Getting Access Rights of all users across Tridion using Powershell


This exercise is intended to explore the Tridion Core Service Powershell Module and retrieve various access rights users have on each publication.

The execution of this powershell script can show the access rights in a matrix on screen and also write down to a csv on file system

Getting Ready:

Refer this blog to Setup and Starting with Tridion Core Service powershell module and execute below powershell script:

$publications = Get-TridionPublications -ExpandProperties

$acls = @();

foreach($p in $publications)

$groupNames = foreach ($g in $p.AccessControlList.AccessControlEntries)

$rightsInfo = New-Object psobject

$rightsInfo | Add-Member -MemberType NoteProperty -Name "GroupName" -Value $g.Trustee.Title

$rightsInfo | Add-Member -MemberType NoteProperty -Name "ACL" -Value $g.AllowedRights



$entry = New-Object psObject

$entry | Add-Member -MemberType NoteProperty -Name "PubName" -Value $p.Title

$entry | Add-Member -MemberType NoteProperty -Name "Groups" -Value $groupNames

Write-Output $entry

$acls += $entry

$acls | Select-Object PubName, Groups -ExpandProperty Groups | Select-Object PubName, GroupName, ACL | ogv

You can get more details about the logic on Peter Kjaer’s GitHub

The below screen capture shows this in action:



Tagged with: , ,
Posted in SDL Tridion

The Powershell way of Tridion Core Servicing

In this year’s SDL MVP Retreat Event, I got a chance to work with Peter Kjaer on a custom powershell module for instantiating a Tridion Core Service client and utilizing it further to interact with Tridion CM through the powershell. You can refer this on Peter’s Git Hub: Tridion Powershell Module: Git Hub

Why Should I use it

There may be scenarios where you may need to retrieve data for analysis, debug or reporting purpose from the Tridion CM for a variety of use-cases which can not be seen/create from the Tridion CM Interface directly.

An option could be to write a custom application utilizing the Tridion Core Service and doing the necessary coding logic to perform the task, this however, require you to create and setup a project, code for creating a core service client, and then writing up the logic.

The Tridion Core Service Powershell module is a step in this direction to remove a majority of the effort of creating a custom project and associated maintenance and may even provide ready to use scripts for common use cases. For an example: you can use ready to use script for creating a clean Core Service client without wasting time in coding for the same, you can also use ready to use script for getting a list of all users and their associated groups and their Access Control List per publication – There are many such useful script which keep on growing.

How to Use It

  1. Open Powershell and Install the Tridion Core Service custom powershell module by executing below command:
    iwr "" | iex
  2. Ensure the command get executed without an error
  3. WooHoo!!! you are set to use the Tridion Core Service Powershell Module


Once the above module get installed successfully, you may run the below command on powershell to get information about all available commands:
Get-Command -Module Tridion-CoreService
At the time of writing this blog, following commands were available in the module:


To run it against the Core Service or rather Tridion CM of your choice, you may want to use the following command:


An example could be:
Set-TridionCoreServiceSettings -HostName  -Version -Credential domain\username -Persist
CMS URL: IP or URL of the CMS instance

SDL Tridion Version: Version of the SDL Tridion (like 2011, 2013, Web-8.5 etc.)

CAUTION: You need to close the powershell window and re-opens it after you update the Tridion Core Service Settings to use the updated details.

Starts with getting a Core Service client as below:
$client = Get-TridionCoreServiceClient

you can then use this core service client to call core service methods. For example:

$client.GetList(tcm uri, filters)

For more example, you can refer the Wiki Page on Peter Kjaer's Git Hub:
Examples - Tridion Core Service Powershell Module



Tagged with: , ,
Posted in SDL Tridion

SDL Web MVP Retreat in Portugal – Oct 2017

I have been privileged again (in fact 4th time) to be chosen as an SDL Web MVP for the year 2017 by SDL along with 20+ other MVPs.
Every year the MVPs have been invited to Lisbon for the annual retreat where we all will head to a surprise location to discuss, work, eat and drink followed by some fun activities – This year was no different as we have to reach Lisbon maximum by 4th October and participate in this retreat till 8th October.

