Currently, our LSF9 security structure is set up as&160;Corp HR, West HR and East HR.&160; Corp HR = corporate payroll (they do not handle tasks such as hiring, status changes, comp reports, etc.&160; They do have access to all employees irregardless of their location) East/West HR = handle all hiring, status changes, reports, ability to answer employee questions for their respective locations. There is a process level (PL100) that spans both the East &&160;West HR&160;groups.&160; ...

I know that a particular person can  can view his/her own jobs in the job scheduler.  I also know that you can look at ALL jobs or at specific people.  I have a department head who wants to see all of the jobs under the payroll (PR) system code.  Is this possible  Thanks a lot for checking.

Hi,  I understand we can creating a security group using Lawson RM administrator tool .I have to create 350 groups in security . Is there an automated way or utility to do this  

We are converting to Lawson Security as we upgrade to Lawson 10. Our HR Admin  is testing HR11 for New Hires functionality and after she's done with the TAX tab, she gets a 'security violation' error for PR13.3 on 'Add'. Meanwhile, she has been granted 'all' access to both HR11 and PR13. What could be going wrong in this scenario

Has anyone automatically monitored the IFS Sync  I would like some thoughts. 

Hi-   I have heard there is a unix/lid command we can run on a form that will report out what table and form security it rquires.  For example if I ran it on form AP520, it might return to me apcinvoice and apcdistrib.  Anyone know this command or have a good method on how to determine what security is needed for each program.   Thanks.  

Is there a way to write a rule for GL290 to limit a user's access based on the companies in their user CompanyControl attribute versus the companies in the Company_Group So, if the user enters a 'Company Group' (that's been defined on GL11.1), the rule would compare the companies in the user's CompanyControl and allow access to GL290 if all the companies in the Company Group are present in the user's CompanyControl attribute.   For example, the user enters 'GL Close' in the 'Compan...

Hello, We upgraded LSF from v9 to v10. We're having an issue where users can edit their own records. We don't want users to edit their own record, it is working on v9 but not in v10.   I've narrowed it down to the Security Class - Conditional Rule Access. this line: if((user.getCompany()==lztrim(form.COMPANY))&&(user.getEmployeeId()!=lztrim(form.EMPLOYEE)))    'ALL_ACCESS,' else    'NO_ACCESS,'   The above rule always default to false. I've tried d...

I am trying to duplicate an existing security class within a profile/product line, but when the new class is imported, many of the rules are changed to 'Conditional Rule Access...' instead of 'Grant All Access' as the original rule is configured. Worse is that since there are no actual rules defined, all the conditionals give an XML error when you first open them up to modify. We issued these commands to export the old class and create the new one: lsdump -f buyer3.dmp SecClass MSMain Buyer2 ...

Hello, I am currently trying to build a rule on the po30.1 form but am having a hard time finding the 'pls-requester' field.  When I view it on the form I can see it on the source tab but, it does not show up as an object in the form.  I am thinking this would not be considered a form object because it is a derived field from rq04 but, that is just a guess.  I tried to just type in PLS_Requester but i receive an error saying it's not available. is there a way to reference th...

Forgive me if this is the wrong forum to which this should be posted. I have also posted it in the HR forum as well, since it relates to ESS functionality. I have several users reporting that they are no longer able to 'Re-CaIculate' to see the effects of a different rate on their taxes, etc, using the payment modeling tool in ESS. They are still able to change all the other fields and see their effect, just not the pay rate. At Lawson's suggestion, I tried clearing the IOS cache in the portal,...

Hello, We have received the notification from Infor that they will no longer be supporting LS/STS for authentication effective March 1, 2019 and are encouraging customers to move to ADFS. I am seeking information on what it would take to convert from LS/STS to ADFS. Did you have to engage an outside consultant to perform this conversion Any information you can provide would be helpful. Thank you.

