Hi, all! We are on 9.0 and using LS security. We have a single sign on for our Lawson users using Active Directory bound with ldap. For those users who have access to forms directly (we call them dual users such as payroll clerks, purchasing requestors etc…) and who have self service roles we secure them through rules which seem to be holding pretty well. Such as confined to their own process levels etc... Lawson provides out of the box ESS and MSS standard roles. With a little tweaking these ...

I have a security class on LAUA (eg. HRUser) , which  restrict users from accessing the EMP(Employee Table)  based on the Process Level. On the Employee Self Service> My Pay option ,  the HRUser security Class users, does not  see any Pay/Tax data.The reason being the PAYMASTER and other related  tables'  access is secured by Company/Process Level. The affected Users are on the same Process Level that is secured. I am thinking of a rule, that would allow the respective users to view their pay ...

We are in the process of rolling out ESS to 4,000 users and are trying to limit the maintenance on ESS passwords.  I have a few questions: What logic do you use to assign the initial ESS password (ex. birth yearlast 4 of SSN) Do you allow ESS users to change their password Do you force users to change their password after initial log on Do Lawson users have two separate ID's, one for ESS/MSS and a separate ID if they are a Lawson application user Thanks.

I am receiving the error 'rules are secured' in portal when executing a drill around on employee in HR11. We are using LAUA in LSF9 for the user in question. The security class the user is in has access to all files in HR. Any ideas

We have a shopping list that is company wide with basic items.  Is it possible to lock down PO15.1, based on the name of the template and if it is a specific user and give everyone else inquiry only access Any assistance would be greatly appreciated. Elizabeth Ardito Systems Analyst Middlesex Health System

Is there a listing of which files to grant access to for ESS/MSS to work

I posted this on Lawson Community as well, but thought I'd try here too. Has anyone found a way to capture LDAP changes made via the loadusers utility. We have a nightly scheduled job running under the lawson userid that uses loaduser utility to add new employees to the LDAP for ESS. I am not seeing any of these changes when I look in the Lawson Security Admin Audit Report even though I include lawson user in my report list. I do see all changes made by a given individual via the LS Administrat...

Is anyone having issues using the LSLOAD programs  We are simply dumping a profile that exists then trying to load it as a new profile.  This profile has about 450 security classes and as it is doing the LSLOAD it fails in different places and takes down the Security Server and the Application every time.  We have to restart Websphere and Lawson from the beginning.  GSC has been of no use as of yet, anyone surprised about that  Thanks

Thanks for reading. I have a user that's missing the 'PrintManagrer' and 'JobScheduler' when using IC229. I added the environment forms 'prtmgr' and 'jobschd' but it's still missing for him. Any suggestions

Hi, I need to mass update SSOP passwords for all users. Does anyone know if this is doable, and how thanks.

Has anyone able to secure the Manager Self Service to only allow access to direct reports and employees reporting under the supervisors I had used the Lawson examples but I am getting errors and it is not working. Here's the formula:        if(user.isSupervisorOf(getIdFromEmpNbr(lztrim(table.COMPANY),lztrim(table.EMPLOYEE))))'ALL_ACCESS'; else'NO_ACCESS';

I am receiving messages 'file PROJECT is secured' and 'file SYSTEM is secured' when I click on Personal Profile and Emergency contacts in ESS.  After I click 'OK' on the pop-up message, the data displays. It doesn't do that in my test environment and I checked the security rules between the two systems. I really don't want to deal with Lawson Support. What am I missing Thank you,

Hi!  Has anyone implemented ESS/MSS and Org chart functionality in Portal and LS 9  Because of the access required on the Employee table, I'm having issues with core users (i.e. AP processor) and the ability to 'drill' on an employee's information which shouldn't be available to anyone but the employee (salary). I've tried field level security on the Employee and PAEmployee tables, but the performance is really bad, to the extent of not returning data. Any suggestions

I have been researching the migration process for security from one LS9 box to another.  As far as I have found, the best way would be to do an lsdump on the profile to get all of the security classes over. Then either use lsdump one at a time on the roles or recreate the roles by hand. Does anyone have any experience doing this or is there a better way Any ideas or help would be greatly appreciated.

