Prev
Next
Forums S3 Security

Random sudden security violations

Sort:
You are not authorized to post a reply.
Author
Messages
Ronnie
Veteran Member
Posts: 152
Veteran Member
6/1/2016 12:04 PM

    Ok,

     

    I am new to a company i just started working for. Within the past two days users have started sudden getting security violations when inquiring and returning data on PR forms ...example PR36 now gets security violation.

    Yesterday the apps system was rebooted and this seemed to resolve issues for users. This morning users are getting security violations again.

     

    Users have been able to return data with no issue in the past and no changes have been made to my knowledge. 

     

    I tested security by turning it off to see if security was the issue and I was able then to return data. What would cause security to suddenly return security violations or where can I check to resolve this issue?

     

    My coworkers are not here currently, and since I am new I have limited resources. Any suggestions so that I can get users working again until my help arrives.

     

    Thanks,

     

     

    Ronnie
    Veteran Member
    Posts: 152
    Veteran Member
    6/1/2016 12:09 PM
      I am also trying to check the security_authen.log and it pulls up in an asian font that is unreadable.
      Ronnie
      Veteran Member
      Posts: 152
      Veteran Member
      6/1/2016 12:15 PM
        ok...i was able to read the log instead using Notepad ++, but it did not really give me any info. It just has errors about an ldap bind that appears they have been getting since way before I came. Nothing really pertaining to today or yesterdays issue.
        Ronnie
        Veteran Member
        Posts: 152
        Veteran Member
        6/1/2016 12:39 PM
          so far it appears to be narrowed down to PR forms only for some reason.
          Brian Allen
          Veteran Member
          Posts: 104
          Veteran Member
          6/1/2016 1:44 PM
            I would also check the LDAP logs for errors since the security data is stored there and LDAP errors would generate security errors. Lawson also has a KB linking to an IBM doc on tuning and setting indexes on Tivoli Directory Server if you are using Tivoli. lase and other security logs may have helpful detail. You could also try setting a user to debug mode in Lawson Security.
            tambrosi
            Veteran Member
            Posts: 55
            Veteran Member
            8/7/2017 10:15 AM

              I know this an older post, but we started seeing this on Friday afternoon.  

              Just random Security Violations with in the app.   We needed to reboot the server to get our users going again.   I am really trying to find out what caused this? Logs are not really telling me anything.  

              Logged Issue doc.

              around 2:00 in the afternoon, the remote divisions started reporting "Security Violations". Nothing Changed.   PR screens. 
              ..When we got notified, from 3 of the sites, we had our corp team log in to see if they were getting the same error---they were working fine. We have a test user ID/Password with the same creds as the divisional payroll group. 
              .. We used that user id/password and tested from the corporate location and that worked fine.

              ..We took that one step further and allowed one of the divisional people to login thru the corp location and that worked fine. 
              ..Also, I remotely connected to one of the divisional sites and was able to run the transactions normally with my creds.. When using the site creds, it failed to run the transactions giving the "Security Violations". 

              The reboot fixed the issue, LSF and Mingle   I talked with our Network folks and Database folks and there were no changes being made at the time What is the 'Security Violation" really tell us? Is this a misleading message? 

              ##One thing I read in this post it to turn on debug for a user,  is there a place where I see how to do that.   Or if somebody can let me know I would appreciate it. 

              Thanks

              Terry 

               

              Kwane McNeal
              Veteran Member
              Posts: 479
              Veteran Member
              8/7/2017 10:49 AM
                Terry,
                This thread is over a year old, but to answer your post, this is typical is you do not restart LSF frequently enough, and is related to your other post concerning the same.

                What happens is that due to memory leaks, the lase process eventually stops responding to requests for security info, and when that occurs, the latm process uses the default security of NO_ACCESS for all unanswered requests for security authorization.

                This is also why a restart of LSF and/or the OS fixes it.
                You are not authorized to post a reply.