|
|
|
|
|
|
2 Replies and 1264 Views
granting acess/Revoking acess on Lawson Forms - Automation 1264 2
Started by Vijay S
Hello everyone,
Is there a way to automate the process of granting access/revoking access to a lawson screens (LAUA). I have a requirement to automate the process granting/revoking access to lawson forms for a particular user class. I guess I need to access some table in GEN for the same.
Can someone suggest or give a headstart.
Thanks,
Vijay
|
|
|
|
2 |
1264 |
by Vijay S 02/09/2013 2:09 AM |
|
5 Replies and 2314 Views
Finding drill around tables 2314 5
Started by Ari
In order to secure tables used in drill arounds, we have to search the .or files to find the associated tables; has any come up with an easier method to find the tables associated with a drill around
|
|
|
|
5 |
2314 |
by Jimmy Chiu02/04/2013 9:10 AM |
|
0 Replies and 851 Views
AllowUserScript 851 0
Started by Mary Porter
How do you give a user AllowUserScript access in LAUA
|
|
|
|
0 |
851 |
01/31/2013 1:00 PM |
|
4 Replies and 2220 Views
LDAP Bind 2220 4
Started by Mick
Hello,
Looking for some direction on how to perfom an LDAP Bind.
Pros
Cons
How long does this process take
We are AIX 6.1 in test
9.0.1.8, MSP6
ADAM container.
Any help would be greatly appreciated.
Thank you
|
|
|
|
4 |
2220 |
by Kwane McNeal01/24/2013 2:14 PM |
|
3 Replies and 1231 Views
Job Scheduler-user not in user list 1231 3
Started by Deleted User
I have a user that contacted me today regarding a AP job that was stuck in waiting. I logged in as Lawson went to the job schedule screen but wasn't able to find this user in the user name drop down. What would cause a user not to show up in the list and how can I fix that
|
|
|
|
3 |
1231 |
by Deleted User01/23/2013 7:41 AM |
|
0 Replies and 960 Views
Lawson Security - HR11 FillDefaults 960 0
Started by BrianP
We use HR11 for New Hires and use FillDefaults functionality on the Assignment tab after keying in the Position number. A Security violation message is displayed when attempting to use FillDefaults. Full access to HR and PA have been granted. Has anyone seen this before We currently use the same process in LAUA without any issues.
|
|
|
|
0 |
960 |
01/14/2013 12:24 PM |
|
8 Replies and 1918 Views
LAUA disappearing? 1918 8
Started by Greg Moeller
Is LAUA disappearing with the upgrade to Infor 10 or will admins still be able to get to jobdef via LID.
Is there a way to call jobdef (with all of the options) via Portal Or is this one of the enhancements coming with Workspace
We specifically need to be able to modify the load files and CSV File Attributes (option C from jobdef).
Any help
TIA,
-Greg
|
|
|
|
8 |
1918 |
by CindyW01/14/2013 10:39 AM |
|
4 Replies and 1240 Views
LSF9: Conditional Rules 1240 4
Started by macjelly
I have a conditional security class rule on GL95 and GL293 that I do a SUBSTR function on either the Acct Unit or the Acct Unit List. But when I leave one of these fields blank (which I have to), I get a Java/IOS error window that pops up. I am trying to do a SUBSTR(form.field, 6,4) on both fields and doing an AttribContains to search attribute list for that substring.
Does anyone know how to deal with empty/null form fields when using the SUBSTR function
|
|
|
|
4 |
1240 |
by macjelly01/10/2013 2:09 PM |
|
2 Replies and 1543 Views
LSF9 - Conditional rules 1543 2
Started by ChrisW
Has anyone used 'subString' as part of an expression in a conditional rule&160; I'm trying to pull a portion of the Supervisor code to compare to a custom attribute, but it isn't working...
|
|
|
|
2 |
1543 |
by macjelly01/09/2013 4:03 PM |
|
1 Replies and 1023 Views
Removeing a role from a profile 1023 1
Started by TBonney
Does anyone know of a safe way to remove a role from multiple user security profiles, without impacting anything else (other roles, groups or other settings) defined on those profiles
We use loadusers.xml extensively in the creation and deletion of user profiles, using a handful of standard 'basic' profiles. However, we have a few obsolete roles that exist on numerous profiles. We'd like to get rid of these roles, but can not until they are no longer assigned to any user profi...
|
|
|
|
1 |
1023 |
by Ryan Speight01/09/2013 10:24 AM |
|
4 Replies and 2015 Views
Config settings tables 2015 4
Started by New User
Hi All,
What i'am looking for is, if there are any tables where configuration settings are stored in any table
My objective is to detect any changes made to Lawson configuration settings which will imact on process such as, Accounts Payable, Procurement etc.
Example:- 1) changes made to any of the invoice verification tolerance limit attributes.
Thanks,
|
|
|
|
4 |
2015 |
by Greg Moeller01/07/2013 4:57 PM |
|
4 Replies and 2092 Views
MSS & LAUA - LSF 9.0.1.9 2092 4
Started by jdever
I have a custom Lawson form that has a drop down select via a system key number. This select should view all employees. It works fine for HR super users (those with a UNIX identity tied to a security class).
MSS users can only see his/her direct reports when they access the form. MSS users do not have a UNIX identity and use the 'ONLINE' privledged identity tied to 'weblaw' in a LAUA secuirty class.
How can I over-ride Lawson's 'my data security' for this ...
|
|
|
|
4 |
2092 |
by John Henley12/05/2012 1:03 PM |
|
1 Replies and 2371 Views
LSF 9.01 and DSSO 10 2371 1
Started by Themba
Hi Lawson Gurus,
We currently have a Lawson backend server with LSF and Lawson apps on version 9.01.
We have a separate SharePoint server with Workspace already installed. Workspace is not yet connected/integrated with the Lawson server.
The S3 Workspace plugin installer requires DSP to be installed on the Workspace server.
Using the DSP 10 installation files, we attempted to install DSSO and pointed it to the Lawson backend server as the 'Lawson Security server'.
The DSSO installation ...
|
|
|
|
1 |
2371 |
by John Henley11/30/2012 2:40 PM |
|
1 Replies and 1223 Views
securing ap20 1223 1
Started by MattK
Where is the best place to limit the vendors a specific group of users can see when choosing a vendor on ap20.2
|
|
|
|
1 |
1223 |
by John Henley11/29/2012 11:26 AM |
|
2 Replies and 13806 Views
Security Report Understanding Help 13806 2
Started by Deleted User
I am a little new to Lawson and have some questions around reviewing Security Reports.
I have the report showing all security classes, program codes, form IDs, Secured (YES/NO), Unsecured FCs, and Secured FCs.
My understanding:
If Secured = YES, then the user has no access to the functions in 'Unsecured FCs' and 'Secured FCs'.
If Secured = NO, then the user has access to the functions in 'Unsecured FCs'.
However, what about the Secured FCs If these are listed...
|
|
|
|
2 |
13806 |
by Pepe8111/21/2012 5:00 PM |
|
|
0 |
1098 |
11/01/2012 10:39 AM |
|
1 Replies and 1801 Views
Are Unix User ID's stored any where in the GEN tables? 1801 1
Started by Deleted User
Does anyone know if the Unix UID (numeric user ID) stored in the LSF Host etc/passwd file is referenced anywhere in the Lawson LAUA tables; example GEN tables I can see the ID on LAUA record when I hit Define F6 and then Option B User Profile. The Unix UID displays at the top Portion of the screen. The field I am searching for is displayed as 'User ID' on the User Profile Screen. I would like to know if that field is stored in any of the Lawson V9.0 GEN tables....
|
|
|
|
1 |
1801 |
by John Henley10/25/2012 3:46 PM |
|
1 Replies and 1712 Views
Securing Print Manager by a Group Structure 1712 1
Started by JackNoody
Has anyone out there used a group structure to secure the print manager (Gen Username element specifically)
What we have is a hierarchy scenario when it comes to securing the job queues, and print manager.
For Example:
At the lowest level our facility can only see there own jobs/print files. Employees at Corporate can see their own jobs, and any facility that they are in charge of. There are also some other scenarios, but we will keep it simple for now.
Our plan was to create a structur...
|
|
|
|
1 |
1712 |
by layzer110/09/2012 5:03 PM |
|
2 Replies and 1766 Views
PROCLEVEL vs ESS/MSS vs batch jobs 1766 2
Started by Roy
We are on LSF 9.0.1.9 and users on LS Security, but we've run into an issue in regards to PROCLEVEL and employee/manager security vs batch job security. All our employees have at least ESS access to Lawson, about 1 in 6 employees have more than just ESS access (Requesters, Approvers, Procurement, HR, Payroll, etc.).
Users are limited via ESS security to their own EMPLOYEE record process level via PROCLEVEL, and their own record via COMPEMP. Managers have access to their employees ...
|
|
|
|
2 |
1766 |
by Roy10/01/2012 5:19 PM |
|
4 Replies and 3316 Views
List of Actioni in token/Forms 3316 4
Started by New User
Hello Gurus, I am looking for a list consisting all Actions/Detail line actions for forms/tokens Example:- For Form HR03- Actions are Add, Change, Inquire, Page up, Page down and For same form HR03 for line detail there are Actions Add, Change, Delete similarly where i could get this list or something like Action information per forms Thanks in advance, Amogh
|
|
|
|
4 |
3316 |
by John Henley09/27/2012 10:52 AM |
|
1 Replies and 1972 Views
AP Vendor Class restriction 1972 1
Started by Erika Resendiz
I am trying restrict end users from seeing certain Vendor Classes from APVENMAST. This is what I have: if (table.VEN_CLASS =='PO') then all access else No access. But i get an error 500 when I add this rule. It's almost like it times out.
The only way it works is if I have ...!='EMP' all acess else no access but then we are able to see all the other Vendor classes that Accounting wants hidden.
This is set up on the RQFARSSFiles Security Class under the APVENMAST table.
|
|
|
|
1 |
1972 |
by Greg Moeller09/20/2012 4:06 PM |
|
1 Replies and 2024 Views
Drill around on Accounts in PR35 and others, not working 2024 1
Started by Roger French
I've got LS9 Security turned on.
Windows env, 2008, SQL, Env 9.0.1.5, Apps 9.0.1.5
So I've got a security role where several screens are invoked which have the Accounts and Accounting unit on them, such as the PR35.1.
Within the role is a security class with a rule which allows full access to all of the files required by PR35.1 drill arounds, such as EMPLOYEE, GLNAMES, etc.
Within the security class I've also got an element group rule:
user.attributeContains('CompanyControl',lztrim(...
|
|
|
|
1 |
2024 |
by Roger French09/05/2012 12:31 PM |
|
3 Replies and 2171 Views
Lawson Security server ... 2171 3
Started by Stuart Perkins
and I need to figure out what the Lawson Security server name is so I can login to the Security Administrator. Yes, the information is that hard to find. What '*.cfg' file can I look in to find the name to use on the login screen for the Security Administrator or RM Administrator
|
|
|
|
3 |
2171 |
by Stuart Perkins08/31/2012 12:21 PM |
|
2 Replies and 1959 Views
getdbfield syntax 1959 2
Started by JackNoody
Can someone please reply with the correct syntax for the getdbfield function
We are trying to get the process level from the employee table.
