Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Performance Management
Lawson Business Intelligence/Reporting/Crystal
LBI Security setup
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Saef
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5226
People Online:
Visitors:
342
Members:
0
Total:
342
Online Now:
New Topics
User Group Announcements
Carolina User Group Meeting
12/20/2024 3:15 PM
Date & Time: February 6, 2025, 8:30am - 4:00pm
S3 Systems Administration
ADFS certificate - new cert
12/3/2024 9:38 PM
The certificates on the windows boxes expired and
Lawson S3 HR/Payroll/Benefits
Post Tax Benefit Plan Table
11/14/2024 9:16 PM
Hi, totally new to Laswon. I have a repor
Lawson S3 Procurement
ED501 Error: Map 850 not supported by /law/c15vda/lawson/test10/edi/bin/laws_out_91
11/12/2024 3:47 PM
Tried runnning ED501 and getting the atathced erro
Lawson S3 HR/Payroll/Benefits
Error
11/6/2024 9:54 PM
When I try to enroll a retiree in 72.1 health plan
Infor ERP (Syteline)
Syteline: New Data Maintenance Wizard (Error) Need help
11/1/2024 4:24 PM
Hi, I need help with an error on syteline while us
Dealing with Lawson / Infor
Implementing Lawson v10 with Cerner Surginet, Case Cart Picking, and Quick Adds for the OR
10/29/2024 4:20 PM
Hi Everyone, I am wondering if there is any org
Lawson S3 HR/Payroll/Benefits
Canada Tax Calculation (Federal and Provincial) Issue
10/23/2024 5:00 AM
Initially, we had problem with CPP2 calculation is
Lawson S3 HR/Payroll/Benefits
CA Section 125 401k Plan
10/22/2024 10:13 PM
Does anyone have any recommendations on how to fac
S3 Systems Administration
Running AC120 deleted records from ACMASTER table
10/22/2024 3:40 PM
We recently ran the AC120 as normal and somehow it
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3291
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1372
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
Performance Management
Lawson Business Intelligence/Reporting/Crystal
LBI Security setup
Please
login
to post a reply.
7 Replies
0
Subscribed to this topic
22 Subscribed to this forum
Sort:
Oldest First
Most Recent First
Author
Messages
Ruma Malhotra
Veteran Member
Posts: 412
3/24/2011 6:47 PM
Just one week to CUE and I am wondering how different users have setup LBI security through the use of report security groups, custom groups, groups defined in LS9 security or through just simple user ids.
Since I am not very smart, I am struggling to define best practices for setting up security that will be maintained through different LBI version upgrades, migrations to new hardware and LBI security reporting from the reporting tables to provide to business owners . Please don't go harvard on me and share simple ideas of why certain methodology was adopted in setting up security for both framework and reporting services.
Thanks in advance.
Ruma Malhotra
Veteran Member
Posts: 412
3/24/2011 8:10 PM
I am going to rephrase my question and ask whether there are ceratin best practices or methodologies to set up users for LBI security ? If so what are the reasons behind adopting this methodology ?
Roger French
Veteran Member
Posts: 549
3/24/2011 9:17 PM
Yes you are smart. Don't let anyone tell ya differently.
I have to say, I did like your phrase "don't go Harvard on me". That is too funny. I don't think anyone from Harvard was responsible for designing/architecting Lawson but I could be wrong.
I'll go Community College on you and say: do what is best and right for your company. Everyone's got a different methodology or best practices, or maybe some have none. Or even too, build your own methodologies or best practices. Whatever the end result is, it just has to secure your reports accurately.
If you want my advice I would say take some time to analyze your needs, maybe even on a small group or sample first. Not your entire user population. Then build a working model or proof of concept based on that small group. Then build up from there. Oh, and yes CUE should be invaluable to you networking with other SME's and users about this subject.
Good luck,
Roger
George Graham
Veteran Member
Posts: 201
3/25/2011 11:45 AM
It also depends on how you are using groups is Lawson Security for other purposes and how cluttered that can get. I recommend that you use a standardized naming convention for the LBI groups (maybe prefixed with LBI - see, I went to Oklahoma State!).
