Closed nikolay-v-atanasov closed 3 months ago
Hi @nikolay-v-atanasov what does AC Tool log say? I assume the execution on Production is successful? Maybe you can share the verbose log?
Additionally, we create a similar user group FLEETCARCONFIGURATOR.FLEETCCDOC-HQ-PUBLISHER (no SKD prefix) and everything is good for this group i.e. the groups is included as a member of listed groups.
Was it being created as part of the same yaml definition you shared? (asking, because don't see it there).
Hi,
I don't see errors in verbose log. The log is attached ac_tool_verbole.log
The FLEETCARCONFIGURATOR.FLEETCCDOC-HQ-PUBLISHER (no SKD prefix) is created in another script file. The definition is here: new_fleet.yaml.txt
I attached two screenshots on SKD and NOS SKD groups so we can see that NOT SKD groups are created successfully:
I dumped the AC Tool, and I see that for not SKD groups, we have
- STARGATE.STARGATE-EN-IE-IMPORTER:
- name:
isMemberOf: STARGATE.STARGATE-GLOBAL-WORKFLOW-USERS,STARGATE.STARGATE-GLOBAL-WORKFLOW-REQUESTERS
path: /home/groups/stargate/importers
and some of the comma-separated strings are converted to lists:
- FLEETCARCONFIGURATOR.FLEETCCDOC-CZ-EDITOR:
- name:
isMemberOf:
- FLEETCARCONFIGURATOR.FLEETCCDOC-CS-CZ-CMS-EDITOR
- FLEETCARCONFIGURATOR.FLEETCCDOC-EN-CZ-CMS-EDITOR
- FLEETCARCONFIGURATOR.FLEETCCDOC-GLOBAL-USERS
- FLEETCARCONFIGURATOR.FLEETCCDOC-CS-CZ-DAM-EDITOR
- FLEETCARCONFIGURATOR.FLEETCCDOC-EN-CZ-DAM-EDITOR
Do we have a limitation of the length of isMemberOf property in characters? Do we have any other limitation that affects converting isMemberOf property to YAML list?
Thank you Nikolay
This doesn't seem to be like an issue in the tool itself (as it happens only on PROD), can you therefore please rather use https://github.com/Netcentric/accesscontroltool/discussions. This is reserved for tracking of bugs/features. Thanks.
The tool doesn't work as expected. This can be an environment-specific issue, can't it?
Hi all,
We have an issue with AC Tool on AEMaaCS. The issue is weird because we have the same scripts and same configurations for all AEM Cloud environments, but we only have the problem on PROD, i.e. the groups are created properly on AEM DEV and STAGE environments but they are broken on PROD.
The problem is that we create several external IMS user groups by AC Tool, and for these groups, we specify that Group A isMemberOf Group B. For example we specify that: SKD-FLEETCARCONFIGURATOR.FLEETCCDOC-HQ-PUBLISHER is member of these three groups:
However, the FLEETCCDOC-HQ-PUBLISHER group is not created as a member of the groups above. Here is the code snippet
Additionally, we create a similar user group FLEETCARCONFIGURATOR.FLEETCCDOC-HQ-PUBLISHER (no SKD prefix) and everything is good for this group i.e. the groups is included as a member of listed groups.
We have just one AC Tool configuration for PROD in config.author.prod folder. The PID of the service is biz.netcentric.cq.tools.actool.impl.AcInstallationServiceImpl.cfg.json
{ "configurationRootPaths":[ "/apps/xxx/actoolconfig", "/apps/xxx/actoolconfig_ims" ] }
I appreciate any advice and suggestion about the issue.
Thank you in advance, Nikolay