4th October – Day 1:
This is the arrival day for all the MVPs where in an all expense paid trip by SDL to Lisbon, Portugal we have to reach no later than 4:30 PM. At the airport, we were greeted by the best hosts – Carla Osorio, Paulo and Christelle – and have some drinks outside the airport while waiting for others MVPs to come and join.

Later we headed for the historical city of Ourem – the surprise location of this year. We have been welcomed by the Hotel staff and given our room’s key after normal formalities. This Hotel – Pousada de Ourem is an awesome place to stay, just near the Castle and have amazingly clean, big, premium rooms – I was feeling like a king 🙂

Most of us after our long flights/journey was tired and relax over there while others are having drinks, playing music, swimming in the pool and what not – Our own Mark Saunders broken all records of “Least Sleeping Hours in a day” – as he indeed didn’t sleep at all and having all the fun.


5th October – Day 2:
The day starts as early as 9ish in the morning after the breakfast. After the usual internet, projector, connector  related minor issues, finally Nuno Linhares addressed all MVPs followed by a Video Streaming sessions by Onno Ceelen and Likhan Siddiquee from SDL on Roadmap of SDL Web and Unified Extension deployments – Which were a great learnings.


Nuno followed this with an overall review of the year 2017 and the objective of the event – Which eventually turns out to discuss few ideas, divide it in teams and work on them with clear goals and deliverable.

I have been put in a team lead by Peter Kjaer with Chris Morgan, Mark Saunders, Alvin Reyes and Hem Kant and we have to understand the Tridion Powershell Module developed by Peter and work on it to extend with new feature and demo. The objective was to get accustomed with it and share the knowledge among the group through demo to make life of SDL Tridion developer easier – I would be having a separate blog on technical details of it.

The night again starts with drinks, music and fun which last till just before the morning alarms.

6th October – Day 3:
The day started as usual with breakfast and then at 9ish in the morning, Niclas Cedermalm gives an excellent session on Tridion connectors with most of the leading third-party products in the market which was enough to open the sleep-deprived eyes of MVPs.
Learning about the strategy and solution that are on the edge to become popular is really great.

We then again grouped in to the teams and started from where it was left one day before.
Post lunch, each team explains the objective of their tasks and later demoed the implementation and functionalities that each team has achieved

Overall, it was so productive and learning exercise.

In the evening we all gather went to the nearby famous tourist spot – Fatima – where people prayed in the famous Church and did a bit of tourism.

On the way back, we got to this beautifully setup restaurant and have delicious food.

After reaching back to the hotel, despite of fully packed day, the energy level of everyone was high and the night was as usual “Haseen” with drinks, music and all the fun activities.

7th October – Day 4:
This day was planned to be relaxing, socializing and exploring the Portugal. We started the day at 10 in the morning. We got a local guide which took us for a informative tour on a local church, the city tour and the famous Ourem castle tour


We then headed for “Nazare”, the famous spot for surfers and having wonderful beaches. The Nazare is famous for its high waves and in fact have the record of highest wave surfed ever in the world. First some brief shopping in the local market followed by Boat Ride to the spot in the Atlantic ocean where the highest wave has been surfed – it was an amazing experience to feel those high waves in the ocean – honestly, it was scary (as I do not know swimming) but adventures.


We then came back to the hotel where open air barbecue waited the hungry MVPs. They got Pork and I was saying once you see a pig in India, you would never eat a Pork in your lifetime :P. I on the other hand enjoyed my “Raajma-Chwal” and famous Portuguese soup and then it again started – The drinks, fun and Music

8th October – Day 5:
While few of the MVPs have flight early in the morning and they left early, rest of the MVPs were carefully been dropped to the airport for their respective flights by our humble, high profile drivers – and few of us were happy that the driven thing is a Car and not a Boat 😛 – Anyway, Big thanks to Paulo, Nuno and Raimond for bearing with noisy passengers

And Bigger thanks to Carla, Paulo and Christelle for arranging and managing this well.

Feeling re-charged, re-energized, hope to see you guys again next year!!

Tagged with: , ,
Posted in SDL Tridion

SDL Web Core Service – Changes and Improvements

The introduction of SDL Web 8 and SDL Web 8.5, comes with a complete revamped SDL Tridion package and also brought some significant changes in Core Service and its associated security.

The security model in SDL Web Core Service has been improved a lot keeping in line now with industry standards.