Here is what we are trying and it is not working on the EMDEPEND table:
trim(getDBField('EMPLOYEE','PROCESS_LEVEL',table.COMPANY,table.EMPLOYEE))=='1'
|
|
|
|
2 |
1959 |
by JackNoody08/23/2012 4:12 PM |
|
0 Replies and 1426 Views
Downside to Privileged identity for EMSS users? 1426 0
Started by Anthony
We have begun planning our security upgrade and were wondering if there is any downside to using a privileged identity for MSS users. We heard that in doing so that the managers uid would no longer be attached to the action. Is this true If so, any recommendations in working around this
thank you
|
|
|
|
0 |
1426 |
08/13/2012 3:09 PM |
|
3 Replies and 2156 Views
Using LSF 9 Security - removing LAUA - Batch Job 2156 3
Started by Julia
We are anticipating the eventual move to LSF 10. We understand that LAUA goes away. I have been trying to get this completed before that time. I have documentation that tell me what I need to have in place, but when I try to enter a batch job from Lawson portal, enter the name - click inquire and I get a message at the bottom that says 'field is required'. I can't get past this. In the LSF 9 Security I have the user setup as CheckLS = 'Y', I have Batch role assigned...
|
|
|
|
3 |
2156 |
by Greg Moeller08/09/2012 2:19 PM |
|
1 Replies and 1593 Views
Restricting Values Entered into Form Fields 1593 1
Started by Rick Pearl
Can you write LSF rules that restrict what a user can enter into a form field. Specifically, when creating a requisition in RQ10 and RQC, I have restricted the Requesting Locations that are displayed in the Drill Around. It only displays their assigned locations. However, the user can manually type in any Requesting Location and order for any location. Can I restrict what Locations a user can enter or is there some way to have fields validate before the requisition is subm...
|
|
|
|
1 |
1593 |
by Robert Spurr08/03/2012 3:39 PM |
|
1 Replies and 2515 Views
Lawson ADAM LDAP 2515 1
Started by Layne
I am looking for some information in Lawson LDAP. It is the USER_ID field that is present in many of the Lawson Tables, which starts off with the Letter 'NT.' Where in Lawson LDAP is this stored so I can cross reference this information. I am sort sort of new to Lawson LDAP.
|
|
|
|
1 |
2515 |
by John Henley07/11/2012 7:52 AM |
|
2 Replies and 7400 Views
AD account lockout 7400 2
Started by John Crudele
We recently went live on LSF9 and 9.0 apps (WIndows/SQL2005). We have done the LDAP bind to AD. We are having an issue with users accounts getting locked in AD. If you look at the event viewer - application logs you see hundreds of error messages.
Does anyone have any ideas
This is the detail of one user.&160;
Event Type:&160;Error
Event Source:&160;LAWSON:prod (LAWSON INSIGHT Environment)
Event Category:&160;Environment
Event ID:&160;32783
Date:&160;&160;6/10/2008
Time:&160;&1...
|
|
|
|
2 |
7400 |
by John Crudele07/10/2012 8:46 PM |
|
2 Replies and 2723 Views
lase doesn't start after upgrading AIX 2723 2
Started by Phil Romov
We upgraded AIX from 5.3 to 6.1 (on our test machine for now...) and nothing else has changed
db2 is fine, ldap starts up as well, but lawson won't start. I've traced it to startlaw, where it is trying to load startlase
When I run startlase manually it runs to completion (apparently) saying: lase: security environment 9.0.1.5.174 2009-08-07 04:00:00 (200910) started.
However, when I try to run lase, it says
/>startlase
lase: security environment 9.0.1.5....
|
|
|
|
2 |
2723 |
by Phil Romov06/22/2012 9:26 AM |
|
|
0 |
1591 |
05/22/2012 10:03 AM |
|
0 Replies and 1963 Views
Mass Delete Orphaned Users -- Windows LSF-9019? 1963 0
Started by SP
In an effort to clean up Lawson security, we recently ran a simple flow to delete the OS identity from all 'ESS only' users who had OS identities tied to their RMID's. Now we are left with over 1,300 orphaned users in delusers.
Does anyone know a way to clean out these ophaned records in mass Manually deleting them via delusers will take forever.
And while I'm on the topic, wth good is the ability to delete os identities via resource update node if it leaves orphaned records...
|
|
|
|
0 |
1963 |
05/10/2012 1:57 PM |
|
1 Replies and 1876 Views
Need help troubleshooting a rule 1876 1
Started by John Costa
To all,
I need help understanding / troubleshooting a unique security issue.
In our LDAP schema, we've defined a custom attribute named Region. This attribute is defined as a 15-character string. The values are limited to the following:
CMS-HR
Corporate-HR
Cypress-HR
Manasquan-HR
Region-SW
Wichita-HR
In the Lawson Security Administrator, this Region attribute is then set for each employee in their RM record.
We are licensed for Emplo...
|
|
|
|
1 |
1876 |
by John Henley05/09/2012 2:46 PM |
|
0 Replies and 1593 Views
Data area (xxx) has been suspended - but why 1593 0
Started by Richard J Sculpher
I am trying to add a rule in Lawson Security. I have done this many times. But now I am getting a message which in effect says 'Data area (APP) has been suspended'. It has a lot more Java stuff too.
The Lawson KB has an article on it which describes the problem and the cure. Bounce WAS and Lawson. KB Article 5153320.
I am happy that the solution is correct, but they give the cause as the result of running a dbreorg while WAS is up. I have tried to reproduce this and cannot. With WAS up and...
|
|
|
|
0 |
1593 |
04/20/2012 5:36 AM |
|
1 Replies and 1785 Views
Lawson Security Environment Information -ldapbrowser 1785 1
Started by Deleted User
Hello,
Does anyone know where the Lawson Security User Environment information is stored in LDAP This is the screen with the user groups, printer groups and product line. I'm using the Softerra ldapbrowser running Lawson S3 901.
|
|
|
|
1 |
1785 |
by Roger French04/18/2012 8:07 AM |
|
0 Replies and 1419 Views
Process level security with state resriction 1419 0
Started by Willie
We currently have security set up by process level using an element group. Is there a way to add restrictions to specific work states within the process level.
Thanks.
|
|
|
|
0 |
1419 |
04/13/2012 12:44 PM |
|
1 Replies and 1445 Views
Security Checking tab 1445 1
Started by Deleted User
Within Lawson Security, I'm trying to turn on Lawson Security for one particular data source. The only way to do that is if I change the default level access. Is this normal or am I forgetting something
|
|
|
|
1 |
1445 |
by Deleted User04/12/2012 10:29 AM |
|
|
2 |
2197 |
by Deleted User04/09/2012 2:50 PM |
|
1 Replies and 1879 Views
Curious rule-writing, impressions 1879 1
Started by Greg Moeller
When I define unconditional access to a form, HR11.1 for example... I was expecting the A, C, D buttons to disappear. Is this not the way that LSF security works
I get security violations when I try to do any A, C, or D actions, but the buttons still show.
PA16.1 is another example. Same symptoms.
|
|
|
|
1 |
1879 |
by Jimmy Chiu04/09/2012 10:23 AM |
|
2 Replies and 2090 Views
Defining rules in Lawson Security 2090 2
Started by Deleted User
When I try to add some rules to a security class in Lawson and click Apply, I get the following error message:
'A call to the server has timed out.'
How do you fix this error I have to get out and go back into Lawson Security every time. Any help would be appreciated.
|
|
|
|
2 |
2090 |
by Jimmy Chiu04/02/2012 8:48 AM |
|
0 Replies and 1216 Views
Script to add rules to a security class 1216 0
Started by Deleted User
Has anyone developed an automated process of adding rules to a security class within Lawson Security If so, how did you do it
|
|
|
|
0 |
1216 |
03/30/2012 3:48 PM |
|
1 Replies and 1827 Views
HR13 - view all/update one field 1827 1
Started by Karen Sheridan
Benefits would like to secure HR13 such that the data is visible but only one or two fields will be available for change; no adds and no deletes
The active flag is the field in question.
I'm looking for an approach that doesn't require touching all fields if that is possible.
On the form, you have to grant update at the token level (HR13.1) right So, to remove update for all the other fields would require touching all the rest.
Does it work the same at the ta...
|
|
|
|
1 |
1827 |
by Dave Amen03/26/2012 4:25 PM |
|
2 Replies and 2111 Views
View Only - All Process Leves 2111 2
Started by ErikO
We primarily use Process Level Security, in LS, and most of our HR/PR users are limited by a process level, or range of process levels. In our setup, Process Level is baiscally a company.
We need a way (with one login) to allow an HR user, who is restricted by a process level range, to see limited, specific data on all employees, across all process levels. We need this in order for HR to view potential transfers, employment history, validate they are current or past emp...
|
|
|
|
2 |
2111 |
by Wade-T03/23/2012 8:30 AM |
|
1 Replies and 2362 Views
Implementing Lawson Security by yourself 2362 1
Started by Deleted User
Has anyone implemented Lawson Security on their own without the help of consultants If so, how long did it take you What was your experience like
|
|
|
|
1 |
2362 |
by Greg Moeller03/21/2012 1:45 PM |
|
1 Replies and 1274 Views
Profile Management 1274 1
Started by Jay2
I am trying to delete a profile because is was inadvertently set up a RM instead of ERP.
I keep getting the error
Profile is currently being used by product lines {1}. Cannot delete.
this is on our test box so I am not worried about losing anything.
there are no security classes set up for it and the security is turned off on the profile.
|
|
|
|
1 |
1274 |
by Jay203/13/2012 12:04 PM |
|
14 Replies and 2197 Views
Company Level Security Restriction 2197 14
Started by Greg Moeller
We've been tasked to implement company level security to an already existing LSF9 security setup. We are taking on a different hospital, and now need their data to be separate from ours.
What's the best way to do such a feat I'd prefer not to have to go into each and every security class and write more rules.
Any way to use the CompanyControl attribute of RM to do this Who's willing to share an example
Thanks in advance,
-Greg
|
|
|
|
14 |
2197 |
by Greg Moeller03/13/2012 10:27 AM |
|
3 Replies and 3474 Views
Security Classes 3474 3
Started by New User
Hi Gurus!
I would like to know where and how should i find all security classes. I need this to create rules.
Thnaks
|
|
|
|
3 |
3474 |
by New User03/01/2012 3:11 AM |
|
1 Replies and 2945 Views
Switching an environment from ldap bind back to local password administration 2945 1
Started by marcterry
We have a requirement to change an environment from ldapbind to local password admin. All of our 9.0.n environments are currently bound to AD for authentication. If anyone can please offer some advise it would be appreciated. I can't seem to find any information on switching back.
Thanks,
Marc
|
|
|
|
1 |
2945 |
by John Henley02/13/2012 9:51 AM |
|
2 Replies and 1976 Views
LS Security methodology/philosophy question 1976 2
Started by dcaiani
We are kicking around two different schools of thought as we start the migration from LAUA to Lawson Security.
The first is to take a functional area such as AP and build a single role that gives access to every token, table, etc that anyone in the company could ever have a need for in AP. From there each person who gets that role would have security overrides for the tokens, tables, etc. that they don’t need. So in a sense you would take away AP195, AP155, etc ...
|
|
|
|
2 |
1976 |
by Dave Amen02/03/2012 10:22 AM |
|
3 Replies and 2172 Views
GL45 Security 2172 3
Started by Mike Flynn
I have tried writing a rule on GL45 so that users can only see their own transactions (operator) equal their user id. This denies them access to all data.
I did write a rule on the GLCONTROL limiting the same thing so it prevents drill around on others transactions.
However, I don't even want them to see 'others'. Any ideas I've tried (userid and employee id are the same here):
if(form.SEL_OPERATOR==user.getEmployeeId())
'ALL_ACCESS,'
else
...
|
|
|
|
3 |
2172 |
by Mike Flynn02/01/2012 8:03 AM |
|
8 Replies and 2719 Views
Conditional rule to address security location on employee record 2719 8
Started by Alex Shklovsky
I'm trying to write a conditional rule on HR11.1 to restrict users from accessing employee records based on security location(SEC_LOCATION). Here is what I got so far
if(trim(getDBField('EMPLOYEE', 'SEC_LOCATION', form.EMP_COMPANY, form.EMP_EMPLOYEE))== 'OCE' || 'OCEDRE' )
'ALL_ACCESS',
else
'NO_ACCESS'
OCE and OCEDRE actual security locations attached to an employee record that user can see. Getting security
violation on all records. I'm new to LS. What I'm doing wron...
|
|
|
|
8 |
2719 |
by Fork01/13/2012 9:24 AM |
|
8 Replies and 3770 Views
LS Security--Secure Print Manager in Portal 3770 8
Started by JimIII
Help! I need to be able to limit users to their print manager only. We are on a Windows platform and I wrote a rule on Element UserName in batch security class in GEN. Username==user.getHotServiceId() All Access else No Access.
