Prev
Next
Forums Infor / Lawson Platforms S3 Systems Administration

Lawson Core Technology 9 Installation Problem

 11 Replies
 0 Subscribed to this topic
 27 Subscribed to this forum
Sort:
Author
Messages
EdH
Basic Member
Posts: 10
Basic Member
5/12/2009 4:57 PM

     

    I'm installing Lawson Core 9.06 on HP UX with Tivoli Directory server.

    I'm having problems with the installation where I seem to be able to create the GEN database but fails doing a dbreorg.

     I am a newbie to Lawson where I have a Oracle 10.2 database  another server.I'm getting a error when doing a dbreorg gen (Security violation). I can run the install-ldas.pl script without any errors. If I run dbreorg gen from the command line I get the same Security Violation  error. Do you have any ideas ??  I thought it is the ldap but I can create a database.

    Thanks in Advance

     

    My log file shows.

    @@ run perl /tivoli/lawson/gen/install/dbactivategen.pl /tivoli/lawson/law/gen/d

    ict/*.files

    @@ run perl /tivoli/lawson/gen/install/dbconfigda.pl  GEN

    GEN configured for ora10

    Updating +GEN dictionary   - /tivoli/lawson/db/dict/+GEN

    Unchanged ATFMID

    .

    .

    Unchanged WRKFLOPTS

    Unchanged XFERFILE

    Unchanged XFERREQ

    @@ run /tivoli/lawson/gen/bin/dbreorg gen

    Security Violation

    Error: Security Violation

    Fatal: [install-ldas.pl] exit status 1

    Error: Fatal: [install-ldas.pl] exit status 1

    Error: Activating Lightweight Data Access System failed.

    **** 2009.05.12 10.54.07 RELOAD Failed.

    Greg Moeller
    Veteran Member
    Posts: 1498
    Veteran Member
    5/12/2009 7:02 PM
      Looks like you are missing security for the user that you are executing the script as in laua.
      Go to laua, find the user, select F6 Define. Select Security Class. Select F6 Define, Select B Environment Form ID's. Highlight DBADMIN or hit F4 Select and choose it. F6 Tkn Sec,
      Likely you will want to add all of these to the user that you are installing as.. F4 Select F8 for all.
      Jimmy Chiu
      Veteran Member
      Posts: 641
      Veteran Member
      5/14/2009 3:47 PM
        Create a user group "ALL" for example,

        Assign the install user to the user group "ALL"

        Create an admin security class

        Assign the install user to admin security class

        these steps are listed in the installation guide
        Jim Young
        Posts: 3
        5/21/2009 11:30 AM
          I turn security off when I am performing those type of functions.
          EdH
          Basic Member
          Posts: 10
          Basic Member
          5/21/2009 6:21 PM

            Trying your suggestions I am unable to get into laua: Any suggestions are appreciated.

            When I try laua on the Lawson 9 server (using LID) I'm getting this problem. I have it working fine on the Lawson 8 server (similar .profile , lawson.env, correct term type)

             

             Login as root error shown on command line (LID)  (error on command line)

             Error getting identities for list of parameters. Error number=1

             Error Message = Lawson Security Error. Please check log files for details.

            Service CLC901 Not Found

            In lase.log

             05/21/2009 14:44:59 getuserenv: Pid 8387

            8387: Could not get identity for Login root for service CLC901

            8387: Error number  = 1

            8387: Error message = Lawson Security Error: Please check log files for details

            Service CLC901 Not Found

            8387: UserName = root

            Got Msg Size - 1822

            Text - MSGTYPE=BaseXRefEventREQTYPE=

            BatchGetIdentSECUREDID=PRODLINE=

            ServiceName=

            CLC901MASK=TRUEATTRIBUTES=100ATTRIBUTES

            =1login=Ulawson   login=abentley      login=lgooper (…100 users)

            Sent Msg Size - 146

            Msg: MSGTYPE=BaseXRefEventREQTYPE=BatchGetIdentSTATUS=1

            STATUSMSG=Lawson Security Error:

            Please check log files for details

            Service CLC901 Not Found

            ________________________________ 

            Login as another user with secondary group lawson .