Has anyone implemented two factor authentication for Lawson We want to do this for employees accessing Employee/Manager Space externally and are looking for any information that you can provide. Thank you.

Hello All, We have some delivered Security Classes that we are trying to determine what access is granted with each of these Security Classes. There does not appear to be a delivered report in LSA. Does anyone know of any way to gather this information   As an example Security Class 1: All Access to HR11 and PA52 Security Class 2: All Access to HR11, Conditional Access to PA52 Security Class 3: All Access to HR11 only

We have entered into an affiliation with another, 'non-Lawson' local hospital a few years ago. Since then, we have integrated the HR & Payroll functionality from their legacy HR/PR system into our Lawson system, so that we now utilize a single HR/PR system & process. The only piece we've yet to allow is ESS access for their employees. As such, they do not have access to their paychecks which are being processed out of Lawson. We'd like to address this and create Lawson Security accounts...

Running Lawson Security 10.0.9. Does anybody have any experience with the match() function  I'm trying to restrict access to a field containing a SSN. I tried this: match(table.TAX-ID,'^(!000)(!666)(!9)d{3}&91;- &93;(!00)d{2}&91;- &93;(!0000)d{4}$')   but it doesn't appear to be working. My usage of the function may be incorrect but the documentation is not very helpful.  I know the regular expression works.

Hi all, It's been a while since I've had to do much Lawson Security administration, so I'm pretty rusty.  I have someone (a manager) asking me to allow them to see their direct-reports' job reports.   They are on version 10 and were upgraded from version 9.  Prior to the upgrade, she could see these.  I've found several things that did not make the transition cleanly, so I suspect this could be one, too.  I just can't remember how/where to go to allow one user acc...

I am looking for a way to run a report by role name (to get the associated security classes) and a run a separate report by Security class to locate all of the screens associated with the class.  Is this possible

To the S3 Security wizards out there! Vic Bhagwandin and I are endeavoring to satisfy a new requirement: - some users need full-access to all of their screens, for companies 70 and 71 - they also need inquiry-access to companies 20 and 30 The Element Group rule below works - mostly! It works exactly as needed for 70 and 71, and gives inquiry-access to screens for companies 20 and 30. But they need to run the 200s reports, such as GL293 and GL293, for companies 20 and 30. Unfortunately, th...

I've been working on a security rule for PA52.1 that will restrict specific action codes when the forms effective date (MM/DD/YYYY) is less than the employee's hire date. My returned value from the EMPLOYEE table is in YYYY MonthName DD format.  I've also tried to use the dateFormat function(Date,CurFormat,OutputFormat), but can't find what values are available for use as CurFormat and OutputFormat. Any thoughts or suggestions would be appreciated.

I've got it down to the change and the date, but I was asked to also report on who executed the change.  We see operator ID in many of the S3 application tables, and that's the kind of thing I need for determining who performed the security update in LSA.   Thanks, Stan

Does anyone here know if its possible to disable ADFS authentication for individual users We are on Infor v10. Thanks in advance.

We need to open up security for payroll users to enter time records on the PR36.1 screen for process levels ending in '2' and '3', but these users are not allowed to see the pay rates for employees in these process levels. However, we still need the users to have the capability to enter dollar amounts in the rate field, so we can't completely remove security from the Rate field on PR36.1 for these process levels.  I've set up security rules to prevent these users from seeing the TRD-RATE...

Does anyone know whether it is possible to write a rule in RW100 style 1 override tab to require a company number before job can be submitted or not  If yes, how

We have an ADFS farm that consists of two servers. We have an IFS installations on each ADFS box load balanced under the same DNS name. Primary - Box 1: .249 (dev-adfs01.com) Secondary - Box 2: .250 (dev-adfs02.com) DNS - adfsdev.com We were able to use SAML on the primary IFS login but were unable to switch the secondary box off of windows authentication due to lack of ADFS permissions. To fix this we swapped the 250 box to primary using powershell commands. We then swapped the 250 ...