Locating user IDs & Passwords from LDAP

Sort:
You are not authorized to post a reply.
Author
Messages
TBonney
Veteran Member
Posts: 277
Veteran Member
    We run Lawson Security 9.0, Environment 9.0.0.7 and Apps 9.0/MSP5 on a Windows box and use ADAM. But, we are not LDAP bound.

    Including ESS-only users, we have about 4000-4500 users. We get several calls/emails regarding lost or forgotten user ids or passwords daily. Our current process is basically to simply reset the passwords when this happens.

    Can anyone provide direction/instructions on how we can simply pull the information out of LDAP using Softerra LDAP Browser 6.2 so that we can simply inform them of what there present userid/password are instead of resetting it each time we get a call?

    We are approaching open benefits enrollment period (through ESS) and HR is worried that we will get slammed with inquiries when we do so. The bigger problem is that if an employee doesn't know either one, HR can not assist them in doing their enrollment and they will need to put the process off until they receive a new one.

    Thank yuou in adbvance for any guidance or suggestions you might provide.
    Jimmy Chiu
    Veteran Member
    Posts: 641
    Veteran Member
      I don't think you can actually SEE the password once it's stored. it posts a security risk if anyone can simply ldap into ADAM then find out the password of the accounts. If you want to avoid resetting password, you can simply maintain a small access/excel file and record down the resetted password value.

      Next time, if the user call again, you can simply pull it from the access/excel file

      Create a simple page and call to the datasource, integrate it into lawson portal and off ya go.
      Alex Tsekhansky
      Veteran Member
      Posts: 92
      Veteran Member
        The passwords in LDAP are encrypted. There are products that allow you to decrypt it (lawson does not currently store just the hash of the password in ADAM, but the whole thing). There are also products that allow users to reset their own forgotten passwords in Lawsoon using some proprietary information (SSN, birthdays, security questions etc).
        I work for a company that implements such products in LSF 900 and 901. They were designed specifically to address benefit enrollment issue with forgotten names/passwords.
        If interested, we can discuss this. You can contact me atsekhansky@analysts.com

        The alternative is manual maintenance, as Jimmy pointed.

        You are not authorized to post a reply.