Security Files

 10 Replies
 0 Subscribed to this topic
 15 Subscribed to this forum
Sort:
Author
Messages
kmooney
Basic Member
Posts: 6
Basic Member
    I'm trying to make a query to pull most of the info that can be found on the tknsecrpt but there are parts that the powers above don't care to see. We are currently on 7.2.2.4 if that is going to make a difference in the file names.

    Basically need to see by Sec Class what forms and options on forms each sec class has access to.
    John Henley
    Posts: 3353

      Hi Kevin, you have just a few options available.

      You could probably run the tknsecrpt output thru some sort of script or something to remove the parts that your folks don't want to see. I know some clients who use Monarch to do that.

      As for straight queries, you can query against the GEN tables using DME, etc. But since LAUA security is "subtractive", you can't just query against a table to find out what a user has access to--you really need to query against TWO tables, one to get the entire population of forms, and then the second to figure out what the user doesn't have access to. If you want to see a sample of what I did, see https://www.danalytics.co.../archive/2006-08.htm


      Some other posts have touched on this topic as well:

      https://www.lawsonguru.com/Forums/tabid/96/view/topic/forumid/8/postid/130/Default.aspx

      https://www.lawsonguru.co...tid/747/Default.aspx

      Thanks for using the LawsonGuru.com forums!
      John
      k-rock
      Veteran Member
      Posts: 142
      Veteran Member
        Have you tried running the Form ID Security Report from within LAUA? Monarch is extremely helpful in parsing out the data, but you can do it a class at a time with Excel. I also have built an application that does pretty much what you are asking for. I could probably cut it down to sample size and let you try it.
        kmooney
        Basic Member
        Posts: 6
        Basic Member
          Ya I have ran the Form ID sec report. But there are a few fields on there that they don't want to see, and a few others that they would like added like form desciption and stuff like that. If you would have a sample application I could try that and see if it would work.

          Thanks
          Kevin
          k-rock
          Veteran Member
          Posts: 142
          Veteran Member
            perhaps it would be easier if you contact me directly

            kellyd.green@target.com
            SSChoon
            Basic Member
            Posts: 4
            Basic Member
              Kevin,
              I was wondering if you got this to work??? I am writing a Security Report in 2005 SQL Reporting Services for our auditors that will show each form and the users that have access to that form along with what access options each user has to that form. I found a list of Security files in lawson 7.226 but when I query the USERSCR file, it is not showing me all of the secure forms that we have and it only show the option that the user does not have access to. Which files do I need to join and how do I determine which options the users has on each form???
              Thanks!
              kmooney
              Basic Member
              Posts: 6
              Basic Member
                Hi Steve,

                After talking it over with the people involved they decided that they only wanted to see what forms they had access to, not all forms as they were getting before. After I ran tknsecrpt showing only unsecured forms it showed all the info that they wanted to see. So I just ran it by each sec class for only unsecured and that was all that they wanted so I didn't need to do anything other than that.
                SSChoon
                Basic Member
                Posts: 4
                Basic Member
                  The Auditors want a Web based report that they can select the form and be able to see ALL users that has access to a particular form and they want to see what access each user has. I found a list of the 14 lawson security files but I can go into Lawson and find users that have access to certain form but it is not showing up in the lawson security files and I also can't find the security options for that form.
                  SSChoon
                  Basic Member
                  Posts: 4
                  Basic Member
                    John,
                    I went to this link https://www.danalytics.co.../archive/2006-08.htm
                    but I did not see the TWO Tables you were talking about. I have looked at the USERSCR table along with the USER table and the USEREXE but when I go to Lawson Form Security I see a form called NU16.1 and it has +-ACI form access but I cannot find this information in any of the Lawson Security files. Do you know how to join these tables together so I can get the information I need????
                    Thanks!
                    John Henley
                    Posts: 3353
                      Steve, sorry if that article was confusing...what I was primarily trying to demonstrate was the use of AGS / DME calls from Visual Basic; one example I used is the retrieval of security information from GEN in order to present a list of accessible forms.

                      Since I've never heard of NU16, my guess is that this is a custom form which was probably built with QuickPaint. Those types of forms are stored in yet a different set of GEN tables. Try looking in RPTPROC.
                      Thanks for using the LawsonGuru.com forums!
                      John
                      SSChoon
                      Basic Member
                      Posts: 4
                      Basic Member
                        John,
                        The Nu16 is one of our screens and what I found out is that that screen is UnSecured but any Security Class that has Access to that NU16 program has Full Access options to that screen. the RPTPROC file is empty. There seems to be 3 primary files for security which is USER, USERSCR, and USEREXE. The USER is the User and the Security Class and the USERSCR file seems to be ther screens that have been secured and theUSEREXE seems to show Security Class and the screens that Security Class doe not have access to. How do I find out which Access options each for has????