Having said that, this means there are some significant changes the way Core service is being used mostly because of changes in the signatures of few methods.
This further means, though backward compatibility is quite good with old Core Service code written for Tridion 2103 and Tridion 2011, however, there may be instances that this old core service code might not work with SDL Web 8 and SDL Web 8.5.

Few of these examples are as below:

Creating a multimedia component – This is the real scenario when I actually realized these changes in Core Services.
Earlier, we used to write below code to create a multimedia component using core service:

var streamUploadClient = new StreamUploadClient(binding, endpoint); //Binding and Endpoint corresponding to the Stream Upload Client
streamUploadClient.UploadBinaryContent(fileName, fileStream); // Name of the File and File Content as InputStream

In SDL Web 8/8.5, this has recognized to have a Security vulnerability and to do this in new versions of SDL Web, you need to create a “AccessToken” before you can actually upload the Binary Stream using UploadBinaryContent method. This is illustrated as below:

var streamUploadClient = new StreamUploadClient(binding, endpoint); //Binding and Endpoint corresponding to the Stream Upload Client
AccessTokenData accessToken = client.GetCurrentUser(); // client = SessionAwareCoreServiceClient
streamUploadClient.UploadBinaryContent(accessToken, fileStream); // File Content as InputStream


GetCurrentUser() Method: Another Security measure I noticed with the GetCurrentUser() method (Also not sure if this is any bug as I can’t see any documentation for it). The method GetCurrentUser() is also not backward compatible and it is very hard to catch as there is no change in the signature.

The GetCurrentUser() anticipate the latest available client in use and throws exception at run time if older endpoints are being used. Below snippet illustrate this for a SDL Web 8.5 environment:

// This will work fine with SDL Web 8.5
var endpoint = new EndpointAddress(@"http://devcms/webservices/CoreService201603.svc/wsHttp");
var binding = new WSHttpBinding {...}; // Settings for binding
var client = new SessionAwareCoreServiceClient(binding, endpoint);
AccessTokenData accessToken = client.GetCurrentUser(); //Successfully return AccessTokenData


//None of the below endpoint would work with SDL Web 8.5
//var endpoint = new EndpointAddress(@"http://devcms/webservices/CoreService201601.svc/wsHttp");
//var endpoint = new EndpointAddress(@"http://devcms/webservices/CoreService201501.svc/wsHttp");
//var endpoint = new EndpointAddress(@"http://devcms/webservices/CoreService2013.svc/wsHttp");
//var endpoint = new EndpointAddress(@"http://devcms/webservices/CoreService2011.svc/wsHttp");
var binding = new WSHttpBinding {...}; // Settings for binding
var client = new SessionAwareCoreServiceClient(binding, endpoint);
AccessTokenData accessToken = client.GetCurrentUser(); //Throws Exception

For any of the old endpoint client, we will get below exception message while trying to call the GetCurrentUser() method:

System.ServiceModel.Security.MessageSecurityException occurred
Message=An unsecured or incorrectly secured fault was received from the 
other party. See the inner FaultException for the fault code and detail.
Inner Exception 1:
FaultException: The message could not be processed because the action 
is invalid or unrecognized.

There are few more changes in the Core Service in SDL Web as compared to the SDL Tridion 2013 SP1 and a list of them can be find on SDL Doc here – Core Service API delta

I hope this will help those upgrading to SDL Web as well as those implementing new functionalities as per their exposure to old Core Service.













