Hello all, We're a new Lawson deployment in the mist of setting up ESS and MSS for our employees. Right now, we are trying to build our security classes based off of the Lawson delivered templates and I'm getting conflicting information on this method. When attending a recent Lawson Security class (and in my Lawson System Foundation class) I was told that we should be using the Lawson delivered classes for our Self-Service security roles.  However, I was told recently by Lawson Support ...

We are migrating to LSF9 and using ADAM ldap. I know there is no Lawson command yet to  mass delete user accounts from ADAM. But I was wondering if there is a simple way to de-activate the accounts Thanks!

We will be going LIVE with S3 financials on November 1,2009.   We are using LSF9 Security with LDAP bind.  I am wondering if there is a way to inactivate a user's security when they leave the organization or do we depend on the Acitve Directory account being disabled which would prevent the user from logging into the Portal.  Is this typically good enough for the auditors

Hi, I've done a bunch of internet searches and can't nail down all of the Lawson function codes. Here's what I've figured out so far. Please correct me if I'm wrong on any of them and add any others that I don't mention... I – Inquire S – Scroll P – Previous - - Previous N – Next - Next A – Add C – Change D – Delete X – M – O – Thanks a lot!

Has anyone implemented LSF9 and Lawson Security Fast Track at the same time If so I was wondering how the implementation went. Did you have any major problems that we should look out for. Would you recommend doing these two installs at the same time. What were your reasons for doing both at the same time Any information you can provide would be greatly appreciated. We are currently on 8.0 Env and 8.1 apps. Moving to 9.0 Env, 8.1 Apps, with Lawson Security. Thanks again. Matt

Is there a way to write a rule, that looks up a company group and checks the companies attached to compare in value to COMPANY CONTROL  Example...GL95  allows the usage of company groups, but if a company exists in that group that the user would not have access to, how would a rule be able to be written to prevent that user access

Hello, Do you know if there is a Lawson report that will show a user's log-in and log-off times by month Add Ins report

We are on prem with Infor Lawson and LTM. Are there tables (look up type tables) that list security Roles and Groups I need to refer to them during a process flow. I have searched to no avail. Thanks for the assist.

I know what people are attached to a specific role and what security classes are attached to that specific role.  My problem is finding out from a security class perspective what roles are attached to a specific security class before I make a change to the security class.  Then I would know who all would be affected by the change.

I need to create a conditional rule on the GLJournalEntries security class to allow  Inquire only access to the GL40-GL40.9 form for 1 of 6 users that are assigned the two roles that hold this security class.  That is to leave 5 of the users with ALL ACCESS to GL40-40.9 and have a rule to only allow 1 specific user to INQUIRE. Our Auditors have requested this. I would think a rule could accomplish this and  know where I have to go to do this and how to get to writing the rule, but I am strugg...

We are migrating from the HP-UX version of Lawson to the Windows version. During testing we were getting a 'user could not be logged in' error when running batch jobs and found out that their Domain_User password needed to be manually inputted in Manage Identities/Prod service in LSA in order to run batch jobs. This wasn't required in the HP-UX version. It isn't practical to have to manually input over 100 network passwords in LSA every 90 days, and users aren't allowed to give up their passw...

Is this something that you are will to share  Our HR department would like to limit some of the employees they are allowed to inquire on.  The only advice Infor Support will give is that you need to use a form rule.

I have someone wanting to know who all has a certain ProcessLevelControl attribute. I am not sure how I can run a report against this.    I tried running in my security administrator but I can not get the reports to run and just stay stuck in processing. Is there a way I can run a report against this somehow in SQL I was going to search the Infor KB, but their site seems to be messed up currently.

Hello, I have to create several new security classes for Lawson.  Instead of using LSA to manually add each Table and Token is there a template that I can populate and load through LID commands where I can define the access (All_Access, All_Inquiries, etc) and do the bulk import of the secuity class and role

We have a user that I can not figure out what is going on. She can add a job in lawson (example PR260). When she adds the  job, it accepts, but it does not show up in her job list. She can not see the job list. Also when she goes to print manager, nothing is showing up. I have checked the users security, have deleted her user account and recreated, made sure there was no orphan user in DELUSERS etc. I can not figure out why she can not see her print manager or jobs. Any idea what to loo...

A couple of weeks ago, we had reports that the security was not not working properly.  We have the following in a rule: getDBFieldByIdx('EMPLOYEE','PROCESS-LEVEL','EMPSET1',COMPANY,EMPLOYEE) The reasoning for this piece is that employee information for employees in specific process levels is restricted to a small number of individuals.  The LASE and LADB logs were filling up with errors stating there was a database connection failure, and the error even points to getDBField.   default.SEVERE...

Can someone point me to the direction where I can find out what the expression builder in Lawson Security Admin is meaning when it says 'form.process_level'  or 'form.author_name'  etc.  Where are these forms it is speaking of  Like for process_level, there are numerous forms inside of Lawson that contain process level.   We are needing to create a security role for an internal audit team where they will have access to see info / run reports on all of our process levels (clinics), except for...

We are leaving Lawson, need to stepwise disable access. LSF9. We have over 160 roles administered over 15 years, over 10k EEs, not sure how consistent administration has been. ESS/MSS/All Lawson applications. Several groups need continued access, then no update at all. Any suggestions / strategies on doing this I am not the admin. Our security resources rely on pre-established procedures, not necessarily deep LSF Security knowledge.

Is there an easy way to remove one role from over 2000 users in LSA

Does anyone know how to get the lawsec utility on Windows 10 to not give a security violation.  I am running it from the command line.  I also am not able to submit a batch job from the LID.  It does submit from Portal.   I do not see lawsec anywhere in the lawson security adminiatrator.  This is one of my test environments, while in my other enviroments I am not having any issue running lawsec,   I am running LSF 10.0.9

We are in the process of moving to a new platform.  What are the best options for either keeping the same security classes and removing update access or creating new security classes with view only

Hello, We are in process of implementing the new Lawson security. As part of implementation we used fast track security class. Now question is, how do we lock out the HR department during the payroll process. We like change the HR security to View only mode. Any suggestions. :-)

We've been on the same LSF/Security version since May 2018.  And, I tested and verified that the loaduser utility would over write the role and group data 6 months ago.  Recently, I noticed that the utility is adding to existing data.  As part of our user disable process, I want to blank out the role and group data.  I set-up an empty role called disabled because the role wouldn't just blank.  but the group would.  Now neither is working. Is anyone else doing this  Tips or tricks TIA, Karen

Greetings Gurus   Has anyone successfully configured a Lawson Security Sub-Administrator who's only access is to run Lawson Security Reports   Thanks for taking the time to read my post

To all, Help! I've run into this a few times, where we lock down Company with the Company Element, but some screens and many reports (such as GL220) allow users to get around that restriction by using Company Group instead of Company. I tried restricting the Company Group element, and even changing it to No Access - no effect. Users still had wide-open access to Company Group. I was able to restrict Company Group by putting a rule in the screen (we used GL11.1), but some 300 screens have Com...