user in AEM is a non-human user that is often used for running services or scripts that need access to the JCR (Java Content Repository). These users are designed to interact with AEM’s backend apart from the usual human user workflows.
Step-by-Step Creation of a System User
Step 1: Access the AEM Web Console
- Log into AEM: Start by logging into the AEM Author instance with an account that has administrative privileges.
- Navigate to Tools: Go to the main navigation console, often found at the top of the screen, and select ‘Tools’.
- Open Security: Within Tools, find and click on the ‘Security’ section to open security-related settings.
Step 2: Open User Management
- User Administration: Inside the Security section, look for ‘User Administration’ or a similar term depending on your AEM version.
Step 3: Create the System User
- Create User: In the User Administration interface, locate and click on the ‘Create User’ button or link.
- Specify User Type: When prompted, select ‘Create System User’ from the options available in the dialog box.
Step 4: Fill in User Details
- Enter User ID: Type in a unique ID for the system user. This ID should be indicative of the user’s role or the services it will perform.
- Skip Password: System users typically do not have passwords since they are not meant to log in through the UI.
Step 5: Configure Permissions
- Assign Permissions: After creating the user, assign the appropriate permissions that align with the tasks the system user will perform.
Step 6: Verify the User Creation
- Check User List: Go back to the list of users to ensure that the system user has been successfully created.
Best Practices When Creating System Users
- Principle of Least Privilege: Grant only the permissions necessary for the tasks the system user needs to perform.
- Naming Conventions: Use a clear and consistent naming convention for system users to easily identify their purpose.
- Documentation: Document the creation and intended use of each system user for future reference and auditing.
Additional Information
Permissions and Access
Assigning permissions to system users is a critical step. It is done either during the creation process or afterward by editing the user’s properties. You will need to navigate to the permissions tab or section within the user management interface and select the appropriate access levels for the system user.
Using CRX Explorer
For more advanced users, system users can also be created using the CRX Explorer, which is a low-level tool for repository operations in AEM:
- Go to CRX Explorer (/crx/explorer).
- Navigate to the ‘User Administration’ section.
- Create a new system user and assign permissions as needed.
Common Use Cases
System users are commonly used for:
- Services that run in the background without user intervention.
- Scripts that need to perform operations on the repository.
- External applications that interact with AEM via APIs.
Conclusion
Creating a system user in AEM involves several steps that include logging in with administrative privileges, navigating to the User Management section, creating a new system user, and configuring its permissions. It is a straightforward process that plays a vital role in AEM’s security and operations management. Always follow best practices by assigning the least privileges necessary and keeping clear documentation.
