Looking for folks who have used LS9 Accelerator templates, who would be willing to share their experience with them.   I have several questions, actually; so I won't try to list them all right now.   Wondering if anyone who has experience with them might be willing to chat, via phone call    If not, perhaps we can just dialogue here. We are located in Winston-Salem, NC; we have approx. 1,000 Lawson financial users, with about 100 laua-defined Security ...

If user enters an invalid user name, then the name and password are cleared and message 'Invalid username or password. Please try again.' is displayed. If user enters an invalid password, then the name and password are cleared and no message is displayed. Has anyone run into this  Is there a way to correct this Ideally an invalid name and/or password give same error message to the user.

How to grant access to other's Print Manager in LS9 security

I can use this function to find a user's group attribute and then limit them to seeing jobs/prints of users within their own group.  This works, but not if the user has multiple groups assigned to them. UserName==user.getHostServiceId()||isMemberOf(user.getAttribute('Group'),UserName) 'All_ACCESS,' else 'NO_ACCESS' How can I do this so that it checks all of the groups assigned to the group attribute

We have been having security violations with Payment Modelling in ESS.  The rule is: if(isElementGrpAccessible('COMPEMP', '', 'PR', form.EMP_COMPANY, form.EMP_EMPLOYEE))    'ALL_ACCESS,' else    'NO_ACCESS,' We have tried using lztrim and trim.  So far, we have not had any success.  We had to build an Element Group COMPEMP with company and employee. I would appreciate any ideas. Thanks!

We are going from LAUA to Lawson 9 security.  Our financial modules used the Data Security.  Since data security is tied to the SC field on the screens, LAUA leveraged that.  Is there something similar in Lawson 9 security  Do I have to look at each transaction we use to see if it is using company/process level security  Our consultant suggested we use the CompanyControl and AccountingUnitControl attributes, but we would have to maintain that.  We thought about pu...

I am attempting to remove a couple of custom attributes via the Lawson RM Schema Editor. My understanding is that making the change via the schema editor only puts the change in a “temporary” location and the actual change needs to be generated via ldifgen and then loaded via ldapmodify.   My question is really on the ldifgen command.   Here is the command I am planning on running:   ldifgen xmltoschemaldif RmMeta_Default.xml -f schema.ldif -r reorg.ldif -m updat...

I am trying to write rules in LS9 for granting access to a range of companies or process levels.  An example would be 1000 to 1299 and 4000 to 5999.  And oh by the way I need access to company 15 too. ProcessLevelControl and CompanyCompany in RM only accept values like 1000, 1001, 1002, etc.  It would not be practical to load up all of those values in that method. I can't find any documentation on ProcessLevelControl or CompanyControl in any of the Lawson manual or Inforxtre...

I need to secure the PA52 to one action code for a user.  I defined an element group for the PA action code to limit the list available to the user. The functionality is working to allow the user to add, change and delete an action.  However, the next and previous functions are returning a security violation.  The security class had permission to PERSACTYPE, PERSACTION and EMPLOYEE.  We do not have security on company or process level. Any ideas about what security...

Hi all! I'm needing to restrict the values that are available for selection on the GL95.1 screen under the Major Account.  I was to restrict it so that only one account is available for selection. Apparently the fields are FR-ACCOUNT and TH-ACCOUNT. Neither of them seem to be defined as an element. Any ideas on how to restrict the field Even the ability to only allow that value to be inquired upon would work. Thanks

We have a fairly large Security Structure and there are plans to add hundreds of additional nodes. I have dumped the structure and have been reviewing the data within LDAP and am wondering if anyone has manually created an xml or ldif file to load via ldapmodify The item that has me hung up is mapping the following fields: zzlwsnattrLineage zzlwsnattrParentNode Thank in advance. Chad

Getting an error with ldapbind in an environment that is normally not ldapbound, but we are binding in order to test a few things.  I have run the ldapbind in this environment before, and feel confident in my procedure.  Note - I was in LID when the ldapbind encountered the error message, so I cannot guarantee I got the same message shown here.  I ran the ssoconfig -l of the backup file in an SSH client when I got this message.  Any ideas/help would be greatly appreciated. ...