Tagged with: , , ,
Posted in SDL Tridion

10 Reasons – Why you should choose SDL Web for your digital strategy

Page 2 of 2    << PREVIOUS PAGE

…Continued from Page 1

  1. Third Party Integrations
    SDL Web is quite rich with its set of APIs exposed and can be used to access any content – published, unpublished, under workflow process, everything.
    It could be a WCF based service that can be used to access pages, content and other building blocks of your website, the user, groups and other admin related information; it could be an OData based service exposing all “published only” content; it could be a dll or jar file that you can reference in your web application to interact with SDL Web or it could be a special library to connect with external content provided by third party applications – possibilities are limitless.
    So you can for example, integrate your SDL Web based website with:
    – Salesforce creating leads and opportunities
    – Applications like Eloqua, Marketo, Pardot etc. submitting information collected via various forms on your website
    – Sharepoints to access docs or intranet information
    – Tools like Documentum, Flickr, AWS S3 Bucket etc.
    – Integrate with SOLR, Elastic Search, AWS Cloud Search etc. to index and search content
    – Integrate with Brightcove, Vimeo, Ooyala to access and play videos on your website
  2. Asset Management
    SDL Web allows to create multimedia content (images, video, documents etc.) of almost all types and allow to manage even large amount of assets in SDL Web CMS itself – I actually had an experience where we have imported millions of assets from a popular asset management system and handle/deliver them solely from SDL Web without any issue and acceptable performance.If you need full-fledged Digital Asset Management (DAM) system with advanced features of Asset Management system like out of the box Content Delivery Network (CDN), resizing, cropping, multi-channel media (different size, different format) etc., then you can choose to configure SDL Media Manager which comes as a part of SDL Web suite and integrates easily with SDL Web – To get a glimpse of SDL Media Manager you can read THIS blog of mine.
  3. Document Management
    As mentioned above, you can create documents by uploading documents as a multimedia component with in SDL Web directly, however, if you are looking for a full fledged Document Management System (DMS) based on DITA format, you may use an Add-on product SDL Knowledge Center (formerly Live Content) provided by SDL and integrates with SDL quite nicely and easily.SDL Knowledge Center is an enterprise solution for creating, managing and delivering high quality structured content for technical documentation and self-service support. You can download the SDL Knowledge Center data sheet from HERE
  4. Multi-channel Campaigning
    If you need a multi-channel campaigning, you certainly custom implement it in SDL Web system; alternatively, for a full fledged Campaigning system, you may opt for SDL Campaigns product suites, which allows to create customer segment and combine everything you know about your customer into a visual dashboard – this gives you a full picture of your customer and allows you to engage with your customer through targeted campaigns across multiple channels
  5. Community
    The ever growing community of SDL Web is awesome – the community has added a real value to the product. The SDL Community has been able to bring following value addition on the table:

    • Alchemy For Tridion (A4T)
      This is essentially an add-on for SDL Web and is serves majorly two purpose – provides a framework to extend the GUI of the SDL Web and allow to configure and setup those GUI extensions by mere drag and drop on SDL Web interface. Second, it provides a web-store containing hundreds of plug-in created and shared by the community and can be re-use – and all this is free of cost. You can read more about Alchemy For Tridion and gather all necessary resource at Alchemy Webstore
    • Dynamic Delivery For Tridion (DD4T)
      DD4T is a development framework which enables the use of MVC Architecture in SDL Web based website. It comes in two flavours – DD4T with .NET and DD4T with Java. The DD4T stores the pages and content in Database as a data instead of code files on file system – you can use the REST APIs to fetch this data in your web application and render on views
    • Digital Experience Accelerator (DXA)
      DXA is another development framework or rather a website implementation tool-kit owned and supported by SDL and actively enhanced by the community. DXA comes with a basic website using standard best practice out of the box which can be re-used, extended or built upon for faster development cycle. DXA is also available in two flavours – DXA with .NET and DXA with Java
      DXA at its core utilizes the DD4T framework – there are efforts in place to merge the DD4T with DXA so as to have a more powerful combined package available for use.
    • Search Integration For Tridion (SI4T)
      SI4T is another open source project developed by the community which allows you to index your published content into Web App Search Engines like SOLR, AWS Cloud Search etc. which can be further used to enable fast enterprise search and filtering of content on the website
    • Tridion Stack Exchange Website
      Tridion Stack Exchange website ( is a Q and A website for Tridion developers, administrator and architects. You can visit this community website for any query related to a implementation and the rich community will try to answer generously
    • Blogs
      The SDL Web community is quit active in blogging and hundreds of blogs are out there which can be referenced and gain knowledge from.
      A partial list of such blogs and other online references can be found on Tridion Stack Exchange
    • MVP Program
      To encourage the active participation in the community and to thank all those active community members who made the community great, SDL runs an MVP (Most Valued Professional) Award, in which all active members are identified and awarded with this prestigious award every year.
      Learn more about the MVP Program on SDL Community
Page 2 of 2    << PREVIOUS PAGE
Posted in SDL Tridion

