Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Integration / Customization
IPA/ProcessFlow
Auto Provisoning Of users using IPA
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Saef
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5226
People Online:
Visitors:
487
Members:
0
Total:
487
Online Now:
New Topics
User Group Announcements
Carolina User Group Meeting
12/20/2024 3:15 PM
Date & Time: February 6, 2025, 8:30am - 4:00pm
S3 Systems Administration
ADFS certificate - new cert
12/3/2024 9:38 PM
The certificates on the windows boxes expired and
Lawson S3 HR/Payroll/Benefits
Post Tax Benefit Plan Table
11/14/2024 9:16 PM
Hi, totally new to Laswon. I have a repor
Lawson S3 Procurement
ED501 Error: Map 850 not supported by /law/c15vda/lawson/test10/edi/bin/laws_out_91
11/12/2024 3:47 PM
Tried runnning ED501 and getting the atathced erro
Lawson S3 HR/Payroll/Benefits
Error
11/6/2024 9:54 PM
When I try to enroll a retiree in 72.1 health plan
Infor ERP (Syteline)
Syteline: New Data Maintenance Wizard (Error) Need help
11/1/2024 4:24 PM
Hi, I need help with an error on syteline while us
Dealing with Lawson / Infor
Implementing Lawson v10 with Cerner Surginet, Case Cart Picking, and Quick Adds for the OR
10/29/2024 4:20 PM
Hi Everyone, I am wondering if there is any org
Lawson S3 HR/Payroll/Benefits
Canada Tax Calculation (Federal and Provincial) Issue
10/23/2024 5:00 AM
Initially, we had problem with CPP2 calculation is
Lawson S3 HR/Payroll/Benefits
CA Section 125 401k Plan
10/22/2024 10:13 PM
Does anyone have any recommendations on how to fac
S3 Systems Administration
Running AC120 deleted records from ACMASTER table
10/22/2024 3:40 PM
We recently ran the AC120 as normal and somehow it
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3291
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1372
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
Integration / Customization
IPA/ProcessFlow
Auto Provisoning Of users using IPA
Please
login
to post a reply.
7 Replies
0
Subscribed to this topic
52 Subscribed to this forum
Sort:
Oldest First
Most Recent First
Author
Messages
xxxxxttysfh
Veteran Member
Posts: 62
8/12/2014 10:39 PM
Has any one done a Auto Provisoning of users using lawson.
Such as to add an user in AD, and other applications.
xxxxxttysfh
Veteran Member
Posts: 62
8/12/2014 11:15 PM
May be this genrric ,I want the fow to be automatic , after an employee is created in system of record such as Hr11.
I want the user to be added in AD and then lawson, and other applications?
Can this be achived for CHage of username ,Rehire.
Can this be achived ?
Shane Jones
Veteran Member
Posts: 460
8/14/2014 10:37 AM
I have asked about querying AD and I was told to look at the LDAP but no one has told me that I can add and change AD records. Good luck - if you figure this out please share. ..
Carl.Seay
Veteran Member
Posts: 109
8/14/2014 10:57 AM
You would need to know the inner workings of each system and how it creates user records. Each system would be different, such as using a web API, or directly creating records in the database. There are companies that sell expensive software just for this purpose. I'm not saying it's impossible with IPA, but it's probably not the best tool for that, and would be a massive project.
KK - Infor
Veteran Member
Posts: 61
8/14/2014 1:12 PM
Sid,
Yes, I have successfully done that using ProcessFlow Integrator.
The way we ended up doing is creating the ldif file in the flow (with the required parameters based on your AD setup) and pushing the changes onto the AD/ LDAP server.
For instance, for the modifying the user password,
Create the ldif file using the file access node,
dn: cn=,ou=
,dc=
,dc=
changetype: modify
replace: userPassword
userPassword:
To push the changes into LDAP - System Command
ldapmodify -c -d debuglevel -h
-p
-D cn=
-w
-f
Hope this helps!
John Henley
Posts: 3353
8/14/2014 7:53 PM
(shameless self-promotion)
The Examiner for Lawson S3 product (
https://www.danalytics.co...nerforLawsonS3.aspx)
has a feature that updates/synchronizes between your AD and HR11, but currently doesn't do the provisioning. Examiner also has a feature to detect "orphan" Lawson SSOP identities (i.e. they no longer match AD accounts so the user is no longer a valid user).
I have had a number of requests for adding AD user provisioning (as well as creating an Exchange account).
Are you looking for a solution that 1) creates the AD account, 2) creates the corresponding SSOP identity in Lawson, or both?
The dilemma with option 1 is the matching of 1) an RMID to 2)
_EMPLOYEE identity to 3) an AD account -- this typically be done via the SSOP identity, but the SSOP identity can't be created using the normal process in Lawson Security until the AD account already exists
So, any solution would have to create the AD account first.
Let me know if that what you are looking for...
xxxxxttysfh
Veteran Member
Posts: 62
8/16/2014 4:56 PM
Hello All
We work in a hospital and we using other applications like Epic which is our HIS System , we use PACS,Infitiy for our radiology , Onbase for Documents .
My plan is when we hire a user i want the user to get Added in AD , email accounts and Add the users in those applications.
My converse are what happens if a user changes there last name after getting married, what happens when they change there position ,terminated.
If all this can't be achieved if I can do this at least creating AD and email and assign Security Groups by using IPA?
BarbR
Veteran Member
Posts: 306
8/16/2014 5:38 PM
sid, we don't do everything automated as you desire, but we do have self-service user RMID's auto-maintained. Here is what we do:
1. We have our New Hire / Re Hire personnel actions work-flow enabled - which sends a email notification to our System Access Provisioning group and they add the user to AD and grant all the other stuff they'll need in their job.
2. We have a daily process that reads an extract from AD (account, employee number, email address) and an extract from HR11 and an extract from the Lawson LDAP. It does a lot of stuff, but basically if the employee does not have an RMID, it builds one, if the employee does have an RMID it compares the data fields and updates as necessary (changes in email, name, changing roles if employee became a manager or vice versa), and if there is an RMID but the employee is terminated it changes the roles and portal role to inactive. It all hinges on the ability to marry the employee number to the AD account, and that information is on the AD extract.
How we do it is a bit klugy as it was done in a hurry when we implemented EMSS - some day I'd like to redo it all using Process Flow.
Please
login
to post a reply.