Unfortunately this must not be right as I then get a security violation trying to access my own print jobs. Any suggestions would be greatly appreciated. Thanks, Jim
|
|
|
|
8 |
3770 |
by JimIII01/12/2012 10:08 AM |
|
2 Replies and 2589 Views
Advice to move from LAUA to Lawson Security 2589 2
Started by Deleted User
Been reading the various forum items and WAS leaning toward the fastrack templates, but not so much anymore.
We only have approx 50 bus users for GL & HR and 1500 EMSS users.
Is there a current way in lawson to see what forms our users have been accessing
I hope to hire a consultant to handhold, but will I incur other expenses such as a listener program or pre-built templates
|
|
|
|
2 |
2589 |
by Roger French01/11/2012 8:33 AM |
|
5 Replies and 2072 Views
Test for Blank User Attribute 2072 5
Started by Rick Pearl
How do you test for a user attribute that is blank/empty
I have tried user.getAttribute('ProcessLevelControl') == '' and trim(user.getAttribute('ProcessLevelControl')) == ''
Neither of which work.
If anyone knows the trick, I would appreciate it.
thanks!
|
|
|
|
5 |
2072 |
by rogowsky01/09/2012 3:01 PM |
|
12 Replies and 4148 Views
Lawson Security 9 (ADAM) 4148 12
Started by RickyY
Have anyone tried extract data out of ADAM (lawson security) I'm trying to extract data out from it and into table. Any ideas or help will be greatly appreciated. Thanks.
|
|
|
|
12 |
4148 |
by RickyY01/05/2012 5:22 PM |
|
15 Replies and 3837 Views
USERGRPDEF 3837 15
Started by Jay2
When adding a new user to a user group.
I type USERGRPDEF
I then enter the user group I want to add the new user to.
at the beginning of the list I hit F8 to insert a blank slot
and then I hit F4 to get the list of users to choose from.
Does anyone know where this list populates from I checked the users in LAUA but the lists are different.
|
|
|
|
15 |
3837 |
by Jay201/03/2012 9:53 AM |
|
10 Replies and 4461 Views
Lawson Security timeout after new install 4461 10
Started by John Costa
Hey folks,
I'm hoping a Lawson Security guru can help me out here.
I'm in the process of building a new environment based on the following:
Windows Server 2008, 64-bit
LDAP: Microsoft AD-LDS (residing on the same server)
IBM WebSphere 7.0.0.19
Lawson Core Technology 9.0.1.9
At this time, the only components that have been installed is the Core Technology and the Security Administrator application. I'm trying to log into the Security Administrator for the first time.&nb...
|
|
|
|
10 |
4461 |
by John Costa12/30/2011 2:04 PM |
|
2 Replies and 1776 Views
limit report option on Ap210 vemdor Lisitng 1776 2
Started by John Crudele
We are on LS Security
Can you limit the Report Option parameter for AP210 through LS Security
You can run the report as Basic, Summary and Expanded. We want to not allow the users to choose Expanded.
Any help would be appreciated
Regards
JC
|
|
|
|
2 |
1776 |
by John Henley12/07/2011 9:53 AM |
|
0 Replies and 1464 Views
LS archiving 1464 0
Started by Al
In order to keep the LSAUDIT table from growing too large it is recommended to archive security every now and then. I am wondering if anyone has a best practice as to how often to archive. Quarterly, twice a year, etc
Any advice would be helpful. Thanks.
|
|
|
|
0 |
1464 |
12/05/2011 10:19 AM |
|
6 Replies and 3320 Views
LAUA security to custom table 3320 6
Started by ISO Dan
I have created a custom table which has cost center as a field. I want to create a security class so that only people assigned to the cost center can view their data.
For example I have a header table with a field called Cost_Center. I have created a security class called CC123, when I use record level security I have Coster_Center = '123' however when I view the data I can still see everyones' data.
Does anyone know how to set this up or ...
|
|
|
|
6 |
3320 |
by ISO Dan11/21/2011 8:27 AM |
|
5 Replies and 1989 Views
RM Information 1989 5
Started by KerriR
Does anyone have or know where I can get some documentation that tells me what each field on the 'edit RM information' screen is used for&160; We recently upgraded our environment to 9.0.1.5 and I noticed there are some new fields and some fields were taken away.&160; I would like to know if I could be using these fields for something useful.
|
|
|
|
5 |
1989 |
by Greg Moeller11/09/2011 4:29 PM |
|
4 Replies and 2572 Views
Who owns LS9 Security Maintenance 2572 4
Started by Brian Veldhouse
Who maintains the LS9 security in your organization Does anyone have it maintained by one of the end-users If so, is it one person per suite
|
|
|
|
4 |
2572 |
by Robert C. Lingle11/01/2011 9:38 AM |
|
4 Replies and 6021 Views
lawson security smoke test 6021 4
Started by Richard J Sculpher
I am trying to run the Lawson Security smoke test on a new build. I am getting the following message when I sign in through the SSO, in fact as long as I use a valid userid any password will produce it: <xml version='1.0' encoding='ISO-8859-1' > - <ERROR> <MSG>Could not convert LSF Identity (null) to LM Identity.</MSG> </ERROR Has anyone any experience of this error message As part of the build I have loaded LDAP data exported from another environment...
|
|
|
|
4 |
6021 |
by Richard J Sculpher11/01/2011 8:35 AM |
|
1 Replies and 2147 Views
LS9 Security String Functions 2147 1
Started by Rick Pearl
I am new to Lawson Security and I am surprised by the lack of basic common string functions available for use in rules. Functions like len() and instr() for string length and position of a string within a string. There is an instr() function but it only returns a boolean if the search string is found. I am trying to parse the parts of a Accounting Unit using substring and due to the fact that some accounting units are ww.xxxx.yyzzzz and some are ww.x.yyzzzz and some&nb...
|
|
|
|
1 |
2147 |
by John Henley10/28/2011 9:17 AM |
|
3 Replies and 1498 Views
Securing LS Role Granting/Taking Away 1498 3
Started by Roger French
Greetings:
I'm creating some advanced security roles within LS Security, specifically for other security administrators.
I've successfully secured the granting of specific roles in the ROLE attribute, which means that for users with this role, they cannot see or grant specific roles for other users within those users' security profile.
Example: My advanced security role is called 'SpecialAdminRole'. I also have a role called 'BenAdminRole'.
If I give SpecialAdminRole to Joe, then whe...
|
|
|
|
3 |
1498 |
by Nathan Smith10/14/2011 10:02 AM |
|
2 Replies and 2801 Views
tknsecrpt - Where are valid FCs for a Form stored? 2801 2
Started by Eric Haugen
Both tknsecrpt and secrptbtch show the UNsecured FCs by form by SecClass. I'm guessing they do this by listing the valid FCs for the form minus the Secured FCs in USERSCR. In order to do this, the valid FCs for each form must be known. I can't find these in the GEN database. Where are they coming from The TranMaps for each form Am I missing a table somewhere. Is scrgen updating a table not in Gen
Thanks.
Eric
|
|
|
|
2 |
2801 |
by Nathan Smith10/14/2011 9:48 AM |
|
20 Replies and 5940 Views
Who Can See This Form? 5940 20
Started by Jonas
We have had several instances where for whatever reason we needed to know who had access to a particular form (or securable object) under LSF9.
To that end I wrote a simplistic windows app that connects to the LDAP and backtracks from securable object all the way up generating a list of security classes, then roles, and finally users who have access to a particular form.
It's not the best code ever, but it gets the job done. I haven't seen anything else that does this.
I'd be happ...
|
|
|
|
20 |
5940 |
by rogkee10/13/2011 3:26 PM |
|
1 Replies and 3616 Views
LSF9 Form/user Security tables 3616 1
Started by rogkee
I know there is the User Security Report in Lawson where you can choose objects and it shows who has access to them, but our auditors want to be able to run adhoc queries about various forms and at various times to find out everyone who has access to a specific form. For 'auditing' reasons, they don't want this done from the internal Report by a Lawson administrator, they want to do it themselves.
My question is what files would I need to hit in a query to gather this information An examp...
|
|
|
|
1 |
3616 |
by John Henley10/13/2011 2:59 PM |
|
2 Replies and 2169 Views
HR11 secured EEO-CLASS but not description 2169 2
Started by msjmg111
I denied access to EEO-CLASS (Ethnicity) in HR11 and on PAEMPLOYEE but I'm still seeing the description on HR11. The field is blocked, but it still shows the description to the right of the field. Where is that located (so that I can get it blocked) or how do I block it from view
|
|
|
|
2 |
2169 |
by Karen Ploof10/07/2011 4:09 PM |
|
1 Replies and 2298 Views
securing drill around and select 2298 1
Started by Deleted User
I saw a tip about securing access to only the employee's data, but I'm not getting it correct. (Below is the code I am looking at).
I want to limit the employee to only be able to drill around / selects only on his own data.
1. I thought that I needed to put this on the employee table, then I tried the employee field itself - Still no luck. The employee can select anyone and drill around on anyone.
2. in the object - user what is in getEmployeeID...
|
|
|
|
1 |
2298 |
by Roger French10/06/2011 10:01 AM |
|
5 Replies and 2571 Views
Secure Drill Around On Select/Drill Around Window. 2571 5
Started by Brad
Using Design Studio we have been successful at removing the Drill Around ability on a few of our forms that a specific set of employees use. But when they select that field and the Select Window (its actually titled as 'Drill Around -- Webpage Dialog') still allows employees to Drill Around on any record in the window. Better Example. Using Studio we have removed the Drill Around Option on HR11.1 on the Employee field. When you right click on the field it no longer displ...
|
|
|
|
5 |
2571 |
by Srini Rao09/27/2011 10:18 AM |
|
0 Replies and 1781 Views
laua element security -- needing help 1781 0
Started by Chris
Fairly new to lawson and laua, so bear with me...please... We are wanting to implement drill-around security, and I've found many resources that explain the process. We use laua (not lawson security), and if I understand things correctly, if I apply security at the element level, we can block all fields defined by that element in a product line -- exactly what I want!
Here is my dilemna, I'll use a single example. I want to prevent users from seeing the Social Security numbe...
|
|
|
|
0 |
1781 |
09/22/2011 11:49 AM |
|
1 Replies and 1811 Views
Security Warning on IE8 1811 1
Started by Steven
Help!
Lawson Portal login page gives the following warning message
Do you wan to view only the webpage content that was delivered securely
Background: Upgraded environment from 9015 to 9018. Noticed queries in ESS is extremely slow. Problem is likely a new version of lawsec.jar. Lawson support recommeded uninstalling the offending patch. Performance in ESS no longer an issue but getting the annoying warning message every time.
|
|
|
|
1 |
1811 |
by Jimmy Chiu09/20/2011 1:41 PM |
|
0 Replies and 1188 Views
Multi Productline Environment - LS 1188 0
Started by KB
Our test environment has multiple productlines. Is there any way for us to share a profile so we don't have to have duplicate security on another profile
|
|
|
|
0 |
1188 |
09/13/2011 12:05 PM |
|
13 Replies and 6653 Views
Report for Security Role on User Profile 6653 13
Started by Deleted User
The Profile Report out of laua's F7 command doesn't provide a technically-friendly output to be able to identify all users who have the Security Role of Admin.
Does anyone know the tables this information is stored in (LSF 9.0 - 8.1 security )
Short of Perl scripting the User Profile or an excel macro, I'm at a loss.
|
|
|
|
13 |
6653 |
by Kwane McNeal09/08/2011 9:10 PM |
|
3 Replies and 2382 Views
Laua: Security Class 2382 3
Started by LF
I a new to LAUA security. Does anyone know how to compare to diffenent security classess and show the difference between the two besides doing the tknscrpt
|
|
|
|
3 |
2382 |
by John Henley09/07/2011 8:03 PM |
|
4 Replies and 2562 Views
MSS Rule on Employee table 2562 4
Started by msjmg111
We are working on writing rules for the Direct Reports link in MSS. We've had ESS in for some time and my rule writing is a bit rusty, so I would appreciate any help with MSS. I loaded the MSS delivered template and the rule for the Employee table - if(user.isSupervisorOf(getIdFromEmpNbr(lztrim(table.COMPANY),lztrim(table.EMPLOYEE))))'ALL_ACCESS';else'NO_ACCESS'. When I try to access one of my direct reports I get an error retrieving database records. The ...
|
|
|
|
4 |
2562 |
by msjmg11109/07/2011 3:33 PM |
|
2 Replies and 2864 Views
Security - Schema/Table 2864 2
Started by Jose
Hello,
I would like to know if anyone knows the schema/table for Lawson Security Group nad Roles.
|
|
|
|
2 |
2864 |
by John Henley08/24/2011 12:01 PM |
|
1 Replies and 1691 Views
You cannot transfer directly to this form error - any ideas? 1691 1
Started by CindyW
We use LAUA, and just upgraded from 8.0.3 apps to 9.0.1.3. (env is now 9.0.1.8), and so far we've had very few issues. However, I am unable to resolve one issue. I have a security class that has limited access to just a few screens. We have a problem that where the users in this class alone, are unable to access the PA16 form.
