• Search Forums
    Advanced Search Topics Posts
Prev
Next
Forums Infor / Lawson Platforms S3 Systems Administration

Lawson Core Technology 9 Installation Problem

 11 Replies
 0 Subscribed to this topic
 27 Subscribed to this forum
Sort:
Author
Messages
EdH
Basic Member Send Private Message
Posts: 10
Basic Member
5/12/2009 4:57 PM

 

I'm installing Lawson Core 9.06 on HP UX with Tivoli Directory server.

I'm having problems with the installation where I seem to be able to create the GEN database but fails doing a dbreorg.

 I am a newbie to Lawson where I have a Oracle 10.2 database  another server.I'm getting a error when doing a dbreorg gen (Security violation). I can run the install-ldas.pl script without any errors. If I run dbreorg gen from the command line I get the same Security Violation  error. Do you have any ideas ??  I thought it is the ldap but I can create a database.

Thanks in Advance

 

My log file shows.

@@ run perl /tivoli/lawson/gen/install/dbactivategen.pl /tivoli/lawson/law/gen/d

ict/*.files

@@ run perl /tivoli/lawson/gen/install/dbconfigda.pl  GEN

GEN configured for ora10

Updating +GEN dictionary   - /tivoli/lawson/db/dict/+GEN

Unchanged ATFMID

.

.

Unchanged WRKFLOPTS

Unchanged XFERFILE

Unchanged XFERREQ

@@ run /tivoli/lawson/gen/bin/dbreorg gen

Security Violation

Error: Security Violation

Fatal: [install-ldas.pl] exit status 1

Error: Fatal: [install-ldas.pl] exit status 1

Error: Activating Lightweight Data Access System failed.

**** 2009.05.12 10.54.07 RELOAD Failed.

Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
5/12/2009 7:02 PM
Looks like you are missing security for the user that you are executing the script as in laua.
Go to laua, find the user, select F6 Define. Select Security Class. Select F6 Define, Select B Environment Form ID's. Highlight DBADMIN or hit F4 Select and choose it. F6 Tkn Sec,
Likely you will want to add all of these to the user that you are installing as.. F4 Select F8 for all.
Jimmy Chiu
Veteran Member Send Private Message
Posts: 641
Veteran Member
5/14/2009 3:47 PM
Create a user group "ALL" for example,

Assign the install user to the user group "ALL"

Create an admin security class

Assign the install user to admin security class

these steps are listed in the installation guide
Deleted User
New Member Send Private Message
Posts: 0
New Member
5/21/2009 11:30 AM
I turn security off when I am performing those type of functions.
EdH
Basic Member Send Private Message
Posts: 10
Basic Member
5/21/2009 6:21 PM

Trying your suggestions I am unable to get into laua: Any suggestions are appreciated.

When I try laua on the Lawson 9 server (using LID) I'm getting this problem. I have it working fine on the Lawson 8 server (similar .profile , lawson.env, correct term type)

 

 Login as root error shown on command line (LID)  (error on command line)

 Error getting identities for list of parameters. Error number=1

 Error Message = Lawson Security Error. Please check log files for details.

Service CLC901 Not Found

In lase.log

 05/21/2009 14:44:59 getuserenv: Pid 8387

8387: Could not get identity for Login root for service CLC901

8387: Error number  = 1

8387: Error message = Lawson Security Error: Please check log files for details

Service CLC901 Not Found

8387: UserName = root

Got Msg Size - 1822

Text - MSGTYPE=BaseXRefEventREQTYPE=

BatchGetIdentSECUREDID=PRODLINE=

ServiceName=

CLC901MASK=TRUEATTRIBUTES=100ATTRIBUTES

=1login=Ulawson   login=abentley      login=lgooper (…100 users)

Sent Msg Size - 146

Msg: MSGTYPE=BaseXRefEventREQTYPE=BatchGetIdentSTATUS=1

STATUSMSG=Lawson Security Error:

Please check log files for details

Service CLC901 Not Found

________________________________ 

Login as another user with secondary group lawson .

