Security Tables

Sort:
You are not authorized to post a reply.
Author
Messages
Carla Branda
Basic Member
Posts: 8
Basic Member

    We are on prem with Infor Lawson and LTM. Are there tables (look up type tables) that list security Roles and Groups? I need to refer to them during a process flow. I have searched to no avail. Thanks for the assist.

    Greg Moeller
    Veteran Member
    Posts: 1498
    Veteran Member
      There are tables (to an extent).... If you can figure out how to get the Lawson AD structure set up as a data source.
      You'd have to go through the AD structure for Lawson. Not your corporate AD, but just the one for Lawson that contains the information.
      Greg Moeller
      Veteran Member
      Posts: 1498
      Veteran Member

        I've got a shell script that uses ldapsearch commands to create a static html file... since the data doesn't change all that often, we can just refresh the html file once a day or even less often...

         

        Attached should give you an idea at least...  creates an html file of all of the groups and their members.

        Attachments
        Kwane McNeal
        Veteran Member
        Posts: 479
        Veteran Member
          Carla,
          Roles and Groups from which part of the product, LSF or LTM? If you’re referring to LSF, then Greg is correct. If you’re referring to LTM, then some of it is in the LTM productline, and some in the Landmark GEN productline.
          Greg Moeller
          Veteran Member
          Posts: 1498
          Veteran Member
            Oh, yeah... sorry. Way to keep me honest, Kwane.
            Carla Branda
            Basic Member
            Posts: 8
            Basic Member

              Thank you both

              Both: S3 roles and groups, and LTM roles

              I need to review each user's roles and groups to determine if they need a change in a few permissions based upon other criteria like job code, pay grade, etc. We do not have Infor OS implemented. 

              As I write this, I am relaizing the lookup tables would not help, So, this dicussino helped me clear my mind around that part.

              Thank you anyway!

              Greg Moeller
              Veteran Member
              Posts: 1498
              Veteran Member
                Whether or not InforOS is implemented won't matter to my script.
                John Henley
                Posts: 3353
                  Hi Carla. You did say you wanted to do this in a flow, and you're on-prem. So, you do probably have the option of configuring the Lawson S3 LDAP in IPA configuration, which requires a server, port, credentials, and LDAP root. You then use the LDAP query node in your flow to retrieve the roles and groups, etc. Very bare metal, but it will work for what you want. Depending on your configuration, you'll likely need to work with your network folks to get a port opened to your desktop for testing--or use an RDP connection into a server that has IPD installed--and has network connectivity to the ldap server/port. (Once you have your flow working, you can have this rescinded, and make sure that similar path is available from the IPA server to LSF server -- which is usually not an issue).
                  Thanks for using the LawsonGuru.com forums!
                  John
                  Randy
                  Veteran Member
                  Posts: 50
                  Veteran Member
                    As S3 and LTM are synched , the user (Actor) roles will end up in LTM tables. I have an Excel refreshable spreadsheet that uses a SQL query to retrieve all Actors and roles and displays in a Pivot. I can send the SQL along if anyone interested.
                    Carla Branda
                    Basic Member
                    Posts: 8
                    Basic Member

                      yes, correct, from both products: S3 and LTM

                      Carla Branda
                      Basic Member
                      Posts: 8
                      Basic Member

                        Yes, I found the LDAP tables. This will reruire a loop to gather each role and group for each user correct?

                        Carla Branda
                        Basic Member
                        Posts: 8
                        Basic Member

                          Hello

                          Yes please. I am interested, thank you.

                          Randy
                          Veteran Member
                          Posts: 50
                          Veteran Member

                            Carla - Not sure if you wanted this/or if this is what you need. WHen the excel sheet data is refreshed, All LTM actor/security roles will populate the Data/Pivot sheets.

                            Attached files.

                            SQL file s/b self explanitory. Run it in SSMS/Query tool to verify.

                            Excel FIle will need some changes and hopefully will just refresh. Goto Data/COnnections and select the properties on stored connection "LWS-DB-1". In the Definition tab change all the particulars to your LTM/S3 DB server. You need to change the SERVER=, UID=,PWD= and DATABSE= to match your envirenment. UID/PWD must be SQL Server login credentials. Yes, Excel stores PWD info, but no getting around that. If you make the changes and refresh, verything should repopulate with your data. You will be asked to save password with connection, just say yes.

                            DRIVER=SQL Server;SERVER=LWS-DB-1;UID=lbireport;PWD=sqlpwd;APP=Microsoft Office 2010;;DATABASE=LWSProd

                            Attachments
                            John Henley
                            Posts: 3353

                              Carla, earlier in your post you said you were trying to query/update within a flow. So I would caution you against using too much custom scripts/SQL, etc. and just stick to the tools that are available to you within IPA. This is important particularly if you ever intend to go to hosted CloudSuite, since you only can use supported tools. In particular, if you are looking for *defined* roles and groups, then you need to look at the LDAP data using LdapQuery node. If you are looking for the roles and groups *assigned* to users, then use ResourceQuery.

                              Thanks for using the LawsonGuru.com forums!
                              John
                              You are not authorized to post a reply.