What's the best way to restrict access on the AP forms so that only 1 particular company is selectable We had developed a separate security class to restrict all forms to 1 company, however, we discovered they need access to the other company for their employee self service work. Thoughts

Folks, I'm hoping someone can help with this one.   I'm working with LSF 9.0.1.10 security administration.  I'm trying to define AC40 and AC45 security so that a user will not be able to release their own transactions.   There is a nice example of how to do this in GL in 'Implementing Lawson Security'.   I'm afraid I'm stumped by AC.   Has someone done this successfully that would mind sharing the solution   Thanks in advance for any time ...

I am trying to block users from seeing vendors of a certain class, and invoices and other information related to those vendors. As an example, I am using on APVENMAST   if(trim(table.VEN_CLASS)=='PT')  and on element VEN_CLASS  if(VEN_CLASS=='PT') This is good if I am using the Inquire button, but Next and Previous let me get to vendors that I don't want to see. Also, I want to block this vendor class system-wide.  If I run something like AP230, I get invoices ...

We are moving to Lawson 9 security.  We have run into a couple issues with utilities and menus used for development.  We are getting security violations for tmcontrol, but I do not see were it is located.  Also, we gave access to laenv and latools, but we receive the message 'LAPM Does Not Support LS Users.'  How do we get around this

Has anyone successfully put in a security rule or process to allow a user to see his/her own jobs ONLY (and no one else's) in Job Scheduler This is using LS Security, NOT LAUA. This is for v 10.0.x and also v9.0.1 I've put in the rule in the UserName element in the Batch class which is part of the GEN security profile: if(UserName==user.getHostServiceId()||isMemberOf('BatchUsers',UserName))    'ALL_ACCESS,' else    'NO_ACCESS,' CheckLS=Yes for all users; sec...

We are creating a role for our Help Desk so that they can assign roles to users.  They are restricted from doing other things such as creating or modifying classes and roles.   Is there a way to prevent them from being able to assign certain roles  For example, the SuperAdminRole is restricted to only a few administrators.  We do not want the Help Desk to be able to assign this role to anyone, or give themselves access to that role.

We are planning to upgrade to LSF9 next year.  Can you give me an estimate of how many professional service hours might be needed

We want to be able to give a few users Read Only Access to the data in Lawson Security Administrator.  Is there a way to do this

I recently added 2 new attributes (secLevel and secLocation) to the People schema using the Lawson Schema Editor. I ran ldifgen  and ldifde to load the changes into LDAP as outlined in the Lawson Administration: Resources and Security manual. I then stopped and started the Security Server as instructed. The new attributes showed up in the Security Administrator forms but did not show up in the Process Flow  Resource Update build menu. I then stopped and started all of the ...

Lawson 10 environment here, not yet in production.  We have ldap bind set up to AD, which was was done by consultants. I'm curious how one changes it to be a secure connection  I could be wrong, but based on my experience to date, I can't imagine that the system will know that changing the port to 3269 means to switch to secure ldap automatically.  I'm not planning on doing this along, but I heard through the grapevine that the consultant said it's not recommended to go that r...

We applied some LSF patches to our 9.01.10 and after that have problems with PR36.  Customers can add the form, but if they try to add a new line to an existing form it's like the keyboard isn't working any more, they can't type anything onto the new line.  I found that removing the Security Class on the PROCLEVEL element group solves the problem, but of course we can't do that.  Has anyone found this problem and solved it

We're migrating platforms and environment release levels (Win03 -> Win08 & Env 9.0.1.5 -> Env 9.0.1.11).  The process of loading, configuring, and testing the new production environment will last about 6 weeks.  Secload was used initially to enable testing, but I'm thinking about the best way to load the latest LAUA security changes from current production to the new environment.  If we opt to continue processing security change requests in production (including new and t...

We are about to move from LAUA to LS9. I noticed that there are Lawson delivered security classes. There seems to be no way to rename them. Has anyone deleted all Lawson security classes before adding your company security classes Thanks, Jude