My suggestion is usually not to use the security group setup within LBI soley for the purpose of having a single database of record for security setup. I've seen people get really confused having to define part of the LBI security in one place and part in another. I don't generally see a real arguement for segregating the membership for report access and dashboard access.
Also a big proponent of steering away from any named user access to anything - and I may draw some debate on that. But take the example of a single report that is delegated to VP of Finance. The notion is really that the report is directed to that position - not the person. If that person were to leave the report will still need to be delivered to that role when filled. In the case of a named user approach the new hire will have to be assigned a group for navigation to dashboard, or at worse case as a named user on the dashboard again. Then the access on the report would also have to be changed. With group/role defined approach all access is managed from with Lawson Security - and in some circumstances where access is being granted by automated scripts or process flow then nothing in LBI needs touched to maintain this access control.
But I agree with Roger - security is one of those hard items to label with "best practices". A lot of it has to do with demand from internal and external audit, etc...
mark.cook
Veteran Member
Posts: 444
3/25/2011 12:26 PM
Not to try to get more people signed up for my CUE presentation but I am doing one this year on Debating Rights vs Structure in Reporting Services. I have taken it from a report/speed perspecitve but feel it drives some security discussions.
I had planned on it being a debate format wtih lots of input from everyone. It might spawn some good exchange on what everyone is doing and how they make it work for their organization.
I know it is slightly off topic but would love to have that discussion with others at CUE about how they use the system and what works best for them. It seems I get into these conversations every year at CUE.
While your at it sign up for Ruma's LBI presentations. I plan to try to make it.
Ruma Malhotra
Veteran Member
Posts: 412
3/25/2011 1:34 PM
Mark - That's great to have your presentation in the form of a discussion. I know that a lot of people will speak up and talk about how they have implemented LBI security in different ways. This is an excellent topic of discussion and I wish LBI elite from lawson will be there as well so they can answer our questions along the way. You are always ahead of the game and so is your topic at CUE.
Also I do know that Lee kilmer is having a roundtable on LBI on wednesday and I plan to attend that and ask him a few questions about best recommendations from Lawson on setting up LBI security not to mention that a group of us, as per Mark's original idea, can approach Lawson and other members to talk about some of the challenges that we face with setting up security and I will name some challenges.
1. On Version LBI 904 and 9041 if you have security setup on the dashboard level and when you hit save on sharing all the roles will automatically cascade to every module defined on the dashboard and link. If we have different modules setup to address different reporting needs for different groups for eg. Module called
compensation that includes pay information for every employee in the organization.
Terminations for employee relations
DOB information on employees for audit.
All these different reports now belong to different groups and the compensation team should not see reports belonging to employee terminations and vice versa. But with framework services there is no way to restrict the modules when you add new roles every day at the dashboard level ,since security cascades.
So there is real need to restrict the data based on reporting services. On reporting services the use of report security groups, custom groups or simple user-ids and we talk now of a regular user not management that accesses reports, and how to set that up so that when we migrate to new versions of LBI as well as migrate LBI to new hardware all the security migrates seamlessly.
In fact Mark I plan to sign up at the Lawson booth to have a discussion on LBI security and will let you know so we all can input all the challenges we face on setting up as well as reporting out of Lawson for security.
Thanks Mark for publicizing my presentations At CUE. Just remember this is my first time and I will be nervous like hell.
TracyO
Veteran Member
Posts: 97
3/25/2011 3:18 PM
Ruma & Mark
could you share the date and time of your seesions?
Thanks
Tracy
mark.cook
Veteran Member
Posts: 444
3/25/2011 4:31 PM
Tracy,
My Session Name: The Great LBI Debate- Structures or Bursting by Content
Date: Monday, April 4, 2011
Time: 4:00 PM - 5:00 PM
Session Code: UPPC03
I have info prepared but will allow the flow of the discussion to take us around to help those out who attend. I plan is to get as much feedback and input on how people use the system to debate pros and cons to different approaches.
Please
login
to post a reply.