When they do, they get this message:
PA16.1: You cannot transfer directly to this form...
Every other class t...
|
|
|
|
1 |
1691 |
by Jimmy Chiu08/09/2011 8:15 AM |
|
4 Replies and 4682 Views
Looking to create users using SSIS and DirectoryServices (VB) 4682 4
Started by EBassett
Has anyone successfully used SSIS and DirectoryServices (VB) to create user accounts
I have written similar code to create users in Active Directory, but I get errors when doing the same for Lawson Users. I can modify existing Lawson users but get an error when doing the add.
The error is thrown on the newUser.CommitChanges() command. it is COMException (0x80072035) which when I look into states is because the password is not set, but if I try to set password first it throws a different e...
|
|
|
|
4 |
4682 |
by EBassett07/26/2011 10:35 AM |
|
12 Replies and 8987 Views
Employee Self-Service under Lawson Security 8987 12
Started by John Costa
Has anyone successfully implemented Employee Self-Service under Lawson Security
I ask because I am running into headaches trying to set up the correct access to the tables and forms behind each link.&160;&160;I've been using the technical documentation for the Employee and Manager Self-Service application but it really provides nothing more than a starting point.
For example, for the ESS&160;link 'Payment Modeling', the technical documentation indicates that I need to provide access to...
|
|
|
|
12 |
8987 |
by John Henley07/25/2011 12:55 PM |
|
6 Replies and 1730 Views
Newbie to advanced security writing needing help!! 1730 6
Started by Ronnie
Ok,
This is probably my first official post on the forum, but I have run into something that is a little more in depth than my security skill level currently resides at.
Here is the situation:
We are using the new lawson RQC (requisition center...former RSS)
and within the shopping area on the accounting tab there is a field with a drill around called 'Activity'
I am told that this pulls its info from AC10.
We are wanting to limit the drill around info to certain data for cert...
|
|
|
|
6 |
1730 |
by Ronnie07/20/2011 7:20 AM |
|
6 Replies and 3275 Views
Autoprovision new Lawson Users 3275 6
Started by Sarah
We are in the process of identify the best way to auto provision new users to Lawson LS Security, and deprovision roles when transfers/terminations occur.
We are ldap bound, and would like to utilize either PFI or an ldap provisioning tool (CA/FIM/etc).
How have others resolved this issue What tools did you use
Thanks!
|
|
|
|
6 |
3275 |
by JeffR07/19/2011 4:56 PM |
|
0 Replies and 1366 Views
Usergroup 1366 0
Started by Jose
Does anyone know how to restrict users from being able to view other users other than those defined in the usergroup from accessing jobschedule and printmanager.
Ex..if you are in HR, you should only be able to view users within HR when selecting from the dropdown within jobschedule or printmanager.
|
|
|
|
0 |
1366 |
07/15/2011 12:50 PM |
|
0 Replies and 1252 Views
Security to be setup to allow user to drill around in Asset Template in RSS 1252 0
Started by Saurabh
Hi
We are testing the Asset Module and the process of linking a Asset Template in the RSS.
I have tried to setup security as much as i can think of but still when i click on the Drill Around in Asset Template in RSS i do not see any of the templates.
The templates are not setup compamny specific - so should be availaible to all users
have attached screenshot of what i have given with respect to security - can anyone help to point the missing setup
thanks
Saurabh
|
|
|
|
0 |
1252 |
07/14/2011 9:01 AM |
|
0 Replies and 1302 Views
Company Table Security 1302 0
Started by KB
Trying to determine what the best way to do global table security. Element rules appear to block access to another company from the screens but Add-in users can query other company data.
Do I have to add company criteria in my table access rules
Any assistance would be appreciated.
|
|
|
|
0 |
1302 |
07/12/2011 12:23 PM |
|
2 Replies and 1650 Views
ESS LS 1650 2
Started by KB
We are troubleshooting our ESS LS rule and are having a problem with a DME call. On the table we have tried to secure we have a conditional rule as follows...
if(user.getEmployeeId()==table.EMPLOYEE)
'I,'
else
'NO_ACCESS,'
We are trying to lock the table down so they can only see their own data.
A DME call against this same data returns 0 results.
Shouldn't this rule work
|
|
|
|
2 |
1650 |
by John Henley07/06/2011 10:01 AM |
|
|
6 |
1492 |
by Greg Moeller06/29/2011 1:52 PM |
|
2 Replies and 1447 Views
LSF9 Security on Add-ins 1447 2
Started by jzetting
We are testing a new attribute in LSF9. It appears to be securing the correct records in the portal but when you run an add-in with that same username, the query shows all records and doesn't secure. What am I missing
|
|
|
|
2 |
1447 |
by Roger French06/29/2011 7:52 AM |
|
0 Replies and 1776 Views
Lawson function to read table 1776 0
Started by RobertL
I am trying to process the RQACCTU table with accounting unit records to match ICLOCATION table with requesting locations. I think a loop process is better than if/then/else to read and process the tables. Do you know any Lawson functiion that can work on this Thanks.
|
|
|
|
0 |
1776 |
06/27/2011 11:51 AM |
|
3 Replies and 1930 Views
Company Control 1930 3
Started by KB
I am wondering if anyone has developed any Company Control security rules and would be willing to share an example of a rule that has been written using Company Control.
Thx
|
|
|
|
3 |
1930 |
by Jimmy Chiu06/27/2011 7:47 AM |
|
7 Replies and 3093 Views
Windows NTFS app server security for a Unix-to-Windows conversion 3093 7
Started by George
Hi.
New to this LawsonGuru forum, newbie to Lawson (been around a long while doing Windows server admin). I am not a Unix admin. Our organization is converting from Unix/Oracle Lawson S3 (LSF v9.x) to Windows2008R2/MsSQLserver (LSF v9.x). Having some issues with proper NTFS security. Microsoft Subsystem for Unix Applications (Ms-SUA) is, of course, installed as a Windows Server role for our Lawson application server. Been reading up on mapping Unix to NTFS permissions. And a...
|
|
|
|
7 |
3093 |
by Jimmy Chiu06/24/2011 11:07 AM |
|
0 Replies and 1336 Views
Calling RQ04 to match Accounting Unit 1336 0
Started by RobertL
Anyone familiar with global function getidFromRequester I am trying to use the RQ Files Securable Type in Lawson Security Administrator to set up access rule calling RQ04 to match the ACCT-UNIT (Accounting Unit in RQ04 .
Thanks.
|
|
|
|
0 |
1336 |
06/23/2011 3:14 PM |
|
0 Replies and 3223 Views
DSSO Logout Redirect to Portal 3223 0
Started by pianoman
We have DSSO setup for Lawson Budgeting and Planning. When we hit the logout button in LBP it redirects us to the Portal Login Screen. We would expect/like it to return to the LBP login screen instead. Any ideas
|
|
|
|
0 |
3223 |
06/23/2011 1:54 PM |
|
7 Replies and 1613 Views
AR115 - EFT Files and Required Permissions 1613 7
Started by Garth Gerwing
We are attempting to test the AR EFT process(s) - and are running into an issue whereby the EFT payment file(s) are being created - but are empty (0KB) where there should be data written. We setup the 3 required directories under productline\work\ - as the job required these be present before exeucting. Upon closer inspection of the job log - we noted a 'Security Violation' line being written.
Anyone have any ideas as to what might be the issue here
|
|
|
|
7 |
1613 |
by Garth Gerwing06/22/2011 11:19 AM |
|
6 Replies and 2641 Views
LSF9 - Lock Drill access 2641 6
Started by Jose
I'm new to LSF9 and trying to figure out how to restrict user(s) from drilling on 'employee' and viewing of social security.
|
|
|
|
6 |
2641 |
by Karen Sheridan06/21/2011 10:23 AM |
|
4 Replies and 3236 Views
online only users 3236 4
Started by Deleted User
I am trying to use the LSF security for a very simple class - The users will only be able to access one form.
I thought that I would not have to set up a UNIX account if the users were to use Portal only and only an online form, but so far no luck. I get this that says 'portal cannot load because the profile service returned an error'. ANy ideas where to start looking
|
|
|
|
4 |
3236 |
by Deleted User06/14/2011 11:33 AM |
|
3 Replies and 1320 Views
Securing Identites 1320 3
Started by Roger French
Good morning,
Has anyone found a way to secure Service Identities in security administrator I'm setting up security for other sec admins and I haven't been able to find a way of security the identities. I've looked far and wide but nothing yet. Lawson is also saying it can't be done.
Really
Ok, anyone have any ideas
Thank you in advance,
Roger
|
|
|
|
3 |
1320 |
by Kwane McNeal06/06/2011 9:01 AM |
|
8 Replies and 2644 Views
Delete a Role in LSF9 2644 8
Started by TBonney
Can a single role be deleted from multiple users in LSF9, without impacting any of the other roles, groups, etc. that are assigned to these users
We have a role that was created and assigned to several hundred users previously. However, due to changes made since then, this role is now obsolete and unnecessary so we'd like to remove it from all users. However, we do not want any other changes to be made to these users.
Any ideas Thank you.
|
|
|
|
8 |
2644 |
by TBonney06/02/2011 7:18 AM |
|
0 Replies and 1210 Views
How to manage Lawson licenses 1210 0
Started by RickyY
I was wondering and would like to know how everyone is managing their application/users licenses with Lawson Security 9 Any ideas would really help. Thanks.
Neng
|
|
|
|
0 |
1210 |
06/01/2011 11:40 AM |
|
2 Replies and 2375 Views
HR11.1 tab security 2375 2
Started by Deleted User
We are on LSF9.
We have a section of HR employees who currently have view only access to HR11.1. I've been asked to provide them with full access to only one tab (Work Tab).
Current HR11.1 conditional rule:
if (user.getCompany()==form.EMP_COMPANY)&&(user.getEmployeeId()==form.EMP_EMPLOYEE) then ,-,I,N,P ElseIf (user.getEmployeeId()!=form.EMP_EMPLOYEE)&&isElementGrpAccessible('PROCLEVEL','','HR',form.EMP_COMPANY,form.EMP_PROCESS_LEVEL) th...
|
|
|
|
2 |
2375 |
by GregSl05/31/2011 11:10 AM |
|
5 Replies and 1648 Views
Revisiting Company Level Security 1648 5
Started by Greg Moeller
I see the previous thread posted on Company level security, but would like some more clarification/revisit.
We have had no luck here trying to get company level security to work, and now we are going to be bringing on another company and trying to fold them into our existing LS security.
Although setting up the new company shouldn't be difficult, they shouldn't see anything but themselves... there will be existing users here that will also need access to the new company. I'd li...
|
|
|
|
5 |
1648 |
by Greg Moeller05/27/2011 2:12 PM |
|
1 Replies and 1467 Views
Upgrading from 9.0.0 to 9.0.1 1467 1
Started by TBonney
We're planning to upgrade everything from 9.0.0.x to 9.0.1.x. (environment, applications, security, etc.) Are there any tips/tricks anyone who has already made this leap can provide, as it relates to converting Security from 9.0 to 9.0.1
We're on LS9 security, but are not LDAP bound. This too is something we'd like to do, but assume it would be best to do it after the upgrade, not as part of the upgrade. I'm not sure this factors in at all, but we're also upgrading the O/S at the same time t...
|
|
|
|
1 |
1467 |
by Roger French05/23/2011 12:39 PM |
|
3 Replies and 1442 Views
RSS Receiving 1442 3
Started by Karen Sheridan
Sorry - this is somewhat of a cross-post
We would like to limit who can receive in RSS, but allow all RSS users access to the receiving page because of the other imformation provided on that page including PO information.
