Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Infor / Lawson Platforms
S3 Systems Administration
Monitoring integrity of Infor LDAP vs. AD
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
SteveM
Past 24 Hours:
1
Prev. 24 Hours:
1
Overall:
5330
People Online:
Visitors:
318
Members:
0
Total:
318
Online Now:
New Topics
S3 Systems Administration
Lawson Security Admin (LSA) - Securing Print Manager to self only
10/24/2025 6:27 PM
Looking for someone who would be willing to share
Lawson Add-Ins for Microsoft Office
Lawson Add-in
9/30/2025 6:51 PM
I am looking for a Lawson Add-ins query to add new
Lawson S3 Procurement
Anyone getting PO 0000 not found for company error in PO23?
9/30/2025 2:45 AM
Anyone getting PO 0000 not found for company error
Lawson Add-Ins for Microsoft Office
PO20 - Cancel PO via Add-in
9/25/2025 8:03 PM
Is it possible to cancel PO's using add-ins? I
S3 Systems Administration
S3 Payroll - PayStubs
9/18/2025 6:58 PM
Looking for a reliable solution to streamline the
S3 Systems Administration
Quick Access report
8/25/2025 7:17 PM
Looking for a good way to see who has access Lawso
S3 Customization/Development
LP01 hiding a PTO plan from the list
8/13/2025 4:44 PM
Hi all. is there a way to hide a specific PTO&n
Lawson Business Intelligence/Reporting/Crystal
GLTrans - PO Line/MAInvdtl
8/6/2025 6:13 PM
Hello, we have an existing tabular model for fina
IPA/ProcessFlow
Retrieving GUID from InforOS
7/25/2025 2:22 AM
Hello everyone, I was wondering if there is a way
IPA/ProcessFlow
IPA for forwarding cost messages (MA64/MA66.3)
7/23/2025 6:07 PM
When a buyer has an invoice cost message where the
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3293
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1377
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
Infor / Lawson Platforms
S3 Systems Administration
Monitoring integrity of Infor LDAP vs. AD
Please
login
to post a reply.
3 Replies
1
Subscribed to this topic
27 Subscribed to this forum
Sort:
Oldest First
Most Recent First
Author
Messages
Joe O'Toole
Veteran Member
Posts: 314
1/31/2014 2:31 PM
We have an automated process in place to provision Windows AD accounts from an HR Employee feed file and process the resulting return file with the Loadusers utility to create the LSF user identities. We occasionally end up with a missing identity either due to a failed process or corrupted LDAP entry and would like to develop an integrity process to identify this before the user finds out they cannot log into EMSS. We already load a database table with the account data coming back from the AD provisionning process and run a number of checks such as verifying all actives in S3 have an AD account, there are not multiple ID's for the same employee, etc, etc. The piece we are missing is how to verify the integrity of records in the Infor LDAP. Has anyone developed an automated process to monitor this by dumping out the Infor Identity or SSOP records? I used SSOCONFIG a few years ago to dump data for an audit, however it was an interactive process to run through the menu options at that time. Our environment is LSF 9.019, Microsoft Adam and we are bound to AD. Thanks for any suggestions.
John Henley
Posts: 3362
1/31/2014 2:57 PM
Split
I have a couple of those features in Examiner for Lawson S3 (
https://www.danalytics.co...nerforLawsonS3.aspx)
Specifically, duplicate identity assignments (e.g. employee identity assigned to multiple RMIDs) and LDAP Bind orphans (in Lawson LDAP but missing in LDAP/AD).
Is what you looking for a way to validate that all users in Active Directory are also in the Lawson LDAP (i.e. LSF orphans)?
Joe O'Toole
Veteran Member
Posts: 314
1/31/2014 3:13 PM
Split
Thanks John. Yes we are looking to validate that all AD users are in the Lawson LDAP and that the have both an identity and SSOP entry. I also use Loadusers to delete records from the Lawson LDAP as employees are termed, however it would be useful to identify Lawson LDAP records that are not in AD so we can remove them. I've been asked to develop a process using Infor supplied utilities before looking for a 3rd party package. Can SSOConfig be run in batch mode to dump the identities?
John Henley
Posts: 3362
1/31/2014 4:10 PM
Split
ssoconfig does have an export (to CSV) command line option in some of the latest versions (not sure exact versions, but it is not in 9.0.1.8 but is in 9.0.1.12 as well as 10.0.3).
Please
login
to post a reply.