Forum: S3 Security

To join the discussion you need to register first. (Registration is free!) If you are already a registered user please login to join the discussion.
90 Subscribed to this forum
Page 24 of 25 << < 2122232425 > >>

Topics

Replies
Rating
Status
Views
Subscribers
Last Post

Lawson 9.0 Security    

Started By  Kate Liamero
I have 2 security classes assigned to a role in Lawson LSF 9.0 security. One class only allows access to all AP20 tokens and denies all other AP forms. The second class only allows access to MA64 tokens and denies all other MA forms. Both classes assigned to a role and to a user. When I login I can access all MA and AP forms. If I go back into the classes and explicity DENY ALL MA forms including the MA64 in the AP CLASS and explicity deny ALL AP forms includi...
4 14364 1
by  trueblueg8torJump to last post
5/1/2008 1:12 PM

Can't View Print Jobs    

Started By  msjmg111
I have a multi-step job defined with 2 steps, the first step is a ftp and the second runs hr511. I also have a distribution list set up on the hr511 step to distribute the report to a person still using the LAUA security and a person using the LS 9.0 security. The person with the LAUA security gets the report and can view it in their print manager, the other person with 9.0 gets the report but cannot see it in her print manager. So we know the distribution is correct, but something in 9.0 sec...
17 16927 2
by  trueblueg8torJump to last post
2/26/2008 1:34 AM

Lock pay field    

Started By  Deleted User
Hey, I'm looking to see if it is possible to lock the pay field so that you can't see it for just certain departments. Like say ER there is a sec class called eradmin. Lock the pay field for them so they can't see say erdirector but they can see every other class Is that possible or is it just a all or nothing Thanks Kevin
5 12717 1
by  kliveJump to last post
2/28/2008 9:07 PM

Restricting employee from seeing one dept    

Started By  psherry
The payroll manager wants her payroll clerks to see all employees except for employees with their departments. On example is I built a security class for Pay Modeling, so they have access to PR89.1. I wrote a conditional rule on the table Employee stating if table.department == 4710 no access else all access and that works on the selects but they can still enter the employee in the emp-employee field on the form. I been trying to write a conditional rule on the form to restrict employees in 471...
3 7296 1
by  psherryJump to last post
1/31/2008 8:20 PM

LS 9.0 not securing    

Started By  Roger French
I've got a user set up in 9.0 LS security (CheckLS flag = Y). User does not exist in laua. User has NO roles assigned to him. User can log into Portal ok; user has ESS and RSS bookmarks assigned to him ok. So, why can the user access every single screen (AP20, HR11, etc) in the search box User does NOT receive any security warning, and is able to look at all data. User can launch RSS and ESS with no problems or security warnings. I have reviewed a few times, and have cleared IOS cache...
2 4740 0
by  Roger FrenchJump to last post
1/29/2008 8:38 PM

Provisioning & Password syncronization    

Started By  Deleted User
I'm new to Lawson, and more experienced with the middleware that Lawson9 uses, (WAS, LDAP, etc) so need some assistance on a couple of issues. I'm using TAMeb (WebSEAL) to secure Lawson, however we would like to provision users using ITIM, or use IDI to syncronize the passwords between Lawson and TAM. However Lawson uses 'Bouncy Castle' to encrypt the passwords stored in the LDAP. It is responsible for encrypting the users password (using the selected algorithm) and storing it in the Law...
1 4762 1
by  trueblueg8torJump to last post
2/26/2008 1:29 AM

Bookmarks Missing for ESS Users    

Started By  trueblueg8tor
In our test Lsf environment some of our ESS users who have are being secured with 9.0 security are missing bookmarks. - They are a member of a bookmark group that has been granted access to the ESS bookmarks - They have a portal role where I've locked the ESS bookmarks (Subscription and Layout) - They all have an 'EssRole' that has a Security class that has a rule that grants access to the Logan productline. - My ESS id works fine but the only difference I can see is that I have an ...
7 8427 1
by  Joe O'TooleJump to last post
4/15/2008 1:36 PM

Copy RM Groups between LDAPs    

Started By  Ellen Melton
Is there a way to copy groups defined on RM Administrator between LDAP instances  I have my groups now defined in our Production box (going live in a couple weeks) and now want to setup the same groups in our Test box.  The lsdump/lsload doesn't appear to have a parameter for Groups, only Roles.  We are LSF 9.0.0.3 / UNIX / Tivoli.
3 4703 1
by  John HenleyJump to last post
2/12/2008 9:35 PM

Securing RSS...    

