Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Infor / Lawson Platforms
S3 Systems Administration
Monitoring integrity of Infor LDAP vs. AD
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Saef
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5226
People Online:
Visitors:
500
Members:
0
Total:
500
Online Now:
New Topics
User Group Announcements
Carolina User Group Meeting
12/20/2024 3:15 PM
Date & Time: February 6, 2025, 8:30am - 4:00pm
S3 Systems Administration
ADFS certificate - new cert
12/3/2024 9:38 PM
The certificates on the windows boxes expired and
Lawson S3 HR/Payroll/Benefits
Post Tax Benefit Plan Table
11/14/2024 9:16 PM
Hi, totally new to Laswon. I have a repor
Lawson S3 Procurement
ED501 Error: Map 850 not supported by /law/c15vda/lawson/test10/edi/bin/laws_out_91
11/12/2024 3:47 PM
Tried runnning ED501 and getting the atathced erro
Lawson S3 HR/Payroll/Benefits
Error
11/6/2024 9:54 PM
When I try to enroll a retiree in 72.1 health plan
Infor ERP (Syteline)
Syteline: New Data Maintenance Wizard (Error) Need help
11/1/2024 4:24 PM
Hi, I need help with an error on syteline while us
Dealing with Lawson / Infor
Implementing Lawson v10 with Cerner Surginet, Case Cart Picking, and Quick Adds for the OR
10/29/2024 4:20 PM
Hi Everyone, I am wondering if there is any org
Lawson S3 HR/Payroll/Benefits
Canada Tax Calculation (Federal and Provincial) Issue
10/23/2024 5:00 AM
Initially, we had problem with CPP2 calculation is
Lawson S3 HR/Payroll/Benefits
CA Section 125 401k Plan
10/22/2024 10:13 PM
Does anyone have any recommendations on how to fac
S3 Systems Administration
Running AC120 deleted records from ACMASTER table
10/22/2024 3:40 PM
We recently ran the AC120 as normal and somehow it
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3291
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1372
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
Infor / Lawson Platforms
S3 Systems Administration
Monitoring integrity of Infor LDAP vs. AD
Please
login
to post a reply.
3 Replies
1
Subscribed to this topic
27 Subscribed to this forum
Sort:
Oldest First
Most Recent First
Author
Messages
Joe O'Toole
Veteran Member
Posts: 314
1/31/2014 2:31 PM
We have an automated process in place to provision Windows AD accounts from an HR Employee feed file and process the resulting return file with the Loadusers utility to create the LSF user identities. We occasionally end up with a missing identity either due to a failed process or corrupted LDAP entry and would like to develop an integrity process to identify this before the user finds out they cannot log into EMSS. We already load a database table with the account data coming back from the AD provisionning process and run a number of checks such as verifying all actives in S3 have an AD account, there are not multiple ID's for the same employee, etc, etc. The piece we are missing is how to verify the integrity of records in the Infor LDAP. Has anyone developed an automated process to monitor this by dumping out the Infor Identity or SSOP records? I used SSOCONFIG a few years ago to dump data for an audit, however it was an interactive process to run through the menu options at that time. Our environment is LSF 9.019, Microsoft Adam and we are bound to AD. Thanks for any suggestions.
John Henley
Posts: 3353
1/31/2014 2:57 PM
I have a couple of those features in Examiner for Lawson S3 (
https://www.danalytics.co...nerforLawsonS3.aspx)
Specifically, duplicate identity assignments (e.g. employee identity assigned to multiple RMIDs) and LDAP Bind orphans (in Lawson LDAP but missing in LDAP/AD).
Is what you looking for a way to validate that all users in Active Directory are also in the Lawson LDAP (i.e. LSF orphans)?
Joe O'Toole
Veteran Member
Posts: 314
1/31/2014 3:13 PM
Thanks John. Yes we are looking to validate that all AD users are in the Lawson LDAP and that the have both an identity and SSOP entry. I also use Loadusers to delete records from the Lawson LDAP as employees are termed, however it would be useful to identify Lawson LDAP records that are not in AD so we can remove them. I've been asked to develop a process using Infor supplied utilities before looking for a 3rd party package. Can SSOConfig be run in batch mode to dump the identities?
John Henley
Posts: 3353
1/31/2014 4:10 PM
ssoconfig does have an export (to CSV) command line option in some of the latest versions (not sure exact versions, but it is not in 9.0.1.8 but is in 9.0.1.12 as well as 10.0.3).
Please
login
to post a reply.