Is PO30 the backoffice form for this Our RSS security class doesn't have PO30 access, but users are receiving that shouldn't.
Any help would be appreciated.
Thanks,
Karen
|
|
|
|
3 |
1442 |
by Karen Sheridan05/23/2011 10:40 AM |
|
1 Replies and 1530 Views
Security Administrator Locks Up 1530 1
Started by Woozy
We are having a heck of a time with Security Administrator locking up on a regular basis - like every couple of times we try to change something.
We've been having this issue for some time under LSF 9.0.1.4, but we recently upgraded to LSF 9.0.1.7 and the latest version of SecAdmin and now the problem is even worse.
We've contacted Global Support, and didn't get much help.
Does anyone have any solutions or suggestions
Thanks!
|
|
|
|
1 |
1530 |
by Greg Moeller05/18/2011 10:59 AM |
|
1 Replies and 1820 Views
How to change user ID to run Law9 system? 1820 1
Started by Huizong
Hi, Our Lawson 9 system is LSF 9.0.0.6 and APP 9.0.0.7 on IBM iSeries and the subsystem is LAW9.
Now the user ID to run LAW9 system is LAWSON. I would like to change the user ID from LAWSON to LAW9.
Would anyone know how to change the user ID which was used to run Law9 sub system
Thanks a lot.
Huizong
|
|
|
|
1 |
1820 |
by Jimmy Chiu05/10/2011 12:27 PM |
|
0 Replies and 1499 Views
S3 LAUA Security - User Groups 1499 0
Started by Ryan Speight
We have a user assigned to a service account which runs recurring 100 level (update) jobs for AP; lets call the service account SERVICEACCT. Other Lawson users have access to the SERVICEACCT jobs because they are in the same LAUA User Group. Is there anyway to prevent users who are in the same LAUA User Group as the SERVICEACCT user from recovering update jobs that have gone into needs recover or is my only option removing them from the User Group
Your help is greatly appreciated.
|
|
|
|
0 |
1499 |
05/09/2011 5:56 PM |
|
8 Replies and 2832 Views
LSF9 Security along with HR Data Security 2832 8
Started by Kartik
I have set up LSF9 security in HR with TRAdmin Role (for Training Administrator) and appropriate security class with restrictions on HR11 (cannot view SSN, pay rate etc). Since I am migrating from LAUA, there is already the existing HR Data and User security set up in HR09, HR10 and HR12. I find that the HR Data security completely overrides the security rules set up in the security class. For instance, if I deny access to view SSN in the security class, but the appropriate security level in HR0...
|
|
|
|
8 |
2832 |
by Mark Petereit05/01/2011 5:24 PM |
|
0 Replies and 1852 Views
Turn off Drill Around in Print Manager 1852 0
Started by Ronald
I have created a new security class to run HR170 for field users. However, when viewing the report in Print Manager it has the ability to drill around in the information. I need this ability to be turned off.
Does anyone have any suggestions
Yes, we are using LSA.
|
|
|
|
0 |
1852 |
04/28/2011 10:44 AM |
|
2 Replies and 1452 Views
Moving os users from Unix to Windows 1452 2
Started by msjmg111
We are moving from Unix to Windows and am looking for a quick () way to load online/batch users into the gen database (i.e. convert the UID's to NTxxxxxxx). If anyone can give me some help with this, I would truely appreciate it.
|
|
|
|
2 |
1452 |
by Kwane McNeal04/19/2011 12:33 PM |
|
3 Replies and 1447 Views
Combo Roles ESS MSS w LS9 Security 1447 3
Started by Margie Gyurisin
We just discovered that if we give a manager both the MSS and ESS role, they are able to drill back to information on their direct reports that they should not be able to see.
Example:
With MSS role only, they do not see dependents.
When ESS role is added they do even though the EMDEPEND table has this conditional rule on it. if(isElementGrpAccessible('COMPEMP','','HR',lztrim(table.COMPANY),lztrim(table.EMPLOYEE))) { 'ALL_ACCESS,' } else { 'NO_ACCESS,' }
Any help you can provide wou...
|
|
|
|
3 |
1447 |
by Jimmy Chiu04/19/2011 10:46 AM |
|
4 Replies and 1572 Views
Field level unconditional rules not working 1572 4
Started by Kartik
I was testing my security set up at my client. I find that I cannot get my field level rules to work on any form. For example, If I want to deny access to Pay rate in HR11.1 or inquiry only access to Vendor Name in AP10.1, the unconditional rule does not work on their server. However, exactly the same rule works in another environment. Has anyone encountered similar issue. Is this a technology patch issue or am I missing something
|
|
|
|
4 |
1572 |
by Al04/19/2011 7:27 AM |
|
5 Replies and 4286 Views
Securing Portal Drill around 4286 5
Started by msjmg111
We would like to remove access to the drill around button on a form in portal.&160; First, is that possible in LS9&160; We are trying to secure ESS and found an issue where a user was able to get access to other people data by drilling on the employee number.&160; We are working to close that hole, but it led to a discussion on the possibility of removing their ability to even select drill around.&160; Can anyone help me with this
|
|
|
|
5 |
4286 |
by msjmg11104/13/2011 12:55 PM |
|
0 Replies and 1467 Views
hard coding generic user id and password for auto log-in 1467 0
Started by Jess O.
I need to set up a screen that users can access without logging in. This screen would use data transactions (dme) to display non-confidential information. I am trying to figure out a way to pass in a hard coded user id and password (this would be the same user/password for everyone that accesses the screen) then perform the data transaction. Does anyone know of a way to do this
I have tried using jsp and the lhc.jar but am running into a “HTTP Error 405 - The HTTP verb used to a...
|
|
|
|
0 |
1467 |
04/12/2011 6:03 PM |
|
5 Replies and 1969 Views
Mass Load Roles 1969 5
Started by Jose
Hello,
I am trying to figure out how to mass load roles to each ESS users. Going to each user and adding these roles is very time consuming and was in search of finding a faster way of doing this task.
Also, is there a way to have roles, prodline, and CheckLS set as a template so when a new user is added, we dont have to bother with adding roles, prodline, checkLS.
|
|
|
|
5 |
1969 |
by JeffR04/12/2011 5:31 PM |
|
2 Replies and 1635 Views
getDBField question 1635 2
Started by Al
We have some user fields in the Billing and AP modules where staff is entering numeric client ID’s for one of our divisions. Problem is we have run into a data quality issue where users are entering invalid ID’s. I want security to allow form change action only if the user field is blank or if the value in the user field matches a valid client ID.
The data entered into those user fields should match a valid client ID in a custom Lawson table we have created called ...
|
|
|
|
2 |
1635 |
by Al04/04/2011 7:45 AM |
|
5 Replies and 3148 Views
Company/Accounting Unit Level Security 3148 5
Started by terrig
I am fairly new to Lawson Security and we have received a request to set up an additional level of security in HR11.
We would like to be able to set controls at the Company/Accounting Unit level. We have several companies and within each of those we can have the same Accounting Unit number. I have not been able to find anything on how to utilize the combination
Example:
Co 100 AU 4350
Co 300 AU 4350
Co 870 AU 4350
Any suggestions would be appreciated.
|
|
|
|
5 |
3148 |
by Jesse04/01/2011 12:13 PM |
|
2 Replies and 1484 Views
Add new Securable Type for Executables 1484 2
Started by Roger French
I have a requirement where I need to add a new Securable Type within Security Administrator. For example in the ENV profile, I see a Class called TransITools, with rules which secure environment executables such as listed under the System Administration: appinst, autoinst, and so on.
I want to add a brand new tree under the Securable Types/Executibles called 'Custom Scripts' for example, along with existing (custom) scripts or html files located on Lawson. Then of course, I want to have the a...
|
|
|
|
2 |
1484 |
by Roger French03/29/2011 11:55 AM |
|
1 Replies and 1427 Views
Dump Groups from RM 1427 1
Started by msjmg111
I'm creating a new LSF environment and need to dump and load GROUPDATA. Can someone tell me where are groups stored
|
|
|
|
1 |
1427 |
by Kwane McNeal03/27/2011 1:54 PM |
|
5 Replies and 2092 Views
LS Security with HR11 Drill Around- wait time 2092 5
Started by ThomasT
I'm relatively new to LS Security and I'm building a new security class for HR users so that they can only see employees with the same user level. I built a new attribute in RM called 'UserLevel'.
I've read many of the postings regarding LS security so I'm familiar with some of the solutions.
I've also read the security manuals too.
I built a new ElementGroup called 'COUL' which contains Company and User Level
Here is the rule of the element group 'COUL' on the new Security class...
|
|
|
|
5 |
2092 |
by Roger French03/18/2011 11:06 AM |
|
3 Replies and 2459 Views
GetDBField 2459 3
Started by Jay2
I am trying to secure AP90.3 using the following rule:
isElementGrpAccessible('EGProcLevelAP','','AP',getDBField('APINVOICE','PROC-LEVEL',form.API_COMPANY,form.API_VOUCHER_NBR))
When I check the log it shows that it is not returning the PROC-LEVEL value:
2011-02-28 15:08:06 com.lawson.lawsec.default.FINEST com.lawson.lawsec.author.runtime.JSRMFactory.getDBField()()
input parameters:
userId=Jeremy.Test
dataSource=INTTEST
tableName=APINVOICE
fieldName=PROC-LEVEL
keys=10, 174785,
...
|
|
|
|
3 |
2459 |
by Jay203/01/2011 11:37 AM |
|
11 Replies and 3249 Views
Process Level Security and ESS Pay 3249 11
Started by KerriR
We have LS set up to restrict user's access (those who have access to more than just EMSS) based on Process Level using the element group PROCLEVEL. The problem arises when an employee, who used to be in process level ABC, transfers to a new job and is now in process level DEF. With this transfer, her access also changes and she is now restricted to process level DEF. When she goes into ESS to look at her pay checks, her old pay checks are not visi...
|
|
|
|
11 |
3249 |
by KerriR02/23/2011 4:17 PM |
|
6 Replies and 4366 Views
LS9 Default Roles VS Lawson Security Accelerator Roles 4366 6
Started by JimIII
We are new to Lawson with a go live date of early July. My question is: What are the default security roles that LS9 provides and are the practical to use for a 3500 employee company, Self Service, HR, Materials, Finance Or, would it be quicker and easier to set up with the Security Accelerator that we could purchase that my trainer in MN told us about, and what roles are included with it We had a crash course of 4 days and it seems that this could take quite a long time to setup and have it w...
|
|
|
|
6 |
4366 |
by Guy Henson02/23/2011 12:00 PM |
|
4 Replies and 1284 Views
Inquiry Access for roles during a specific time 1284 4
Started by Jose
Hello,
I have been approached to basically locked down anyone in HR during a certain time once every other week to avoid having any changes occur when payroll is processing. I'm quite new to security using LSF9 and just think there has to be a simple way of doing this. Any ideas anyone
|
|
|
|
4 |
1284 |
by Jose02/16/2011 8:32 PM |
|
2 Replies and 1364 Views
Duplicating Data Level Security in LS for Co / AcctUnit 1364 2
Started by Jake Miller
In LAUA we use the Data Level Security (Company and Process Level) to specify Company ranges and Accounting Unit ranges for Financials security. It works great. Now, I need to duplicate this setup in LS.
