Resetting the Configuration Protection Passkey and SSOCONFIG passwords to Decouple IFS ADFS from Legacy Lawson Environment

 1 Replies
 0 Subscribed to this topic
 27 Subscribed to this forum
Sort:
Author
Messages
Orlando Gray
Advanced Member
Posts: 35
Advanced Member

    Hi. Hoping to get a bit of guidance on this maintenance task that we need to perform.

    We have an old On-Premise Legacy Lawson 10 environment (AIX platform) that is currently Federated and using ADFS for user authentication. We have since moved to the INFOR Single-Tenant Cloud Hybrid environment for Production (in 2021) but the old environment is still available in read-only mode for a small set of users to be able to log in and view historical Financial data as needed.

    Our IFS ADFS server architecture tied to that old environment is out-dated and we need to migrate off of it. Instead of upgrading it, since it's no longer true Production now that we are in the Cloud. And we would like to set up the old Lawson environment for the few users that do need to login, to use local login instead of ADFS.

    We are aware that we will need to use SSOCONFIG to change our environment attributes to move away from ADFS, however all of the previous system admins are no longer with the company, and we have lost access to many of the system passwords, including the SSOCONFIG one so will need to reset it.

    Infor provided some steps (attached) that we could use to reset the Configuration Protection Passkey, and with that set a new SSOCONFIG password. The problem is with this action we will also have to either change the password or set the password equal to the current password for all of the other environment attributes (LDAP, SSO_CONF, JDBC, etc.).

    The only one we have is the JDBC password to be able to connect to the database. But the others, we will have to reset.

    I am bit worried that if we change all of these other passwords and restart our environment, we will not be able to bring it back up due to passwords having changed in the install.cfg file that doesn't match a password somewhere else that we would not have not changed.

    Does anyone know of anything else that we need to consider when doing this or see any other pitfalls that we might come across when we reset these passwords. Are there other areas that we would also need to sync the new passwords to in order to ensure that the environment is able to function normal after these changes?

    Thanks in advance. 

    Attachments
    Orlando Gray
    Advanced Member
    Posts: 35
    Advanced Member

      We were able to locate the current ssoconfig password in some old documents so did not have to perform these steps.