10 Reasons – Why you should choose SDL Web for your digital strategy

In this over-crowded space of Web Content Management System (WCMS) where more than 2500+ options are available, choosing a best partner for your digital strategy is always a challenge.
Most of these WCMS system are capable of creating a high performing, dynamic, device (mobile, digital signage, panels etc.) friendly and content rich website; but below listed 10 reasons differentiate SDL Web from its competitor and turn out to be an obvious choice considering most of these features/options are not available in most of the offerings out there and provides a real value for your digital implementations:

  1. Blueprinting
    Blueprinting is a Trademarked feature of SDL Web. Blueprinting allows content sharing and re-use of the content across different pages in your website or even across multiple websites. The content repository (known as publications) are managed in a hierarchy exhibiting parent-child relationship. Any content created in parent repository can be reused in child such that all or part of the content can be re-used.
    So you can for example:
    – Create a content for marketing campaign for a US region website
    – Re-use the above content for a India Region website while keeping text, images being same and just changing the currency and denomination
    – Re-use the above content for US Region website in French language while keeping the image same but changes the text
    – Re-use the above content to completely change in terms of text and image but keep the metadata intact
  2. Java or .NET – Does not matter
    This is another feature in SDL Web which is available only with SDL Web and no other WCMS system – you want to implement your website in .NET and Microsoft Technology Stack you can do that with SDL Web; and if you want to use Java and related tech stack for your website, you can do that as well
    So you can for example:
    – Choose a Linux based server and have a Spring MVC based website powered by SDL Web
    – Choose a Windows based server and have a ASP.NET MVC based website powered by SDL Web
    – Choose an Amazon or Azure based cloud with either Linux or Windows as OS and Java or .NET based website as per your need
    – You can choose a combination of one or more of above
  3. Translation
    SDL undoubtedly is pioneer in translation service – their AI powered translation services are unmatched with any other service provide – that’s what SDL meant and known for – Software and Documentation Localization.
    Now SDL’s translation services can be integrated with SDL Web through out-of-the-box Translation Manager which enable sending content for translation to SDL’s translation service as well as manages the entire translation workflow and approval process.
    So you can for example:
    – Select a content in SDL Web, send it for translation to SDL’s Translation server, receive the translated version in SDL Web, let it pass through approval workflow – if approved, use it in your website; if rejected, sent it back to for re-translation – and all this with minimal human interaction and no extra software
  4. Latest Version – Always
    Always wonder about upgrade and be in line with latest technology upgrade, then SDL Web is the thing – you can opt for SDL Web Cloud which is a version-less system. This means you will always be on latest version of the WCMS system – the quarterly release of the software will be patched as per an agreed scheduled by SDL and you can relax and be free from “Upgrade Plans”
  5. Extensibility
    One of the biggest advantage with SDL Web is that it allows you to extend most of its feature – GUI, Publishing Process, Link Resolving process, Storage Mechanism, Content Saving process, Workflow process – almost everything.
    So you can for example:
    – Extend the GUI to have few custom menus there with custom functionality to ease the Content Author
    – Extend the default process of publishing and may choose to inject some custom logic before, during or after the publishing of content
    – Extend the storage mechanism while publishing content – you may choose to save the publishing content to file system and/or database and/or can define a new storage type altogether and/or choose to store published content in some custom DB like Mongo DB and/or search engines like Solr, Elastic Search, AWS Cloud Search etc.
    – Extend the content save process and choose for an example to send an email whenever a component is saved
    – Extend to capture almost any event corresponding to any activity you do and can customize the process
Page 1 of 2       NEXT PAGE >>
Tagged with: , , ,
Posted in SDL Tridion

Is SDL Web (Tridion) well-suited for your organization – Part II

Continuing from Part I where we discussed the typical use case scenarios which suits the use of SDL Web and those which does not.

In this part we will see if the SDL Web ecosystem suits your organization and its strategic considerations

Is SDL Web suits well for your strategic considerations?


The acceptable strategy and stability of SDL Web makes it quite a good fit from strategy and ecosystem perspective. You will gain significant boost to your digital presence through consulting from expert professionals from SDL’s professional service and Partner channels.

Tagged with: , ,
Posted in SDL Tridion