According to Lawson, the only way to secure FB40.1 (Budget Journal Entry) to a specific Company and AcctUnit is to apply conditional statements to the form detail line fields. Element Groups only validate the first line and invalidate Next or Previous actions if the fi...
|
|
|
|
2 |
1364 |
by Jake Miller02/04/2011 12:41 PM |
|
6 Replies and 1965 Views
Copy users to new environment 1965 6
Started by JohnO
We are running in windows and using ADAM as our ldap and I need to copy all the users from my existing production environment of 9.0.0.8 to our new 9.0.1.7 environment. Does anyone know how this can be accomplished The new 9.0.1 environment is on 2008 server with ADLDS and the old 9.0.0.8 environment is on 2003 server with MSADAM. I have over 1100 users and we can not just recreate all of them in the new environment. Any help you can provide would be great.
|
|
|
|
6 |
1965 |
by JohnO01/26/2011 4:00 PM |
|
20 Replies and 8829 Views
LSF9 security, ESS, search box and restricting Drill Around 8829 20
Started by Elizabeth Ardito
We are implementing LSF9 security with the goal to have one user id for each employee.&160; If an employee has application access then through portal they will have a search box.&160; We are attempting to limit access to HR/PR and remove drill around access.&160; I have gotten this to work with the exception of the Wage Analysis drill around.&160; I have placed conditional security on the Employee table as a whole and have deny all access to all the salary fields and the Wage Anaylsis still ...
|
|
|
|
20 |
8829 |
by Jose01/24/2011 4:10 PM |
|
1 Replies and 1076 Views
LSF9 Sub Administrators 1076 1
Started by Greg Moeller
Hi, all!
We have a need to create sub-administrators to just have limited access to LSA. Both the class that I took and the manuals mention creating sub-administrators, but neither of them go into ANY detail about doing so.
I'm mostly interested to create sub administrators to assign groups and roles to already created users. That is it! Can anyone point me in the general correct direction
Thanks in advance,
-Greg
|
|
|
|
1 |
1076 |
by Greg Moeller01/10/2011 2:16 PM |
|
14 Replies and 7632 Views
LDAP Bind to new domain controller 7632 14
Started by Wade-T
We have a couple of domain controllers and Lawson isbound to one of them. This controller keeps failing and crashing and needs to be replaced.&160; I asked Lawson where thedocumentation was for changing my LDAPbind and they stated I needed to contact Professional services.
How difficult is it to do Do I really need to spend $2**/hr with them WouldI be better off with someone like Ciber or Absolute (not a partner, but half the price and no issues when we used them in the past. Go Todd!)
Two ...
|
|
|
|
14 |
7632 |
by Wade-T01/04/2011 4:23 PM |
|
2 Replies and 3490 Views
Security violation on available programs 3490 2
Started by Deleted User
We have a strange issue occuring in production. Our payroll users reported security violations when attempting to view alternative rates (HR14.1) from the HR11 screen. The same users reported that some of the team members can run PR260 other team members with an identical security role recieve a security violation. Strange! The lawson security object and user object report shows that the payroll team should have access to HR14 and PR260.
It could be coincidence but I ran an ...
|
|
|
|
2 |
3490 |
by Lynn01/01/2011 5:40 PM |
|
3 Replies and 1581 Views
View only security 1581 3
Started by Deleted User
We have implemented Lawson HR/Payroll/TA and are using LS9 security. What is the easiest way to implement view only access to all the screens for audit purposes. I am trying to figure out a quick way to do this without have to create a security class for all the screens.
Thanks,
Usha
|
|
|
|
3 |
1581 |
by Jimmy Chiu12/21/2010 12:42 PM |
|
6 Replies and 3983 Views
LSF9 - Strange issue with AC10.1 after going to 9.0.1.4 portal 3983 6
Started by alincoln
This one is a stumper for me, hoping someone else has seen this.
For any of our LSF9 users, any time they go to AC10.1, they receive the following error:
&160;com.lawson.ios.agent.SystemRuntimeException: 2009-07-22 09:18:27 : INCIDENT_ID1248275907899-0009 An error occurred outside of IOS while accessing Lawson Security
&160;at com.lawson.ios.security.ls.LsSecurityRuntime.isTokenSecured(LsSecurityRuntime.java:803)
This is just going to the program, not on inquire or anything else, ju...
|
|
|
|
6 |
3983 |
by Rhonda Cordes12/20/2010 11:16 AM |
|
2 Replies and 1312 Views
LDAP Failover/Loadbalancer 1312 2
Started by mark.cook
We are looking at implementing a solution for our LDAP that will failover or have a load balancer in place to avoid a single point of failure with 1 LDAP server.
Is anyone using a failover solution or load balancer How is it working for you and is there any issues that you ran into with setting this up
|
|
|
|
2 |
1312 |
by Jimmy Chiu12/13/2010 11:11 AM |
|
0 Replies and 1200 Views
CLASSDATASTRUCTURE and PROCLEVEL Security 1200 0
Started by mrdey
We created a CLASSDATASTRUCTURE to defice HR regions, then created the attribute 'Region' to assign to users.
Then we used 'PROCLEVEL' to define a conditional rule
if(isStructNodeTitleAbove('ClassDataStructure',PROCESS_LEVEL,user.getAttribute('Region')))
'ALL_ACCESS,'
else
'NO_ACCESS,'
yet in testing, they are getting full access to all the regions not what is defined in their attribute.
ANy advise would be greatly appreciated
|
|
|
|
0 |
1200 |
12/10/2010 10:00 AM |
|
0 Replies and 1446 Views
Loadusers to modify users RM data 1446 0
Started by mwilliamson
Our users currently have a numbered RM account and a named RM account, we are ready to move to the numbered account only so we need to add their named RM info to their numbered account, items such as groups, roles, change to checkLS yes, email, portalrole, workflow user if they are an WF approver, and also created their requester identity, they already have an employee identity. I have modified the ldusers.pl addiding the fields I need and the requester identity. I am receiving lots ...
|
|
|
|
0 |
1446 |
12/08/2010 1:30 PM |
|
0 Replies and 1288 Views
Securing Archive Audit button in Security Administrator 1288 0
Started by Rod
Does anyone know how to restrict access to the Archive Audit button on the Audit Logging page in Security Administrator
We have a sub-admin role that we created and restricts them from everything but creating/modifying users, but they still have access to archive the auditing.
I need to restrict them from having access to this function but I am unable to find any securable object to remove their access away from.
The role has inquiry access to the Server page only and this still ...
|
|
|
|
0 |
1288 |
11/30/2010 11:09 AM |
|
3 Replies and 2104 Views
Asset Management data security 2104 3
Started by wintergreen
We used to have only one person taking care of Asset Management. Recently, we assign 2 people to process the AM and want to setup the data security, so that users can only access their own data. I wonder if AM has similar process levels to limit users to access data For example AM20, AM30, AM40, users can only add, transfer or dispose an asset in their own book (defined in the AM00). Do I need to find out which field I nee...
|
|
|
|
3 |
2104 |
by wintergreen11/09/2010 9:47 AM |
|
3 Replies and 1528 Views
Removing users with Requester Identity 1528 3
Started by msjmg111
We need to clean up(delete) a large number of users with a Requester Identity and am looking for a simple, one time method of removal. I do not want to delete the user, just the Identity. Any advice on this topic would be appreciated.
|
|
|
|
3 |
1528 |
by Nick11/04/2010 5:49 PM |
|
1 Replies and 1442 Views
Add user in usergrpdef programmatically 1442 1
Started by Nirav Bhatt
We can add new user in user group definition manually using usergrpdef command. Does anyone know how can we add user programmatically in user group definition either through command line or through process flow
|
|
|
|
1 |
1442 |
by Zeke11/03/2010 11:29 AM |
|
1 Replies and 1467 Views
Security Can getdbfields access a field in a related table? 1467 1
Started by Anne
I'm using this code to try to get the job class and it's not working. Do I have the right syntax for the related field Do I have to do 2 nested queries to achieve this
if(trim(getDBField('EMPLOYEE','JOB-CODE.JOB-CLASS',form.REV_COMPANY,form.REV_EMPLOYEE))=='DIR')
'NO_ACCESS,'
else
'ALL_ACCESS,'
|
|
|
|
1 |
1467 |
by John Henley11/01/2010 3:23 PM |
|
0 Replies and 1222 Views
Security rule to compare system date to a stored date 1222 0
Started by ThomasT
I want to write a rule in Security Administrator which compares the current system date to the HIRE DATE from 'EMPLOYEE' table.
I've tried various combinations of the rule functions but cannot get it. I know that the system date is stored in one format and the stored dates within the tables is in another format.
Does anyone have any example of a rule they have used to write to compare the system date to a stored date (within any table) T
Thank you ,
Thomas
|
|
|
|
0 |
1222 |
10/25/2010 1:05 PM |
|
1 Replies and 1820 Views
LSF9 security by process level AND security location - is it possible 1820 1
Started by RachelM
We have been able to secure LSF9 using the element groups using either process-level or sec-location but not both; roughly what we're looking to do is ((process-level = 'X' and sec-location = 'Y') OR (process-level = 'Z')). Is that even possible using element groups Thanks.
|
|
|
|
1 |
1820 |
by Jimmy Chiu10/25/2010 10:47 AM |
|
6 Replies and 1497 Views
getEmployeeId fails (return empty string) 1497 6
Started by Dave Amen
To all,
Has anyone run into this error
I have a simple rule to match the employee number on the screen with the employee number in their Identity using getEmployeeId(), but Inquiry in the screen returns a security violation, and puts this into the lase_server log file:
2010-10-05 09:34:33 com.lawson.lawsec.default.FINEST com.lawson.lawsec.author.runtime.JSUser.getEmployeeId()() function return empty string
Any thoughts or suggestions are much appreciated!
Best regards,
Dave
(303) 773-353...
|
|
|
|
6 |
1497 |
by Dave Amen10/21/2010 6:07 PM |
|
2 Replies and 1877 Views
Online Benefits Enrollment Security Violation 1877 2
Started by This_Guy
I have implemented Role Based Security (Check LS = Y) for our MSS/ES users combining the funtionality of both. However, when a user with both roles tries to go thru Benefits Open Enrollment they are receiving the 'Security Violation' message... I can't figure out. I have granted access to BN tables i thought would fix it...
Any ideas which forms/tables need to be included to go thru the Open Enrollment
|
|
|
|
2 |
1877 |
by This_Guy10/18/2010 2:54 PM |
|
0 Replies and 1154 Views
LAUA security - not allow Emp to change their own timerecord 1154 0
Started by D Duke
We are not going to the new LSF 9 security until next year. If anyone can remember LAUA security, we are trying to prevent a payroll clerk entering timerecords on PR36 fromchanging their own timerecords. Has anyone done this (in the past) and can you remember what you did
|
|
|
|
0 |
1154 |
10/18/2010 9:24 AM |
|
32 Replies and 17927 Views
Mass Deleting Users in LSF 9 17927 32
Started by Ellen Melton
Has anyone found a way to mass delete users in LSF 9 - kinda the reverse of loadusers
Our migration of users from 8.0 to LSF9 was a total mess. I'd like to basically start over for about 90 of our users. I've got the loaduser xml ready but I know it will fail because the existing users are tied to the SSOP identities that I'll be trying to load - hence I need to delete all the existing RMIDs.
Any methods other than manually doing all 5500 one-by-one
|
|
|
|
32 |
17927 |
by Ellen Melton10/15/2010 2:21 PM |
|
1 Replies and 1875 Views
Process Level Security 1875 1
Started by Kyle Gray
I am trying to use a Process Level Security class to globally secure data by process level.&160; The formula I have written verifies in the build screens but when I apply the security class against the user I am unable to select any records on the HR11 when in fact I should have about 250 records to choose from.&160; I using the RM attribute, ProcessLevelControl (lawson delivered, as multi-attribute).&160; Below is the formula,
if((SystemCode=='HR'||'PR'||'BN'||'PA'||'LP')&&(COMPANY=...
|
|
|
|
1 |
1875 |
by Jimmy Chiu10/12/2010 11:15 AM |
|
1 Replies and 1170 Views
Security Reports 1170 1
Started by Ruma Malhotra
Is there a way to get by systemcode , the ids attached, their security class and the actions for every form in Lawson under the system code as a report.
