Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
General
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Kyle
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5219
People Online:
Visitors:
334
Members:
0
Total:
334
Online Now:
New Topics
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3291
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1372
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Forums
General
Forum:
SOx Compliance
To join the discussion you need to
register
first. (Registration is free!) If you are already a registered user please
login
to join the discussion.
Search this forum:
10
Subscribed to this forum
Topics
Replies
Rating
Status
Views
Subscribers
Last Post
Lawson Admin and Superuser access
Started By
Pragya Jain
Hi, we are auditing Lawson Security (both 9 and 10 versions) and need help in understanding the admin roles: Which roles can add / remove users and change roles for other users Which roles are considered superuser/all-access type roles Thanks for the help! :)
3
33239
2
by
JudeBac
6/26/2018 1:43 PM
Use of sudo
Started By
Unix-dude
I'm a consultant, with background as a Unix administrator. My team is doing a security review for a client and looking at a Lawson installation on AIX. My client makes heavy use of sudo, a tool that doles out root privileges to specific users. Looking at the sudo logs, this is what I see dozens of instances of Lawson users executing 'sudo su -', effectively becoming root complete with a hash prompt, creating users with the 'useradd' command even though the system uses LDAP authentication work...
4
27020
1
by
Unix-dude
10/17/2016 12:37 PM
MA60: Who owns it?
Started By
TerriS
I think it's a simple question. Currently, AP monitors our MA60 screen, but MM wants it. I'm just curious .... Who monitors the MA60 screen at your place of business
2
27306
1
by
Kat V
5/26/2016 3:01 PM
LS Rule Text for SoD?
Started By
joemurrell
Hello, I'm assisting a client with a SoD exercise for Lawson. I've received a system extract of security settings and am looking for a list of the 'rule texts' Does anyone have such a list or know where I can find one For example, one of my rules states: cn=-200558ae:12e3f966408:-7f68,cn=Rules,cn=PRD,cn=Profiles,o=lwsnSecData,o=lwsn,dc=,dc=com lwsnLSXMLText:I,N,P lwsnLSRuleType:RULE lwsnLSRuleText:'I,N,P' lwsnLSRuleId:-200558ae:12e3f966408:-7f68 The clie...
0
5296
1
12/4/2014 6:31 PM
Command Line Access
Started By
Deleted User
We want to better secure the command line access to our lawson server. We tried to turn on the server windows firewall (server 2008)....but that blocks all LID access. We would like to create a rule in the firewall to allow certain admin users or their pc 's that will allow the LID exe to run (univwin64.exe) Does anyone know how to do this. OR what other solutions can I implement, for SOX compliance - to show that only admins have LID Command line access
0
4612
0
6/16/2014 1:03 PM
Lawson Admin Segregation of Duties
Started By
Deleted User
We're being pressured by auditors about breaking up into two the Lawson Admin who puts something (mod/CTP/Env Patch) into our Test environment and the Admin who puts it into Production. Our practice has been: 1. Dick puts quarterly patches into test; Harry puts environment patches into test. (user testing occurs) 2. Dick then puts quarterly patches into prod; Harry puts environment patches into prod. (All Lawson Admins have keys to test and prod e.g. the lawson password.) Auditors woul...
3
26317
0
by
Deleted User
6/10/2014 1:33 PM
File Change log - Windows
Started By
Deleted User
We are being asked to provider a summary of Lawson files that are changed and/or updated. I believe audit concerns are when a program code is changed due to a patch...or a user changing the source code. Do you know of any software that would monitor these changes
4
26620
0
by
Deleted User
3/21/2013 6:19 PM
Using a generic userid for processing
Started By
John Henley
I wanted to poll the community and see how clients who are subject to SOx are dealing with daily/monthly processing. In various organizations I have consulted with, the daily/monthly scheduled jobs are usually run using a general userid, rather than being tied to a specific user. The advantage is that, given normal turnover, the jobs do go away when the employee terminates. In addition, the jobs / reports are accessible to a generic userid in the print manager, etc. This disadvantage is that,...
14
47510
2
by
Ashish Karkera
6/10/2012 4:07 PM
Mandatory field settings for master data
Started By
anton lissone
I'm relatively new to M3 Lawson and currently working for a client that uses M3 as their primary ERP system. We have designed an Internal Control framework that contains many controls that depend on the Lawson system. One of which is Mandatory settings of fields in the customer/vendor master data. What i would like to check is how i can set/change which fields are mandatory while creating a new customer/vendor What function do i use to set this up
0
6227
1
2/14/2012 7:52 AM
Lawson customization change mgt under L9.0.1.7 - best practice
Started By
Steve
We customized a few base Lawson screens, reports, use B/M/E exit programs for Lawson data and external systems...20 objects - we formally used a mod library ahead in the lib list and used Aldon to move from Dev to Prod - now its mostly on IFS - we don't want to upgrade Aldon for a few objects. Anybody develop a method for accurately and IT audit-passing (audit trail) for change mgt on the AS400 Thanks in advance for all thoughts and experiences !
