Carla BrandaSr. Systems Analyst Private (20 points) Basic Member Posts:8  Send Message: 
| 1/19/2022 7:24 PM |
|
We are on prem with Infor Lawson and LTM. Are there tables (look up type tables) that list security Roles and Groups? I need to refer to them during a process flow. I have searched to no avail. Thanks for the assist. |
|
|
|
Greg MoellerPrivatePrivate (4148 points) Veteran Member Posts:1482  Send Message:
| 1/19/2022 7:50 PM |
|
|
There are tables (to an extent).... If you can figure out how to get the Lawson AD structure set up as a data source.
You'd have to go through the AD structure for Lawson. Not your corporate AD, but just the one for Lawson that contains the information.
|
|
|
|
Greg MoellerPrivatePrivate(4148 points) Veteran Member Posts:1482 Send Message:
| 1/19/2022 7:53 PM |
|
I've got a shell script that uses ldapsearch commands to create a static html file... since the data doesn't change all that often, we can just refresh the html file once a day or even less often...
Attached should give you an idea at least... creates an html file of all of the groups and their members. |
|
|
|
Kwane McNealPresident Private(1437 points) Veteran Member Posts:479 Send Message:
| 1/19/2022 8:15 PM |
|
|
Carla,
Roles and Groups from which part of the product, LSF or LTM? If you’re referring to LSF, then Greg is correct. If you’re referring to LTM, then some of it is in the LTM productline, and some in the Landmark GEN productline.
|
|
|
|
Greg MoellerPrivatePrivate(4148 points) Veteran Member Posts:1482 Send Message:
| 1/19/2022 8:21 PM |
|
|
Oh, yeah... sorry. Way to keep me honest, Kwane.
|
|
|
|
Carla BrandaSr. Systems Analyst Private(20 points) Basic Member Posts:8 Send Message:
| 1/19/2022 8:50 PM |
|
Thank you both
Both: S3 roles and groups, and LTM roles
I need to review each user's roles and groups to determine if they need a change in a few permissions based upon other criteria like job code, pay grade, etc. We do not have Infor OS implemented.
As I write this, I am relaizing the lookup tables would not help, So, this dicussino helped me clear my mind around that part.
Thank you anyway! |
|
|
|
Greg MoellerPrivatePrivate(4148 points) Veteran Member Posts:1482 Send Message:
| 1/19/2022 9:03 PM |
|
|
Whether or not InforOS is implemented won't matter to my script.
|
|
|
|
John HenleyPrivatePrivate (9932 points) Senior Member Posts:3328  Send Message:
| 1/31/2022 4:25 PM |
|
|
Hi Carla. You did say you wanted to do this in a flow, and you're on-prem. So, you do probably have the option of configuring the Lawson S3 LDAP in IPA configuration, which requires a server, port, credentials, and LDAP root. You then use the LDAP query node in your flow to retrieve the roles and groups, etc. Very bare metal, but it will work for what you want. Depending on your configuration, you'll likely need to work with your network folks to get a port opened to your desktop for testing--or use an RDP connection into a server that has IPD installed--and has network connectivity to the ldap server/port. (Once you have your flow working, you can have this rescinded, and make sure that similar path is available from the IPA server to LSF server -- which is usually not an issue).
Thanks for using the LawsonGuru.com forums!
John
|
|
|
|
RandySystems Administrator Rochester Regional Health (119 points) Veteran Member Posts:43  Send Message:
| 2/1/2022 5:37 PM |
|
|
As S3 and LTM are synched , the user (Actor) roles will end up in LTM tables. I have an Excel refreshable spreadsheet that uses a SQL query to retrieve all Actors and roles and displays in a Pivot. I can send the SQL along if anyone interested.
|
|
|
|
Carla BrandaSr. Systems Analyst Private(20 points) Basic Member Posts:8 Send Message:
| 2/1/2022 6:48 PM |
|
yes, correct, from both products: S3 and LTM |
|
|
|
Carla BrandaSr. Systems Analyst Private(20 points) Basic Member Posts:8 Send Message:
| 2/1/2022 7:01 PM |
|
Yes, I found the LDAP tables. This will reruire a loop to gather each role and group for each user correct? |
|
|
|
Carla BrandaSr. Systems Analyst Private(20 points) Basic Member Posts:8 Send Message:
| 2/1/2022 7:03 PM |
|
Hello
Yes please. I am interested, thank you. |
|
|
|
RandySystems Administrator Rochester Regional Health (119 points) Veteran Member Posts:43 Send Message:
| 2/1/2022 9:43 PM |
|
Carla - Not sure if you wanted this/or if this is what you need. WHen the excel sheet data is refreshed, All LTM actor/security roles will populate the Data/Pivot sheets.
Attached files.
SQL file s/b self explanitory. Run it in SSMS/Query tool to verify.
Excel FIle will need some changes and hopefully will just refresh. Goto Data/COnnections and select the properties on stored connection "LWS-DB-1". In the Definition tab change all the particulars to your LTM/S3 DB server. You need to change the SERVER=, UID=,PWD= and DATABSE= to match your envirenment. UID/PWD must be SQL Server login credentials. Yes, Excel stores PWD info, but no getting around that. If you make the changes and refresh, verything should repopulate with your data. You will be asked to save password with connection, just say yes.
DRIVER=SQL Server;SERVER=LWS-DB-1;UID=lbireport;PWD=sqlpwd;APP=Microsoft Office 2010;;DATABASE=LWSProd |
|
|
|
John HenleyPrivatePrivate(9932 points) Senior Member Posts:3328 Send Message:
| 2/3/2022 3:06 PM |
|
Carla, earlier in your post you said you were trying to query/update within a flow. So I would caution you against using too much custom scripts/SQL, etc. and just stick to the tools that are available to you within IPA. This is important particularly if you ever intend to go to hosted CloudSuite, since you only can use supported tools. In particular, if you are looking for *defined* roles and groups, then you need to look at the LDAP data using LdapQuery node. If you are looking for the roles and groups *assigned* to users, then use ResourceQuery. Thanks for using the LawsonGuru.com forums!
John
|
|
|
|