Has anyone been able to write or get a custom report and are willing to share
&160;
|
|
|
|
1 |
1170 |
by Joe10/11/2010 8:09 PM |
|
5 Replies and 3864 Views
Define element group 3864 5
Started by wintergreen
I created a&160; security class and use the element group(which was delivered by Lawson)&160;to control data security globally for all forms and files from Roles assgined to the user.&160; It is like this:
PrimaryDataControl Class:
Element groups - PROCLEVEL (Lawson delivered)
if(user.attributeContains('PrimaryLevel',PROCESS_LEVEL))
&160;&160; 'ALL_ACCESS,'
else
&160;&160; if(user.attributeContains('PrimaryLevel',subString(PROCESS_LEVEL,0,3)))
&160;&160; 'ALL_ACCESS,'
else
&16...
|
|
|
|
5 |
3864 |
by Jimmy Chiu10/08/2010 2:30 PM |
|
1 Replies and 1288 Views
Security Class 1288 1
Started by Jay2
In this system, I have adopted, there is a security case on our production server called PRODALLACCESS.&160; This class grants All Access to the following:
Online: All the system codes listed (AR,&160;AC, CB, GL etc...)&160;but it does not give specific access to the tokes within.
Securable Type: Form, Program, Table
Data Source: GEN, LOGAN, PROD
Can anyone tell me exactly what the purpose of this class would be&160; seems strange if it was giving access to the whole product line I woul...
|
|
|
|
1 |
1288 |
by Jimmy Chiu10/07/2010 11:15 AM |
|
|
18 |
4482 |
by Kwane McNeal10/01/2010 9:09 AM |
|
4 Replies and 1281 Views
Password change date 1281 4
Started by Jay2
Where does Lawson store the date of the last password change for a user
|
|
|
|
4 |
1281 |
by Kwane McNeal10/01/2010 9:06 AM |
|
1 Replies and 2819 Views
LS9 and cnvtape 2819 1
Started by Dave Amen
In the Lawson Security ENV profile you find these:
- rptgen.exe is in Development Tools
- cnvexp is in Delivery Tokens
- cnvimp is in Delivery Tokens
&160;- cnvtape should appear in Translation Tools
When cnvtape exists in $GENDIR/bin but doesn't appear in the LS9 Security Administrator's 'Translation Tools' (or any other grouping of executables in ENV), does anyone know how to make it appear&160;
Best regards,
Dave
(303) 900-AMEN
|
|
|
|
1 |
2819 |
by Dave Amen09/30/2010 5:47 PM |
|
2 Replies and 1501 Views
Security Config Portal 1501 2
Started by Scott Krueger
We have users who use Portal at the office during the day. These users are Back Office users and they run Payroll and do HR stuff. How can we stop these users from accessing the standard Portal from outside the office and only allow them access to the ESS Can we do this by Port they are using or by IP.
|
|
|
|
2 |
1501 |
by Dave Amen09/28/2010 1:49 PM |
|
0 Replies and 1188 Views
Securing mouseover messages in RSS 1188 0
Started by Roger French
Does anyone have a good method of securing the onmouseover events/messages within RSS I have secured buyers from the ability to actually Checkout, but that has also prevented the mouseover messages from appearing too. When the mouse cursor is put over the requisition information in the checkout list, I DO want the ability to see the messages, but I do NOT want the ability to actually checkout the requisition. Does anyone know how the mouseover messages are secured Thank you, Roger
|
|
|
|
0 |
1188 |
09/24/2010 10:28 AM |
|
1 Replies and 1355 Views
HR Security 1355 1
Started by Jimmy Chiu
I have pay information defined in HR10 as SEC_LVL 1 When I go in HR11. Only SEC_LVL 1 users can see the pay info. However, SEC_LVL 2-9 users can drill down on HR11 and still able to see the pay info. What am I missing
|
|
|
|
1 |
1355 |
by Jimmy Chiu09/22/2010 12:17 PM |
|
2 Replies and 6146 Views
Auditing? 6146 2
Started by MattD
Howdy Gurus, Any ideas on ways to audit user activity I have discussed this with Lawson and they can only audit activity in the LSA tool. I want to audit actual users of the system. Any ideas on Lawson functionality or custom processes to audit this kind of activity. I would like to know of what your companies due to handle this or if there is just not a need for it. Many thanks for any replies. Matt
|
|
|
|
2 |
6146 |
by Dave Amen09/16/2010 7:25 PM |
|
|
3 |
1404 |
by Nick09/10/2010 5:50 PM |
|
2 Replies and 3336 Views
Different SOD scenarios for Finance and HR/PR 3336 2
Started by subba
We are planning to install LSF9.0 if any one can you provide different SOD scenarios for LAWSON Finance and HR/PR before creating roles/rules we need review those
|
|
|
|
2 |
3336 |
by Dave Amen09/02/2010 10:59 AM |
|
3 Replies and 1494 Views
GL90 Drill to payments 1494 3
Started by Margie Gyurisin
We are creating a new role for someone to be able to drill back to payment information from the GL90. We have been able to get the payments to appear, but they can not see employee names. We have given them PR51 form access and they can see names on that form but they can not select an employee from the search box We have given them acces to all the tables that the PR51 references - EMPLOYEE, PRSYSTEM, PAYMASTR, PRTIME etc. Do we need to add some invoked program If so, which one(s)...
|
|
|
|
3 |
1494 |
by John Henley09/02/2010 10:26 AM |
|
3 Replies and 1455 Views
pr260 remove bank info 1455 3
Started by Deleted User
I'm trying to remove bank info from a security class that can run the pr260 Payment Detail report. I've removed the fields/tables in security laua that houses the bank info for the PR area...but it is still showing up on the report.
I would have thought that this would surely do the trick.
|
|
|
|
3 |
1455 |
by Margie Gyurisin08/27/2010 3:43 PM |
|
1 Replies and 3028 Views
dme call Security Error in custom table 3028 1
Started by Lorena
Hi, We are using LSF9 for ESS. I created some custom htm page that display and update data in a custom file. I also created a custom 4GL program to view and update the table. The Security officer gave me access to the new table. I can look at the file and updated using my custom 4GL program however I can not do dme calls on that table and I can not query the table using Crystal reports. It looks like it is only related with dme calls. Here is the error saying that the Table data is...
|
|
|
|
1 |
3028 |
by Ragu Raghavan08/20/2010 10:30 PM |
|
10 Replies and 1887 Views
LS9 ESS security and Servlet calls 1887 10
Started by Lien
Hi, we are on LS9 and came across an issue where an ESS employee can view another employee’s personal information through a servlet call. The employee uses a debugging tool to get the URL then substitute their employee ID with someone else’s. We’ve tried to lock down all the HR, PA, PR, etc. related tables and forms with conditional rules. But we are still able to return sensitive data using the servlet call. Tried with this rule: if(user.getCompany()==table.COMPANY&&user.getEmployeeId(...
|
|
|
|
10 |
1887 |
by Lien08/20/2010 9:28 AM |
|
2 Replies and 1573 Views
Dumb question 1573 2
Started by This_Guy
If there is such a thing...But, I can't figure this out. We are implementing RoleBased Security (Check LS = Y) for Ess/Mss for portal and one thing I cant seem to get to work for Manager Self-Service is the Drill on Employee Information piece in the Direct Reports listing. Basically, I just want to get rid of some of the links in that Employee Drill Menu: Current YEar Earnings, Deductions by Quarter, etc... We dont need managers to see this stuff, and I have resticted access to the files...
|
|
|
|
2 |
1573 |
by Arvin Ojales08/17/2010 6:49 PM |
|
9 Replies and 2434 Views
Mass Assignment in RM 2434 9
Started by TBonney
Is there a tool that can be used to remove a role from multiple profiles at the same time, such as you you would apply it to multiple roles simultaneously using Mass Assignment in Resource Administrator We have a role that we'd like to remove from several hundred user profiles, but leave all other roles on those profiles in place. Has anyone else encountered this situation and know of a way to accomplish this Thank you.
|
|
|
|
9 |
2434 |
by John Henley08/13/2010 3:26 PM |
|
3 Replies and 1470 Views
Clean up of user accounts 1470 3
Started by Jay2
I am looking to get rid of user accounts, on my development box, that have not accessed the system in 6 months. Is there a place where the last access date is stored If not, any other ideas
|
|
|
|
3 |
1470 |
by Marc Burnes07/28/2010 2:30 PM |
|
6 Replies and 1888 Views
user reports 1888 6
Started by Jay2
Does Lawson store the user creation date somewhere I need a user report with date the user was created. Any ideas
|
|
|
|
6 |
1888 |
by Jay207/22/2010 8:50 AM |
|
0 Replies and 1211 Views
Report listing RM groups and users 1211 0
Started by Ellen Melton
Maybe I'm missing it somewhere.... Is there a report I can run that will list each RM group and the users assigned to that group
|
|
|
|
0 |
1211 |
07/21/2010 10:31 AM |
|
4 Replies and 2108 Views
Delete Update jobs 2108 4
Started by Greg Moeller
Is there a way to restrict the jobschd listing to only allow deletes of non-update jobs in the new Lawson security, or is that already built in&160;
Looking at the security class, I only see All_Access or No_Access on the jobschd utility.
|
|
|
|
4 |
2108 |
by Greg Moeller07/19/2010 12:35 PM |
|
0 Replies and 1129 Views
Removing a Role from Multiple User Profiles in LSF9 1129 0
Started by TBonney
Does anyone have a way that a particular role can bve removed from multiple user profiles, removing only that role and leaving any otehrs they have in tact We had created a role and applied it to all users a while back. Now we've determined that role is no longer necessary and would like to reomve it from all users. Has anyone ever made this change, en-masse, for all users Thank you.
|
|
|
|
0 |
1129 |
07/09/2010 11:49 AM |
|
0 Replies and 1112 Views
Conditional Rule using getSystemDate() 1112 0
Started by Roger French
Hello all, Trying to create a conditional rule within LSF9 security. I want to do something only if the the System Date is within two other dates on another screen such as the BS01 (a date range). But I can't seem to get the getSystemDate() function within the rule editor to work. Does anyone know the actual format of the returned date by using getSystemDate(yyyyMMdd) I have tried it and it seems to not be returning a correct date in the same format (yyyyMMdd). It seems to be retu...
|
|
|
|
0 |
1112 |
07/07/2010 2:51 PM |
|
1 Replies and 3054 Views
Tokendef - Shell Script Error 3054 1
Started by trueblueg8tor
My company is on LSF AIX environment with 8.03 Apps and Security. I created a couple of simple shell scripts and then used tokendef to define them as forms. After I created the job using jobdef, I tried to run submit the job from portal but got a 'Job Queue is Secured' violation. I took a look at the permissions of the actual scripts and they all have read-write-execute permissions for the user I logged in with into portal. Any ideas
|
|
|
|
1 |
3054 |
by MattD06/30/2010 2:33 PM |
|
3 Replies and 10887 Views
9.0 LAUA -a (Windows/AD) 10887 3
Started by Roger French
Ok,
Have discovered that a new option for laua on a Windows/AD platform.
There is an issue if using the AD with Windows, and *not* being able to see users who were added to a global group within AD, in LAUA. (The KB Article is 100688.)
So if I tried to add a new user to Lawson, first add them to a global user group in AD. Then synch up with the Lawson app server (where the environment is at).
