Security Tables

 13 Replies
 2 Subscribed to this topic
 15 Subscribed to this forum
Sort:
Author
Messages
Carla Branda
Basic Member Send Private Message
Posts: 8
Basic Member

We are on prem with Infor Lawson and LTM. Are there tables (look up type tables) that list security Roles and Groups? I need to refer to them during a process flow. I have searched to no avail. Thanks for the assist.

Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
There are tables (to an extent).... If you can figure out how to get the Lawson AD structure set up as a data source. You'd have to go through the AD structure for Lawson. Not your corporate AD, but just the one for Lawson that contains the information.
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member

I've got a shell script that uses ldapsearch commands to create a static html file... since the data doesn't change all that often, we can just refresh the html file once a day or even less often...

 

Attached should give you an idea at least...  creates an html file of all of the groups and their members.

Attachments
Joseph Van Denburg
Veteran Member Send Private Message
Posts: 479
Veteran Member
Carla, Roles and Groups from which part of the product, LSF or LTM? If you’re referring to LSF, then Greg is correct. If you’re referring to LTM, then some of it is in the LTM productline, and some in the Landmark GEN productline.
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
Oh, yeah... sorry. Way to keep me honest, Kwane.
Carla Branda
Basic Member Send Private Message
Posts: 8
Basic Member

Thank you both

Both: S3 roles and groups, and LTM roles

I need to review each user's roles and groups to determine if they need a change in a few permissions based upon other criteria like job code, pay grade, etc. We do not have Infor OS implemented. 

As I write this, I am relaizing the lookup tables would not help, So, this dicussino helped me clear my mind around that part.

Thank you anyway!

Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
Whether or not InforOS is implemented won't matter to my script.
John Henley
Send Private Message
Posts: 3353
Hi Carla. You did say you wanted to do this in a flow, and you're on-prem. So, you do probably have the option of configuring the Lawson S3 LDAP in IPA configuration, which requires a server, port, credentials, and LDAP root. You then use the LDAP query node in your flow to retrieve the roles and groups, etc. Very bare metal, but it will work for what you want. Depending on your configuration, you'll likely need to work with your network folks to get a port opened to your desktop for testing--or use an RDP connection into a server that has IPD installed--and has network connectivity to the ldap server/port. (Once you have your flow working, you can have this rescinded, and make sure that similar path is available from the IPA server to LSF server -- which is usually not an issue).
Thanks for using the LawsonGuru.com forums!
John
Randy
Veteran Member Send Private Message
Posts: 50
Veteran Member
As S3 and LTM are synched , the user (Actor) roles will end up in LTM tables. I have an Excel refreshable spreadsheet that uses a SQL query to retrieve all Actors and roles and displays in a Pivot. I can send the SQL along if anyone interested.
Carla Branda
Basic Member Send Private Message
Posts: 8
Basic Member

yes, correct, from both products: S3 and LTM

Carla Branda
Basic Member Send Private Message
Posts: 8
Basic Member

Yes, I found the LDAP tables. This will reruire a loop to gather each role and group for each user correct?

Carla Branda
Basic Member Send Private Message
Posts: 8
Basic Member

Hello

Yes please. I am interested, thank you.

Randy
Veteran Member Send Private Message
Posts: 50
Veteran Member

Carla - Not sure if you wanted this/or if this is what you need. WHen the excel sheet data is refreshed, All LTM actor/security roles will populate the Data/Pivot sheets.

Attached files.

SQL file s/b self explanitory. Run it in SSMS/Query tool to verify.

Excel FIle will need some changes and hopefully will just refresh. Goto Data/COnnections and select the properties on stored connection "LWS-DB-1". In the Definition tab change all the particulars to your LTM/S3 DB server. You need to change the SERVER=, UID=,PWD= and DATABSE= to match your envirenment. UID/PWD must be SQL Server login credentials. Yes, Excel stores PWD info, but no getting around that. If you make the changes and refresh, verything should repopulate with your data. You will be asked to save password with connection, just say yes.

DRIVER=SQL Server;SERVER=LWS-DB-1;UID=lbireport;PWD=sqlpwd;APP=Microsoft Office 2010;;DATABASE=LWSProd

Attachments
John Henley
Send Private Message
Posts: 3353

Carla, earlier in your post you said you were trying to query/update within a flow. So I would caution you against using too much custom scripts/SQL, etc. and just stick to the tools that are available to you within IPA. This is important particularly if you ever intend to go to hosted CloudSuite, since you only can use supported tools. In particular, if you are looking for *defined* roles and groups, then you need to look at the LDAP data using LdapQuery node. If you are looking for the roles and groups *assigned* to users, then use ResourceQuery.

Thanks for using the LawsonGuru.com forums!
John