Prev
Next
Forums Infor / Lawson Platforms S3 Security

Prevent Users From Deleting Jobs In Job Scheduler

 4 Replies
 0 Subscribed to this topic
 15 Subscribed to this forum
Sort:
Author
Messages
Jeremy
Veteran Member
Posts: 129
Veteran Member
2/24/2014 9:37 PM
    I'm being told by our security team that you can't give access to Job Scheduler and prevent users from deleting a job that is in "Needs Recovery."

    I did some very basic LSA work a while back and I thought this was an option.  I no longer do this work, but if possibly, I'd like to pass along to our team how to do this.

    Is it possible to simply take away the "delete" option?

    Thank you!

    Version is 9.0.1.11 I believe.  
    Scott Perrier
    Veteran Member
    Posts: 39
    Veteran Member
    2/24/2014 10:14 PM
      In LAUA, the user profile has a field that will not allow the user to delete update jobs. in LSA, i know you can limit who can see the jobschd, but i am not seeing where you limit update job deletion.
      Gina
      Posts: 5
      2/25/2014 1:47 PM

        FOR LSA (not LAUA) accounts we did the following:

        To remove the ability to perform the Delete function on a Waiting, Active or Needs Recovery job, for the majority of users, we modified the existing ‘Batch’ Security Class in the GEN Profile, by writing an Unconditional Access for Action rule on the QUEUEDJOB file that prohibits job deletion by giving access only to the following functions:

         

        1.       A - Add and Submit a job

        2.       I - View a queued job

        3.       M - Delete a Completed Job

         

        Then we created a new Security Class called ‘BatchWithDelete’ in the GEN Profile, which inherited all of the security of the ‘Batch’ Security Class, but granted ALL ACCESS to the QUEUEDJOBS table.   The ‘BatchWithDelete’ Security Class was then assigned to a new role ‘BatchWithDeleteRole’.  That new role was then be assigned to the specific user accounts who were identified as needing the ability to delete Active, Waiting or Needs Recovery jobs.

        Jeremy
        Veteran Member
        Posts: 129
        Veteran Member
        2/26/2014 1:27 PM
          Gina,

          Thank you.  This sounds pretty close to what we are needing.  But, after talking to some more people, it sounds like we are also needing the ability to prevent users from going into the Job List and delete and also prevent from running jobs from here.

          So, is there maybe a way to do like you suggested and then also prevent users from accessing the Job List screen?
          Gina
          Posts: 5
          2/26/2014 3:08 PM
            I am not sure how to secure the joblist form.  When I open the joblist in a separate window from the Lawson Portal bookmark, I see the following at the end of the URL:
            /index.htm?_URL=reports/joblist.htm

            Usually when you have a standard form the URL looks like this:
            /index.htm?_URL=LAWFORM|PDL=LAWSON|TKN=MA66.3|ID=MA66.3

            So I am not sure where to find the executable for report/joblist.htm in order to secure access to it.  This may be a question for Infor support.