(So, this next part I am asking if others have seen this, or if this is t...
|
|
|
|
3 |
10887 |
by RMc06/29/2010 11:07 AM |
|
5 Replies and 1595 Views
Writing rules on Table files 1595 5
Started by RobertL
Anyone knows how to write conditional rule access for Currency Code table file This is the CUCODES table file under IF system code in the Securable Type Files. I have a Currency Code Form CU01.1 and want to write a rule to block user access so that they cannot add or change currency code. I set the Unconditional Access for Action to 'I' for CUCODES under IF system code in the Files level (not Online), but it is not working; user can still add/change a new currency. I want to do this in th...
|
|
|
|
5 |
1595 |
by Dave Amen06/10/2010 7:36 PM |
|
1 Replies and 1123 Views
Internet Access into Lawson 1123 1
Started by LynnS
Not sure if posting in the right forum. My organization is implementing ESS/MSS and plans to open up Lawson access to outside Internet with SSL in place. Please share with me any info you have on the process to setup and any problems or red flags to look for. Thanks.
|
|
|
|
1 |
1123 |
by John Henley05/27/2010 10:16 AM |
|
1 Replies and 1239 Views
USERATTS 1239 1
Started by Deleted User
We have implemented LSF9. I'm working on Help Desk procedures for portal password resets. I'm told the only option is the Lawson Security Administrator. I'd rather not have to install that on the Help Desk PCs. I'd much rather create a web or shell script but I'm told it can't be done. I've thought about writing my own web to talk to LDAP following the USERATTS script and the PWCHANGE design. Has anyone else faced this sort of thing
|
|
|
|
1 |
1239 |
by Brian Allen05/24/2010 8:42 AM |
|
1 Replies and 1199 Views
LSF9 Rule behind rule 1199 1
Started by Demichener
I recently added a new form (PR270) to an existing class. The form contains rules on form, company, department and employees. All the rules appear to add correctly, but when I deselected or reselect company from the edit view screen, an entirely different rule(from the same class) pops-up in the edit window. When tested through portal, the rule works. The IOS log shows no errors. I've gone back and validated all the rules in the class and have rebuilt the entire class(on DEV in 2 PL’s and al...
|
|
|
|
1 |
1199 |
by Demichener05/19/2010 2:31 PM |
|
4 Replies and 1790 Views
I/O Error in Security Administrator 1790 4
Started by Jay2
This issue is within the forms security. If I try to edit a rule on a form or create a new rule on a form everything works fine I see the message: Data Initialization Complete But whenever trying to create a new rule or edit a rule in the DTO section of a form I get the following error: I/O Error, Initialization data was not retrieved from the server. I am running 9.0.1.5.411 This is leaving a huge security hole in my system if these rules are not being read by the software.
|
|
|
|
4 |
1790 |
by Jay205/17/2010 3:31 PM |
|
5 Replies and 2494 Views
Setting Up Security Rules 2494 5
Started by Shane Jones
I am creating Security and have found that if I need conditions or unconditional features in the security I have to set this up for each form individually. This will take hours to configure one group. Anyone have shortcuts to setup security rules
|
|
|
|
5 |
2494 |
by Shane Jones05/13/2010 10:29 PM |
|
1 Replies and 1395 Views
In S3, can FC codes be limited? 1395 1
Started by BrianB
Hi, thank you for reading. If i have a function code and I want to only allow say Change and Delete but not back out (as in the case of AC45.1) can I restrict to that level I've tried specifying it when creating the rule, at the unconditional access and am not having any luck. Is it pretty much you either have access to it or you don't Thanks again
|
|
|
|
1 |
1395 |
by Jimmy Chiu04/30/2010 1:57 PM |
|
3 Replies and 1348 Views
DTO Security not working 1348 3
Started by Jay2
Did anyone else have issues with rules created under the DTO section of a form after upgrading to ESP5 All of the sudden users were getting security violations due to the DTO security not being evaluated correctly. Lawson has opened JT135185 to create a fix.
|
|
|
|
3 |
1348 |
by Jay204/27/2010 2:29 PM |
|
8 Replies and 1483 Views
Button Security 1483 8
Started by Jay2
We have just upgraded to ESP5 Now when users go to Form AP10.1 they see new buttons on the screen. Customer(AP10.4), Approval(AP10.7), Xref Vendors(AP15.1) Users do not have access to these forms that the buttons are pointing to. Previous to this we were on ESP3. I thought that if users did not have specific access to these forms the buttons would not show up on AP10.1 Did this change in ESP4 or ESP5 How do I prevent the users from seeing these buttons now
|
|
|
|
8 |
1483 |
by Jay204/27/2010 1:47 PM |
|
|
6 |
1487 |
by Greg Moeller04/27/2010 11:53 AM |
|
0 Replies and 1312 Views
Could Element Groups speed up driill filtering??? 1312 0
Started by BrianB
I'm securing activities. The logic I am using follows: 1. Check to make sure that ACACTIVITY.VAR_LEVELS isn't blank. If blank ('') then NO ACCESS...Else 2. Look at a user attribute for company, it matches positions wxyz in the VAR_LEVELS <Meaning the person has company wide access> Grant All. 3. Look at another user attribute, compare it against a structure set up in RM (using getStructNodeAbove) to look for a unique code, and if that name or code matches what is in the user at...
|
|
|
|
0 |
1312 |
04/22/2010 3:59 PM |
|
6 Replies and 2043 Views
Referencing a Multi-Valued attribute 2043 6
Started by BrianB
We have set up (in Schema Editor) a multi-valued variable. We want to restrict drill access and essentially deny access to any that don't have a corresponding value. The problem is this: When we reference the variable and do a compare, the system only restricts based on the first number in the list. I tried referencing it as if it were an array (with a value in paranthesis representing the index order), but that didn't work. If we had 20 different values in there, how do I get my rule t...
|
|
|
|
6 |
2043 |
by BrianB04/22/2010 3:51 PM |
|
1 Replies and 4229 Views
LS Report to see user access to forms, classes, and roles 4229 1
Started by RobertL
In Lawson Security I want to run a report to see what access of forms, security classes and roles each user has, and import the report into a database. How So far I have found only Role-Security Class Report when I select Report Maintenance in LS but the report only shows classes and roles relationship but does not include the users. Any other options, e.g. using Crystal Report Appreciate any feedback/information. Thanks.
|
|
|
|
1 |
4229 |
by Dave Amen04/22/2010 2:13 PM |
|
3 Replies and 1910 Views
LSF Security & inbasket Display Exec problems 1910 3
Started by Anthony Benitez
We are in the final preparations for migrating from LAUA security to LSF security and have run into the following problem/error for viewing work unit details in an approver inbasket ... 'Lawson security users not supported in dme.exe'. The error is related to the scripting in the Display Exec 'jobreq.htm' file. Has anyone run into this problem and resolved successfully Lawson's article 5103245 details the issue but doesn't offer a resolution. Any assistance is appreciated! Thanks.
|
|
|
|
3 |
1910 |
by John Henley04/19/2010 1:49 PM |
|
2 Replies and 1222 Views
Securing Report/Update Parameter? 1222 2
Started by Dave Amen
For batch programs that have a Report-only mode and an Update mode (MM180, for example), is there a way using Lawson Security to restrict users to using only the Report mode These users still need to change the other parameters, submit the job and view the report, but we'd like to lock down the Report/Update flag.
|
|
|
|
2 |
1222 |
by Dave Amen04/17/2010 7:43 PM |
|
2 Replies and 1401 Views
Locating user IDs & Passwords from LDAP 1401 2
Started by TBonney
We run Lawson Security 9.0, Environment 9.0.0.7 and Apps 9.0/MSP5 on a Windows box and use ADAM. But, we are not LDAP bound. Including ESS-only users, we have about 4000-4500 users. We get several calls/emails regarding lost or forgotten user ids or passwords daily. Our current process is basically to simply reset the passwords when this happens. Can anyone provide direction/instructions on how we can simply pull the information out of LDAP using Softerra LDAP Browser 6.2 so that we can si...
|
|
|
|
2 |
1401 |
by Alex Tsekhansky04/14/2010 9:00 AM |
|
3 Replies and 3435 Views
jobdef 3435 3
Started by Jay2
Please excuse my ignorance as I am new to Lawson and self-taught. I am the security admin for our ERP system. I have been asked to give access to a job that has been created through jobdef. My understanding is, to give access of others you would need to copy this job to these users or give them access to the password of the current user. Is there also a way to give them access through USERGRPDEF Are there other security concerns when dealing with jobs created in jobdef I am assumin...
|
|
|
|
3 |
3435 |
by Demichener04/13/2010 11:17 AM |
|
7 Replies and 3357 Views
LSF9/LS/ESS 3357 7
Started by Jimmy Chiu
I am creating a new ESS security class since the lawson delivered ESS templates don't work. I have assigned the rules according to the Employee Self-Service Technical documentation. I keep getting this error when I do a pay check inquiry and here is the log from fiddler: Caused by: com.lawson.lawsec.author.runtime.LawsonSecurityException:Exception while checking security on token EMPLOYEE for user <myuser's sso login name>. Message: org.mozilla.javascript.WrappedException: Wrapped com.l...
|
|
|
|
7 |
3357 |
by Jimmy Chiu04/12/2010 8:07 AM |
|
10 Replies and 1920 Views
Security Module Crashes 1920 10
Started by Brian Allen
We are having an issue with out of memory errors from the Lawson Security module on Websphere. As we are increasing activity with the security implementation, the issue is causing the application server JVM to crash. Updates to user RM records are quick, but simple changes to security, such as adding 1 class to a role, is taking about 30 seconds. Adding several classes to a role can take up to 5 minutes or produce a timeout. Our ADAM server was spiking to 100 CPU utilization during updates ...
|
|
|
|
10 |
1920 |
by Brian Allen04/01/2010 9:16 AM |
|
2 Replies and 1828 Views
copy security role 1828 2
Started by RobertL
After I copied LS security from Production to Development, I found out I have the security roles but I don't see any security classes with the roles. Do I need to manually assign the classes to the roles in Development If there is a command to copy the security roles, please show me the command and syntax. Thanks.
|
|
|
|
2 |
1828 |
by MattD03/31/2010 1:48 PM |
|
2 Replies and 1293 Views
Moving users 1293 2
Started by RobertL
How can I move users from one server (Production environment) to another server (Development environment)
|
|
|
|
2 |
1293 |
by MattD03/29/2010 8:01 AM |
|
0 Replies and 1629 Views
SSOP_BIND Identiity 1629 0
Started by MattM
I have been playing with some ideas for alternate authentication methods when bound to a corporate LDAP.&160; I have tried a few things with the SSOP_BIND identity and not really made any progress.
How does Lawson use the SSOP_BIND identity for users&160; Why can you put a DN and password in it if the login for a user is not altered
If any of you GURUs out there have any insight I would really appreciate it.
|
|
|
|
0 |
1629 |
03/05/2010 11:26 AM |
|
0 Replies and 1346 Views
Lockdown Down HR/PR Reports - 1346 0
Started by GregSl
I want to lockdown the Reports for Employees in certain process levels, where Employee is selected with parameter for Process Level is blank using LSF9. I can restrict when selected with&160;Process Level&160;parm.&160;
I&160;have tried the Process Level elementgroup rule and
(isElementGrpAccessible('PROCLEVEL','','PR',Co_Value,ProcLvl_value),
with out success.
Any suggestions greatly appreciated.
|
|
|
|
0 |
1346 |
03/04/2010 5:24 PM |
|
2 Replies and 1475 Views
RM Security (LSF9) access 1475 2
Started by Tom Sinkula
Is&160;RM security (LSF9) embedded in the Lawson Applicaiton Database and can it be accessed via SQL, like other application tables
|
|
|
|
2 |
1475 |
by Tom Sinkula03/01/2010 2:44 PM |
|
8 Replies and 1620 Views
Drill around security for the General Ledger report. 1620 8
Started by Jay2
&160;
&160;
After a user submits a General ledger report, they are able to view it while in the print queue.
What particular files do they need access to in order for them to drill around the report while it is still in the print queue.
&160;
|
|
|
|
8 |
1620 |
by Jay202/25/2010 7:14 AM |
|
12 Replies and 2302 Views
LDAP bind - Java.lang.IndexOutOfBoundsException 2302 12
Started by MattM
I am attempting to run the ldapbind on a system and no matter what the credentials/parameters, the error 'java.lang.IndexOutOfBoundsException' is being generated.&160; The environment is 9.0.1.5 and is patched current today.&160; Running on AIX with a separate ADAM server.&160; Anyone seen this or do I have to dig through the code
|
|
|
|
12 |
2302 |
by MattM02/24/2010 2:50 PM |
|
3 Replies and 1855 Views
HR and PR duties segregated? 1855 3
Started by may
If you are trying to segregate the HR functions&160;from payroll functions&160;such&160;that&160;for example a user cannot create an employee and also process payroll&160;for them, I'm thinking the forms you don't want&160; the user to have are HR:&160;(forms HR.11.1 and PA52.1) and PR: (forms PR 30.1, PR32, PR33, PR35, PR36, PR37 and PR38). Can someone tell me if I'm I missing something
Thanks,
May
&160;
|
|
|
|
3 |
1855 |
by MattM02/24/2010 8:31 AM |