LBI user id / password question

With a generic account. While many organizations discourage generic accounts, I don't think that there is any sizable organization that can eliminate them, it just isn't practical. A system needs at least one, e.g. lawson, root, Administrator, etc.

the common practice is to create an application user such as LBIAdmin that has a complex password and doesnt expire. This user could also be used as the RM Manager in the System Configuration.

You would not believe the amount of pain one must go through if in the event of a lady getting married/changing her name and getting a new sign on issued if that same lady has a whole bunch of reports published using her old id.
We have just had that occur recently to 2 ladies who are heavy LBI developers. We have since switched to using a generic id to publish under. We had to fight tooth and nail to get this past our security dept too, but there are advantages to it as well. The DBA's can now determine which things that are hitting the database are our users possibly writing inefficient code, and those things that are scheduled jobs, and have been able to identify a few problems along the way.
It just gives them a better handle on their databases!

Thanks for your feedback on this.

I have a follow-up question. For auditing purposes, the password for this generic userid should be known to only the system administrator and probably that person's backup. It would be the system admin's job responsibility to keep this password current and secret.

I can't verify what I'm about to say by checking this out in LBI (because our system's down for maintenance), but if LBI security is set up so that only the admin can update the password for our production box security, then is it true that I, as an HR report developer and job scheduler, can still use this service - without the threat of my ever knowing the password?

I should say that we're currently not live on Lawson 9 or on LBI. Our security is still open to a to a group that's wider than just the system admin (it now includes me and the other HRIS analysts as well the the business analysts in the Finance dept).

let me know what you think - thanks

We have the same issue where we used to use user-ids with passwords that expire in90 days. reports that are scheduled to refresh with this id did not refresh after 90 days. With great difficulty we managed to create generic ids in the system whose passwords did not expier so that the reports refreshed forever.

However if we has a report writer report that fed into crystal we use a different id to create elements in the reportwriter reports like the account goups or the accounting unit groups or the accounting unit lists to make sure we can identify any user who modified these elements.

As long as the system admin now takes on the additional responsibility of publishing all new reports (since they would be the only ones with the knowledge to fill out the "Data Settings" screen - I believe the answer to your question is yes.

If you use the Override Data Source settings, non-LBI Admins can still publish reports and set the appropriate database login for he report without knowing the username password.  Additionally you can secure the different data source overrides to only allow specific users select specific logon credentials.