Who's On?

	Membership:
	Latest: John Bonin
	Past 24 Hours: 0
	Prev. 24 Hours: 0
	Overall: 5270

	People Online:
	Visitors: 197
	Members: 0
	Total: 197

Name	Points
Greg Moeller	4184
David Williams	3349
JonA	3291
Kat V	2984
Woozy	1973
Jimmy Chiu	1883
Kwane McNeal	1437
Ragu Raghavan	1375
Roger French	1315
mark.cook	1244

RM Viewing Role

4 Replies

1 Subscribed to this topic

16 Subscribed to this forum

Sort:

Author

Messages

trueblueg8tor

Advanced Member Send Private Message

Posts: 41

9/3/2008 2:18 PM

I'm trying to create a role for Viewing RM only. I created a Role called "RmView" and security class called "RMView". In the security class, I granted unconditional "Inquire" access to everything. Even after I attach the security class to the role and the role to the user I'm unable to log into Lawson Security Administrator. How can I test my role with giving "SuperAdminRole"?

Kwane McNeal

Veteran Member Send Private Message

Posts: 479

9/3/2008 2:41 PM

When you say Inquire for everything, what does that mean? All Objects of type "Type", or did you go into the RMO/RMA objects?

Also, Lawson Security Administrator Access is controlled by the ADM profile, NOT the RM profile. You'll need a class defined from BOTH Profiles placed into the ROLE.

ADM LS SecClass needs to give you access to the lase Security Service structures to get at the RM, and the RM LS SecClass needs to control what you can see or do.

If you have any questions, feel free to call.

Kwane
954.547.7210

trueblueg8tor

Advanced Member Send Private Message

Posts: 41

9/3/2008 4:05 PM

Thanks I'll give it shot!

Mike Flynn

Basic Member Send Private Message

Posts: 5

10/15/2008 11:42 AM

I have created something very similar but am unable to figure out how to lock down the 'manage identities' information. I have everything else locked down to inquire only but they can still go into "manage identities" and change passwords. Anyone know how to secure that piece?

Deleted User

New Member Send Private Message

Posts: 0

12/4/2014 5:57 PM

Kwane,
I'd greatly appreciate your clarification on something you wrote. This statement that you made (several years ago) was:
"ADM LS SecClass needs to give you access to the lase Security Service structures to get at the RM, and the RM LS SecClass needs to control what you can see or do."

What do you mean by giving "access to the lase Security Service?" In other words, which rules are required for that access?? I've opened up just about all objects in both the RM and ADM profiles yet I'm still seeing the "Administrator is not authorized - Access Denied" error when I attempt to login to LSA and am attached to my new role.
Thanks so much!
Lenny