Setting an account for Lawson Security Admin access

Anyone with any thoughts at all???

We are using a SuperAdminRole, and that role has "all" access in Profiles RM and ADM. We don't have the situation that you are describing, but I would think you need security classes in both RM and ADM that provide only what is needed rather than "all". What exactly you'd need in RM and ADM could be trial-and-error. Then you'd assign those classes to an SecurityAdminLimitedRole.

Gotya. I am not really familiar with the RM and ADM profiles, I have never touched security or any setup outside of our PROD profile.

Testing the new role will be tricky - I hope you have a second userid to test it with. You can't remove the "all access" from your existing security account to test the new role, because then you might not be able to get back in to security ;-)

I have setup limited user access before at another organization using the ADM and RM roles. You can setup limited access to the LS client and RM section within the ADM and RM profiles. We also setup sub-administrator groups, for instance Finance (class FNADMAccess) only had access to assigning roles starting with FN (however requires some maintance for the sub-admin classes when adding new roles). It was reasonably straight forward. I started by adding what seemed to be required for limited access within the ADM role (e.g. Helpdesk) and then started testing.