Started By  klive
Haven't seen much on this and I have tried several things thought someone here might be able to help...I want to be able to setup security for RSS to not allow requesters to approve their own requests...My thought was to attack this from the Approvers perspective...but since RSS doesn't give me forms and fields its a little difficult to determine where and what rules to write.  Any assistance would be greatly appreciated...
4 4273 0
by  kliveJump to last post
2/26/2008 8:18 PM

Securing MSS to see only their positions    

Started By  psherry
I wrote a rule on PAPOSITION  in LS9.0 if(trim(getDBField('EMPLOYEE','POSITION',user.getCompany(),user.getEmployeeId())) == table.SUPERVISOR)    'ALL_ACCESS,' else    'NO_ACCESS,' This does show only the positions that report to the supervisor in MSS but I can't figure out how I can also show the positions under employess who have their own direct reports. So a Director sees positions that report to him but doesn't see the manager positions. Wondered if anyone has tried this.   Thanks, P...
0 4642 0
3/4/2008 10:06 PM

Lawson Security before or after 9.0 apps?    

Started By  Ellen Melton
We just went live on LSF9 using LAUA and 803 apps.  I'm interested in recommendations on when to implement Lawson Security.  I was ready to start discussions on Lawson Security and looking for Lawson consulting help on the planning phase when my lead developer said everything she is hearing from our Lawson Project Manager indicates that it is best to wait until we are fully migrated to 9.0 applications before we even begin looking at Lawson Security. What are the pros/cons in waiting until we a...
4 4458 0
by  kliveJump to last post
3/10/2008 4:16 PM

Lawson 9 Security-Role does not recognize Rules    

Started By  GregSl
I came across a situation, when I set CheckLS='YES', the Role does not recognize the Rules to access the Company and Process Level, based on the element group. It gives access to everything ! Same thing happens,  if I deny access to HR system code, for the same Role. They work fine on LAUA with checkLS = 'No' When using LAUA it's easy to find exceptions from the ios.log. In the above situation, what are the logs I can check where the Role's permissions are located   Greatly appreciate your...
6 8827 2
by  trueblueg8torJump to last post
5/4/2008 2:54 PM

Automating authentication for DME calls    

Started By  Deleted User
I am looking to use DME to interface data out of Lawson to some non Lawson app. The issues is a need a to automate the authentication. Any ideas
2 5082 0
by  Deleted UserJump to last post
4/10/2008 2:16 PM

wiped out all security classes for all users on test!!    

Started By  Deleted User
On the test system, I removed the security class for ONE person and it removed it for ALL USERS...We can no longer log into the test system, since none of us have SECURITY CLASSES or ROLES, etc. Our network admin cannot even log on. This was on the test system and I think my downfall was when I did a control home on the users list to go to the top and it put signs to the left of each person...which I now recognize must have selected ALL users...when I went into the one user to remove her sec...
6 5252 1
by  Deleted UserJump to last post
4/8/2008 8:30 PM

Lawson Account can not log into portal    

Started By  John Crudele
We are using the LDAP bind. The only user we are having an issue with the the Lawson user. The error we receive when we log into portal is WARNING: LDAP authentication failed for user with dn 'CN=Lawson User,OU=Service Accounts,OU=Administrative Accounts,DC=endurancebermuda,DC=net'. Message: javax .naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID- 0C090334, comment: AcceptSecurityContext error, data 531, vece Any ideas would be appreciated   Thanks JC
3 7091 0
by  trueblueg8torJump to last post
4/24/2008 5:30 PM

ESS and LS9.0    

Started By  Deleted User
I would like to use LS 9.0 for users to access their ESS information. We have over 100 companies and need users to access their own ESS information.
13 7784 1
by  Deleted UserJump to last post
4/29/2008 7:50 PM

Password Recovery for ESS Users?    

