We're implementing LSF9 and I'd like to understand what the 'best practices' setup is for ESS users if you do not want to maintain a LAUA record for everyone. In 8.03 I beleive the necessary security was inherited by defining a RD30 record and assigning the user to a ESS group that had the application assigned to it. In LSF9 we are getting Logan security errors when logging into ESS if the Domain user in Identity Manager is blank or not defined in LAUA security as having access to Logan. My sec...

I'm just relatively OK with this new Lawson security product. I've tried rules like: On the POR-PO-NUMBER field in PO30.1 if(trim(getDBField('POLINESRC','REQUESTER',form.POR_COMPANY,form.POR_PO_NUMBER))==user.getRequesterId()) 'ALL_ACCESS,' else 'NO_ACCESS' But it never seems to take effect. What am I missing here Is there a better way to do it I know I also have to limit the drills, but wanted to get the form portion of this working first. Thanks in advance for any he...

Ok,   I am new to a company i just started working for. Within the past two days users have started sudden getting security violations when inquiring and returning data on PR forms ...example PR36 now gets security violation. Yesterday the apps system was rebooted and this seemed to resolve issues for users. This morning users are getting security violations again.   Users have been able to return data with no issue in the past and no changes have been made to my knowledge.    I tested se...

We are receiving Lawson security exceptions while updating any records through LSA. Although changes are being reflected in the system. Attaching screen shot for the exceptions. We have recently mitigated to LAWSON V10. Our platform is ISereis. Any help will be highly appreciated. LASE server log is showing below exceptions. Attaching screen shot for reference.   16-11-01 09:39:57:135 2073 default.SEVERE server.events.ServerRMDataAccessEvent.RMDATA( ): java.lang.NullPointerException Stack T...

Hello, we are implementing LSA as part of our V10 upgrade.  We are having issues trying to allow users access to other user's batch jobs.  What we would like to do is to have for example a member of the payroll department have access to their own jobs, plus access to jobs of other members of the payroll department.  I'm guessing this would maybe be implemented using groups  Any advice is appreciated.  Thanks

Hello,  I have been asked to secure the reason codes when a process level a specific value in order to prevent users from using an invalid reason code. Essentially: If ProcLvl = 'XX' then reason code in ('1','2','3','4','5'), then allowed (ALL_ACCESS), otherwise deny (NO_ACCESS).   I am trying to avoid creating a Group for this. Has anyone done anything like this and/or have some tips   Thanks!

I got sent an email:   'Is it possible to have access to salaried information for the clinics but exclude Corporate.  With the new insurance benefit for employees making less $20 an hour one of the questions that Employee A and B are asked when they do an enrollment is whether the employee makes less than $20 an hour.  Im considering how to give them that information and I would feel more comfortable with them not having access to corporate salaries.  Let me know if this is possible or if I ne...

We are currently working on implementing out system from 9 to 10. I have many users I am needing to assign roles to because in 9 most of our users were set up with no roles in LS, and inheriting security from a lawsoness ONLINE privileged user that was set up in LAUA. I am going into the mass assignment tool and trying to add roles to all users such as the ESSrole. The mass assignment tool says that the operation completed successful, but when I go and look at any users in LSA tool there are ...

I am working on a section of ESS where there is a life events section. One of them is 'spouse employment' From what I can tell it appears that an employee can update if a spouse gets employeed, changes, or is termed from somewhere. They can update the name of employer and address etc.   It looks like it uses the spouse tab on HR11 and writing to ES10 for the family change.   I have ES10 working and updating when an employee makes a change, but for some reason I can not get it to take the in...

A couple of weeks ago, we had reports that the security was not not working properly.  We have the following in a rule: getDBFieldByIdx('EMPLOYEE','PROCESS-LEVEL','EMPSET1',COMPANY,EMPLOYEE) The reasoning for this piece is that employee information for employees in specific process levels is restricted to a small number of individuals.  The LASE and LADB logs were filling up with errors stating there was a database connection failure, and the error even points to getDBField.   default.SEVERE...

