PrevPrev Go to previous topic
NextNext Go to next topic
Last Post 08/07/2017 6:49 AM by  Kwane McNeal
Random sudden security violations
 6 Replies
Sort:
You are not authorized to post a reply.
Author Messages
Ronnie
Business Analyst
BMH
Veteran Member
(341 points)
Veteran Member
Posts:143


Send Message:

--
06/01/2016 8:04 AM

    Ok,

     

    I am new to a company i just started working for. Within the past two days users have started sudden getting security violations when inquiring and returning data on PR forms ...example PR36 now gets security violation.

    Yesterday the apps system was rebooted and this seemed to resolve issues for users. This morning users are getting security violations again.

     

    Users have been able to return data with no issue in the past and no changes have been made to my knowledge. 

     

    I tested security by turning it off to see if security was the issue and I was able then to return data. What would cause security to suddenly return security violations or where can I check to resolve this issue?

     

    My coworkers are not here currently, and since I am new I have limited resources. Any suggestions so that I can get users working again until my help arrives.

     

    Thanks,

     

     

    Ronnie
    Business Analyst
    BMH
    Veteran Member
    (341 points)
    Veteran Member
    Posts:143


    Send Message:

    --
    06/01/2016 8:09 AM
    I am also trying to check the security_authen.log and it pulls up in an asian font that is unreadable.
    Ronnie
    Business Analyst
    BMH
    Veteran Member
    (341 points)
    Veteran Member
    Posts:143


    Send Message:

    --
    06/01/2016 8:15 AM
    ok...i was able to read the log instead using Notepad ++, but it did not really give me any info. It just has errors about an ldap bind that appears they have been getting since way before I came. Nothing really pertaining to today or yesterdays issue.
    Ronnie
    Business Analyst
    BMH
    Veteran Member
    (341 points)
    Veteran Member
    Posts:143


    Send Message:

    --
    06/01/2016 8:39 AM
    so far it appears to be narrowed down to PR forms only for some reason.
    Brian Allen
    Private
    Private
    Veteran Member
    (276 points)
    Veteran Member
    Posts:94


    Send Message:

    --
    06/01/2016 9:44 AM
    I would also check the LDAP logs for errors since the security data is stored there and LDAP errors would generate security errors. Lawson also has a KB linking to an IBM doc on tuning and setting indexes on Tivoli Directory Server if you are using Tivoli. lase and other security logs may have helpful detail. You could also try setting a user to debug mode in Lawson Security.
    tambrosi
    Enterprise System Analysis
    Private
    Advanced Member
    (97 points)
    Advanced Member
    Posts:45


    Send Message:

    --
    08/07/2017 6:15 AM

    I know this an older post, but we started seeing this on Friday afternoon.  

    Just random Security Violations with in the app.   We needed to reboot the server to get our users going again.   I am really trying to find out what caused this? Logs are not really telling me anything.  

    Logged Issue doc.

    around 2:00 in the afternoon, the remote divisions started reporting "Security Violations". Nothing Changed.   PR screens. 
    ..When we got notified, from 3 of the sites, we had our corp team log in to see if they were getting the same error---they were working fine. We have a test user ID/Password with the same creds as the divisional payroll group. 
    .. We used that user id/password and tested from the corporate location and that worked fine.

    ..We took that one step further and allowed one of the divisional people to login thru the corp location and that worked fine. 
    ..Also, I remotely connected to one of the divisional sites and was able to run the transactions normally with my creds.. When using the site creds, it failed to run the transactions giving the "Security Violations". 

    The reboot fixed the issue, LSF and Mingle   I talked with our Network folks and Database folks and there were no changes being made at the time What is the 'Security Violation" really tell us? Is this a misleading message? 

    ##One thing I read in this post it to turn on debug for a user,  is there a place where I see how to do that.   Or if somebody can let me know I would appreciate it. 

    Thanks

    Terry 

     

    Kwane McNeal
    Private
    Private
    Veteran Member
    (1197 points)
    Veteran Member
    Posts:399


    Send Message:

    --
    08/07/2017 6:49 AM
    Terry,
    This thread is over a year old, but to answer your post, this is typical is you do not restart LSF frequently enough, and is related to your other post concerning the same.

    What happens is that due to memory leaks, the lase process eventually stops responding to requests for security info, and when that occurs, the latm process uses the default security of NO_ACCESS for all unanswered requests for security authorization.

    This is also why a restart of LSF and/or the OS fixes it.
    You are not authorized to post a reply.