Started By  Deleted User
For those who have implemented LSF90 ESS on Windows environment and ADAM - how do you take care of users forgotten password Do your users call your IT and let the IT folks reset and issue a temporary password or have you implemented a password recovery application that emails a password reset link to your users and let the users take care of resetting their own password Appreciate the insight.
9 5145 1
by  Deleted UserJump to last post
4/23/2008 5:30 PM

secload -m not merging and stoplase issues    

Started By  Joe O'Toole
I'm trying to merge some new security settings for HR into a Finance only LAUA security class. Per Lawson's documentation, I ran the secload -m and then ran a secinteg -V (no errors) then ran a bldsecdict -d (no errors). Did a stoplase / startlase and did a lawsec off / on. Went into LAUA and the security class does not show any of the new items merged. As a side note, every time I do a stoplase and startlase our job and printmgr security does not come back up properly - everyone can see other p...
0 5585 1
4/23/2008 6:44 PM

Hooray!    

Started By  trueblueg8tor
This has probably already been solved but I've been waiting so long for this I had to share it. Here is an example of a query you can use if you ever wondered what security classes have a form with certain function codes. (Note, obviously, this is intended for LSF environments where GEN is a relational db) Enjoy! --Tell Me Which Security Classes Have “A” AND “S” Function Codes for PO420 --All Security Classes Minus... SELECT DISTINCT SECCLASS FROM YOURSCHEMA.SECCLASS WHERE SECCLASS NOT ...
0 5200 0
4/23/2008 7:03 PM

9.0 Security Best Practices    

Started By  trueblueg8tor
Background: In general, most of our users are restricted to their site that's assigned in HR11/Employee file. We use 2 ids, 1 for ESS and another for application users. The application users are generated by an algorithm and stored in a table. Issue: How is everyone else enforcing what was 'Data Level' security in 8.0.3 for application users Possible Solutions: (A.) I could create a custom RM attribute that holds a user's site/process level and have a Process Flow (PF Integrator) maintai...
1 4625 1
by  John HenleyJump to last post
5/5/2008 5:46 PM

Minimum security settings    

Started By  Deleted User
What are the minimum laua security settings for LOGAN items to allow a typical end user to access the Portal What are the minimum laua security settings for Environment items to allow a typical end user to function We are at env 8.0.3
5 6904 0
by  John HenleyJump to last post
5/14/2008 11:34 AM

Disabled Assignment Tab(HR11) does not refresh    

Started By  GregSl
I have managed to disable the Assignment Tab by using the following rule. If (isElementGrpAccessible('PROCLEVEL','I,','HR',form.EMP_COMPANY,'CORP')) 'NO_ACCESS' else ''I' My problem is when I enter an Employee ID from a different Process Level it will work the first time, but the Assignment info is blank. If I enter an ID from Corp process Level it will freeze the tab.But will not refresh or enable, when I enter different Process Level EID. Has anyone come across this situation Greatly ap...
3 4722 0
by  John HenleyJump to last post
5/29/2008 11:47 AM

laua vs. 9.0 Data Security    

Started By  Peter Wilmot
Anybody have any ideas on this  In laua security, we had the system code AC for Data Security tied down to specific activities for specific security classes. For example, activity 41279901 was secured using the combination of 'company/activity group range', 'company/activity range' and 'security code/activity range'. This would have looked like this: From Company      To Company         From Process Level       To Process Level             Access Level               1*                        ...
2 5732 1
by  Peter WilmotJump to last post
5/30/2008 4:20 PM

WARN [LauaSecurityUser] Value for attribute 'VENDOR' and data area '' is NULL    

Started By  Ben Coonfield
I am seeing many lines in the ios.log file such as: WARN  [LauaSecurityUser] Value for attribute 'VENDOR' and data area '' is NULL or WARN  [LauaSecurityUser] Value for attribute 'CUSTOMER' and data area '' is NULL This is a 9.0.0.4 environment, using LAUA security exclusively, and we have not defined any rules with the new security tool.  Is there some kind of misconfiguration causing these messages  They do not appear to be causing anything to fail as far as I know.  My guess is that thes...
1 3786 0
by  John HenleyJump to last post
5/30/2008 11:10 AM

LS9 - Unix    

Started By  ChrisW
Hi!  We are on LSF9 using Lawon Security 9 on Unix and are getting ready to deploy ESS/MSS.  Does each employee need to have a UNIX id in order to store who updated the field for audit purposes
3 4166 1
by  ChrisWJump to last post
6/3/2008 10:55 AM
To join the discussion you need to register first. (Registration is free!) If you are already a registered user please login to join the discussion.
Page 24 of 25 << < 2122232425 > >>


RSS Feed Available