 (Correct Error Message)

Must be Security Officer or Lawson Administrator To Use Lawson Security

Tim
Basic Member Send Private Message
Posts: 6
Basic Member
9/11/2009 8:48 AM
Hi EdH,

Did you ever find an answer to this problem? I am getting a similar message in my lase.log ("Could not get identity for Login root for service xxxx") following a simple move of data from one ITDS server to another. Here's what I have done:

Shutdown Lawson environment
Dump ITDS data from ITDS server A
Load ITDS data to ITDS server B
Configure Lawson environment to reference ITDS server B
Start Lawson environment

All components of the environment seem to start, and I can connect using the Lawson Security Administrator tool, but when I attempt to 'Manage Identities" from within User Management, I get an error. In the lase.log, when the environment is started, I get the following:

09/11/2009 03:30:00 getuserenv: Pid 713160
713160: Could not get identity for Login root for service xxxxxx
713160: Error number = 1
713160: Error message = Lawson Security Error: Please check log files for detail
s
Error: Cannot get Identity. Original Exception: Invalid Argument (USER=null).
713160: UserName = root


If I reverse the Lawson environment configuration to reference ITDS server A, everything is fine.

Any suggestions or ideas?
Jimmy Chiu
Veteran Member Send Private Message
Posts: 641
Veteran Member
9/11/2009 1:50 PM
Can you export your ssoconfig for all services with your new ITDS?
Tim
Basic Member Send Private Message
Posts: 6
Basic Member
9/11/2009 1:59 PM
I will try tonight when I can switch back to 'ITDS B'.

Thanks for responding. Any other suggestions I can get in preparation for my next window are appreciated.
Jimmy Chiu
Veteran Member Send Private Message
Posts: 641
Veteran Member
9/11/2009 3:27 PM
it's looking for root login, is root defined as administrators in your ITDS B?
Tim
Basic Member Send Private Message
Posts: 6
Basic Member
10/16/2009 4:16 AM
Hi Jimmy,

I'm back after a long break from looking at this. The output from my export of all services


Do you want to export the identities ("ALL" or "NONE") ():ALL
Enter file name to save export as ():/tmp/sso.export
Choose format that Lawson Software should export credential information as.
(1) Encrypted
(2) Opaque
(3) Back
(4) Exit
Enter 1,2,3,4:2

Got exception: com.lawson.lawsec.authen.SecurityAuthenException:Invalid Argument (USER=null).
Stack Trace : com.lawson.lawsec.authen.SecurityAuthenException:Invalid Argument (USER=null).
at com.lawson.lawsec.authen.LawsonIdentityImpl.getUniqueIdentityString(Unknown Source)
at com.lawson.lawsec.authen.LawsonIdentityImpl.getPrivUsageByKeys(Unknown Source)
at com.lawson.lawsec.authen.SSOExport.export(Unknown Source)
at com.lawson.lawsec.authen.SSOExport.exportToFile(Unknown Source)
at com.lawson.lawsec.authen.SSOExport.exportToFile(Unknown Source)
at com.lawson.lawsec.authen.SSOExport.interviewToExport(Unknown Source)
at com.lawson.lawsec.authen.LawsonService.handleChoice(Unknown Source)
at com.lawson.lawsec.authen.util.TextMenuChoice.process(Unknown Source)
at com.lawson.lawsec.authen.SSOMainMenuHandler.handleChoice(Unknown Source)
at com.lawson.lawsec.authen.util.TextMenuChoice.process(Unknown Source)
at com.lawson.lawsec.authen.SSOConfig.processInteractiveConfiguration(Unknown Source)
at com.lawson.lawsec.authen.SSOConfig.main(Unknown Source)


So no, I guess I can't. The /tmp/sso.export file doesn't get created at all.

What do you mean by your last question 'is root defined as administrators in your ITDS B'?

Thanks!

Jimmy Chiu
Veteran Member Send Private Message
Posts: 641
Veteran Member
10/19/2009 1:49 PM
The root user is most likely the install account that has full administrative rights on your ITDS A. When you moved the ITDS instance. Check and see if it moved with it and if it's assigned administrative right correctly to the new instance of your ITDS B.
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
10/19/2009 7:27 PM
Lawson with LSF9 has a problem with using root as the account. Try su-ing to lawson user and run laua, assign to ALL group, assign ADMIN security class, dbreorg, etc from/for that account.

Note, if you have any Lawson jobs that are running as root, you'll likely have problems there as well.