Can you permanently delete customer accounts in Lawson If so, is there a way to see what accounts have been deleted and by who Thanks

I have a working LSF9 environment and I want to create a second one. I created a new LDAP instance (TDS 6.1).  It seems that I need to create a new suffix and define an object to be used as the top of the hierarchy.   When I try to create a new subtree with an ldif import, something like dn: o=lwsn,dc=net,dc=myorganization,dc=org changeType: add objectclass: organization objectclass: top I get an error.  Either I get 'Suffix entry has not been created', or if I create the suffix first then ...

Hi, I am new to Lawson and I'm in the process of writing a script to parse the Form ID Security Report. I'm wondering if anyone has a listing of all the possible values for the 'Unsecured FCs' column as well as a definition of what they mean No one in accounting (who's been managing the system) knows or knows where to look and I'm trying to have IT take over administration of this.  Example:                    SYSTEM   PROGRAM                     UNSECURED             SECURED   PRODUCT LINE...

What would be the best way to keep all the users NT in tag and migrate all the details from the old environment to LSF9

We're looking to establish some fine-grained auditing here - at least specifically to try to track who deletes data from specific tables. The weblogs are, how shall I say this - filled with a lot of information --> and still don't provide a good trail to find this data. IOS provides the same voluminous info, again, without the detail we need. Our oracle logs give great info - except that since it's database auditing, the user ID is always the admin ID (and he doesn't have rights to mess with dat...

I can open a url in IE constructed like this to login, access /servlet/Router/Transaction/Erp, and get valid xml returned: http://lawson-server:port/sso/SSOServlet_action=LOGIN&_ssoUser=myid&_ssoPass=mypa55wd&_ssoOrigUrl=http://lawprod:9082/servlet/Router/Transaction/Erp... with proper params. This does not work the same from an asp, for remote login, using Msxml2.ServerXMLHTTP.4.0: code sample: Set objSvrHttp = Server.CreateObject('Msxml2.ServerXMLHTTP.4.0') objSvrHttp.open 'GET', 'ht...

PA100 offers a parameter for Update or Report Only.  My customer would like to limit certain users to Report Only.  Standard Security restrictions (version 9.0) on this field have been ineffective.  (I assume this is because the field options are not table-based, but are provided by the Cobol code.)  Does anyone know of a way to restrict this through 9.0 Security

We have lsf9.0.0 running and ready for our conversion fron 8.0.3.  We keep getting the following error messages in the Application log on the windows server: WIN32Error: controller.c(100): NT AUTHORITY\SYSTEM: java.exe: NetGetAnyDCName(WREC) - There are currently no logon servers available to service the logon request. And WIN32Error: controller.c(100): NT AUTHORITY\SYSTEM: jobrun.exe: NetGetAnyDCName(WREC) - There are currently no logon servers available to service the logon request....

Lawson 8.0.1.3 SQL Server 2000 Windows 2003 Greetings! I am completely new to Lawson & have never had any training on the app. I am also completey without any support documentation on how the application 7 the Portal work. SoemhowI have managed to fumble my way through getting it to work. We performed a P2V of 4 servers from one domain to another & then reverse engineered the new environment on the new domainby changing all the server references in the web config & in all the bookmarks. Af...

I'm trying to develop a report that will show me all of the users that have access to forms PO20 and PO30 (version 8.0.3). I was wondering if any of the information is written to a table that could be accessed by Crystal or MS Access. If not, what other methods may be available for creating this type of report that will need to be accessed by non technical people

Is anyone receiving this message in the LSA client or on the server when making any security changes   We were told by the GSC this is related to the size of our security classes/roles, yet told by their trainers that there is no size limit.   Anyone else having (or had) this problem   If so, how did you fix it.  It it simply a configuration change on your server Thanks, Rodney