I stumbled on a list of programs not in the security setup.  A large number of them are invoked programs, so I looked for security classes with them to figure out what the naming convention/strategy was.  The last time I migrated from LAUA to LSF9 security, we had a plan, but I do not remember what we did with invoked programs.  I think we put them in their own security class by system code and assigned them every time we assigned the files for the system code because the invoked programs would ...

Where is it in Lawson Security that determines that someone can see someone elses print job etc I know in LAUA there is also the parameter you can change for delete update jobs. Where is this in LS as well     Thanks in advance.

ew to lawson, have lawson security admin vers 10, would like to no how do i limit what ALL end users can see in PO20.1, would like to be inquiry only, any help to accompolish this would be helpful.

ew to lawson, have lawson security admin vers 10, would like to no how do i limit what ALL end users can see in PO20.1, would like to be inquiry only, any help to accompolish this would be helpful.

Hi,  I understand that with every landmark application the security roles are pre-delivered . How many roles does GHR has Does the delivered roles are always sufficient to meet the security needs   Regards Jey

We recently had an Infor audit and were found to be out of compliance for several of  the modules we purchased FINPRO,GMHRP and MRBAC.   We bought some Inquiry licenses and new licenses but we are struggling with a way to monitor usage.   Does anybody know of any good tools to monitor Full and Inquiry license usage for FINPRO, GMHRP and MRBAC

Is there a way to setup rules in LS9 so Pay Rates of individuals with certain Job Codes can be hidden    We need the ability for our HR and Payroll people to process and work in HR11, but only allow the managers of those departments to see the pay of executives.  All of the executives have job codes above 8000 and are present in multiple companies and process levels.

Ok, I am needing a report of all users who have a certain Portal Role assigned on their setup.   I know I can narrow those users down using the filter in the security console, but there is no way to export the huge list.    I did not see an option in the security reports lawson offers either. Is there any other way

Prior to Lawson 10, we had were solely LID users and could manage many items, recdef, distribution group maintenance/additions/view members, etc.   When on laua security, it would take them directly to the menu and the tasks could be performed by typing recdef in the form transfer.   Now that we are on 10, the decision to not allow LID access as been made and everyone is LS security.  The issue is maintaining distribution groups or even see members of the groups through Portal.  Lawson has p...

Hello, We are moving from Lawson to Oracle HCM and need to deactivate around 130 Users in Lawson and also delete the 10,000 inactive users profiles.  I am new to Lawson. Could you please let me know how to mass 130 deactivate the Users in Lawson and delete the 10000 Users. Any Help is highly appreciated. Thanks!

Nothing in security reports or logs. Admin account is receiving a security violation in pgmdef when attempting to compile ANY batch program, not 'online' program. The violation appears in place of the 'options' window. I am trying to locate the specific access granted to the delivered SuperAdminRole for each profile, class and object. I believe the object 'might' be element type in ADM. I say 'might' because my security class has it defined, But it can not locate the object rules under DataAreaE...

How do I write a security rule on PA21 that only allow user to add a new competency to itself. I was able to restrict the security to self only but it will not allow to add.

Is there a way to run a report on only ACTIVE users in LSF that have access to Lawson   I know how to run a report that pulls all of the User assigned roles, but its pulling users who are no longer employees.,    Is there a way to filter these out and only pull those who would have an active AD acct

When I go into the Lawson Security Administrator  (version 10) in our production environment, I then go to Report Maintenance and none of the reports are shown.  I even tried to create a report but it doesn't save it.  At the bottom of the screen it says 'Lawson Security Error: Please check log files for details'.  Has anyone seen this before and know the resolution  I'm not sure what log files to check and the Lawson environment seems OK.   Thank you! Allen

When you create your security classes, do you generally have much overlap as far as the forms/tokens  Do you try to minimize that  Is it a headache to have much duplication  We are still testing our security and hope to be using it in production soon, but I am still trying to wrap my head around the best methods.  It's such a beast!