1
25360
0
by
Mark F. Hardy
8/1/2011 8:02 PM
SOX compliance - Lawson 8.0.3
Started By
mka
Hello, I am new to Lawson, We have Lawson 8.0.3 on HP UNIX 11.23 and Oracle 10g. As per SOX, we need to comply the password policy such as 90 days expiration/password length/history etc.. Is anyone done this I have few thoughts on this. 1. Is there any way we can tap in to company Active Directory or call windows API 'NetValidatePasswordPolicy' for the Lawson users 2. Is there anyway we can modify java code in the logon.htm (OR modify any other file) fo...
3
25606
0
by
John Henley
7/15/2011 12:31 PM
Default Lawson logins
Started By
Deleted User
For my SOX testing, I need a list of default Lawson operating system logins. Where can I get that Does it depend on the module, or is there some consistency Thanks! Nancy
4
26140
0
by
Vijay S
5/29/2011 7:23 AM
Where and what objects to look for to review program changes - directory and file permissions in Unix
Started By
lidersuper
I am auditing IT general controls for a Lawson GL application. I have normally looked at PD, WS, SCR, RPT, and PGM file extensions under the PROD and SYSTEM Unix diretories to review the population of program changes during a fiscal year. 1. Should I also be looking at other file extensions (.xml, .gnt ..) and other directories to identify production objects that have been modified and that could change the way the application performs calculations or reports 2. Most of the files in the ...
1
26337
1
by
Roger French
7/7/2010 6:44 PM
Extracting a list of Lawson user IDs
Started By
Deleted User
How can I extract a list of users from Lawson Better yet, does anyone know the name of the table that stores the user information (username, user's Security Class, active/inactive, etc.) This client does not have Monarch, so I'm hoping I can have their DBA run a query in Oracle if there is no easy way to do it straight from the app itself. Thanks-
8
48547
4
by
Deleted User
4/17/2009 11:47 AM
Screen Names
Started By
k-rock
Does anybody have a way to get a listing of screen names I grabbed the data dictionary here and that was great for the 'program code', but I am looking for the more specific names of each form. For example: GL20 in the data dictionary is 'Accounting Units', but GL20.1 is 'Accounting Units-Account'. That second name is the one I am looking for now.
4
38959
0
by
k-rock
3/6/2008 1:01 PM
Security Class Review
Started By
k-rock
How do people do quarterly access reviews of each security class in LAUA Anybody have anything better than the paper reports from LAUA
7
37450
2
by
John Costa
12/18/2007 1:44 PM
Paint Screen
Started By
christopherkeane
Hi Everyone, I am new to this forum and Lawson. I have searched the web and found that this and LawsonTalk have been very helpful on getting me up to speed. A little about myself, I work with an accounting firm and spend the majority of my year assisting our clients Internal Audit departments prepare for their external auditors. My focus is SOX compliance. Well, my company has a large knowledge library for all applications apart from Lawson, so i have come here in search of ...
4
38606
1
by
christopherkeane
11/15/2007 12:35 AM
To join the discussion you need to
register
first. (Registration is free!) If you are already a registered user please
login
to join the discussion.
General
--Dealing with Lawson / Infor
--SOx Compliance
--Career Development
--Staffing
--Hosting / Cloud
--User Group Announcements
Infor / Lawson Platforms
--Lawson Landmark
--S3 Systems Administration
S3 Security
--M3 Application Foundation
--M3 Workplace Foundation
--Infor CloudSuite
User Experience
--Lawson Portal
Lawson Design Studio
--Lawson Smart Office
Mashup Designer
--Infor Workspace
--Infor Social Space
--Lawson Add-Ins for Microsoft Office
--Mobility
--Lawson Enterprise Search
Integration / Customization
--IPA/ProcessFlow
--Infor ION
--S3 Interfaces/Conversion
--S3 Customization/Development
--S3 Application Upgrades
Human Capital Management
--Lawson S3 HR/Payroll/Benefits
--Infor Global HR (GHR)
Financial Management
--Infor CloudSuite Financials
--Lawson S3 Financials
--Lawson M3 Financials
--Infor FMS
--Lawson Services Automation (PSA/SA)
--Lawson Budgeting & Planning
Expense Management
--Infor Expense Management
--Lawson Time & Expense
Enterprise Resource Planning & Manufacturing
--Lawson S3 Procurement
--Lawson M3 Manufacturing Operations
--Infor ERP (Syteline)
Supply Chain Management
--Infor SCM
--Lawson S3 Supply Chain
--Lawson M3 Supply Chain
Enterprise Asset Management
--Infor EAM
--M3 Enterprise Asset Management
Performance Management
--Lawson Business Intelligence/Reporting/Crystal
Smart Notification
--Lawson M3 Business Performance Warehouse
--Lawson Opportunity Analyzer
Lawson Healthcare
--Cloverleaf
--Lawson MediSuite
--Analytics for Healthcare
Job Fair
--Positions Available
--People Available
LawsonGuru.com
--LawsonGuru.com Support