             (Correct Error Message)

            Must be Security Officer or Lawson Administrator To Use Lawson Security

            Tim
            Basic Member
            Posts: 6
            Basic Member
            9/11/2009 8:48 AM
              Hi EdH,

              Did you ever find an answer to this problem? I am getting a similar message in my lase.log ("Could not get identity for Login root for service xxxx") following a simple move of data from one ITDS server to another. Here's what I have done:

              Shutdown Lawson environment
              Dump ITDS data from ITDS server A
              Load ITDS data to ITDS server B
              Configure Lawson environment to reference ITDS server B
              Start Lawson environment

              All components of the environment seem to start, and I can connect using the Lawson Security Administrator tool, but when I attempt to 'Manage Identities" from within User Management, I get an error. In the lase.log, when the environment is started, I get the following:

              09/11/2009 03:30:00 getuserenv: Pid 713160
              713160: Could not get identity for Login root for service xxxxxx
              713160: Error number = 1
              713160: Error message = Lawson Security Error: Please check log files for detail
              s
              Error: Cannot get Identity. Original Exception: Invalid Argument (USER=null).
              713160: UserName = root


              If I reverse the Lawson environment configuration to reference ITDS server A, everything is fine.

              Any suggestions or ideas?
              Jimmy Chiu
              Veteran Member
              Posts: 641
              Veteran Member
              9/11/2009 1:50 PM
                Can you export your ssoconfig for all services with your new ITDS?
                Tim
                Basic Member
                Posts: 6
                Basic Member
                9/11/2009 1:59 PM
                  I will try tonight when I can switch back to 'ITDS B'.

                  Thanks for responding. Any other suggestions I can get in preparation for my next window are appreciated.
                  Jimmy Chiu
                  Veteran Member
                  Posts: 641
                  Veteran Member
                  9/11/2009 3:27 PM
                    it's looking for root login, is root defined as administrators in your ITDS B?
                    Tim
                    Basic Member
                    Posts: 6
                    Basic Member
                    10/16/2009 4:16 AM
                      Hi Jimmy,

                      I'm back after a long break from looking at this. The output from my export of all services


                      Do you want to export the identities ("ALL" or "NONE") ():ALL
                      Enter file name to save export as ():/tmp/sso.export
                      Choose format that Lawson Software should export credential information as.
                      (1) Encrypted
                      (2) Opaque
                      (3) Back
                      (4) Exit
                      Enter 1,2,3,4:2

                      Got exception: com.lawson.lawsec.authen.SecurityAuthenException:Invalid Argument (USER=null).
                      Stack Trace : com.lawson.lawsec.authen.SecurityAuthenException:Invalid Argument (USER=null).
                      at com.lawson.lawsec.authen.LawsonIdentityImpl.getUniqueIdentityString(Unknown Source)
                      at com.lawson.lawsec.authen.LawsonIdentityImpl.getPrivUsageByKeys(Unknown Source)
                      at com.lawson.lawsec.authen.SSOExport.export(Unknown Source)
                      at com.lawson.lawsec.authen.SSOExport.exportToFile(Unknown Source)
                      at com.lawson.lawsec.authen.SSOExport.exportToFile(Unknown Source)
                      at com.lawson.lawsec.authen.SSOExport.interviewToExport(Unknown Source)
                      at com.lawson.lawsec.authen.LawsonService.handleChoice(Unknown Source)
                      at com.lawson.lawsec.authen.util.TextMenuChoice.process(Unknown Source)
                      at com.lawson.lawsec.authen.SSOMainMenuHandler.handleChoice(Unknown Source)
                      at com.lawson.lawsec.authen.util.TextMenuChoice.process(Unknown Source)
                      at com.lawson.lawsec.authen.SSOConfig.processInteractiveConfiguration(Unknown Source)
                      at com.lawson.lawsec.authen.SSOConfig.main(Unknown Source)


                      So no, I guess I can't. The /tmp/sso.export file doesn't get created at all.

                      What do you mean by your last question 'is root defined as administrators in your ITDS B'?

                      Thanks!

                      Jimmy Chiu
                      Veteran Member
                      Posts: 641
                      Veteran Member
                      10/19/2009 1:49 PM
                        The root user is most likely the install account that has full administrative rights on your ITDS A. When you moved the ITDS instance. Check and see if it moved with it and if it's assigned administrative right correctly to the new instance of your ITDS B.
                        Greg Moeller
                        Veteran Member
                        Posts: 1498
                        Veteran Member
                        10/19/2009 7:27 PM
                          Lawson with LSF9 has a problem with using root as the account. Try su-ing to lawson user and run laua, assign to ALL group, assign ADMIN security class, dbreorg, etc from/for that account.

                          Note, if you have any Lawson jobs that are running as root, you'll likely have problems there as well.