Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Performance Management
Lawson Business Intelligence/Reporting/Crystal
User Ids in a Report Security group in LBI
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Saef
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5226
People Online:
Visitors:
208
Members:
0
Total:
208
Online Now:
New Topics
User Group Announcements
Carolina User Group Meeting
12/20/2024 3:15 PM
Date & Time: February 6, 2025, 8:30am - 4:00pm
S3 Systems Administration
ADFS certificate - new cert
12/3/2024 9:38 PM
The certificates on the windows boxes expired and
Lawson S3 HR/Payroll/Benefits
Post Tax Benefit Plan Table
11/14/2024 9:16 PM
Hi, totally new to Laswon. I have a repor
Lawson S3 Procurement
ED501 Error: Map 850 not supported by /law/c15vda/lawson/test10/edi/bin/laws_out_91
11/12/2024 3:47 PM
Tried runnning ED501 and getting the atathced erro
Lawson S3 HR/Payroll/Benefits
Error
11/6/2024 9:54 PM
When I try to enroll a retiree in 72.1 health plan
Infor ERP (Syteline)
Syteline: New Data Maintenance Wizard (Error) Need help
11/1/2024 4:24 PM
Hi, I need help with an error on syteline while us
Dealing with Lawson / Infor
Implementing Lawson v10 with Cerner Surginet, Case Cart Picking, and Quick Adds for the OR
10/29/2024 4:20 PM
Hi Everyone, I am wondering if there is any org
Lawson S3 HR/Payroll/Benefits
Canada Tax Calculation (Federal and Provincial) Issue
10/23/2024 5:00 AM
Initially, we had problem with CPP2 calculation is
Lawson S3 HR/Payroll/Benefits
CA Section 125 401k Plan
10/22/2024 10:13 PM
Does anyone have any recommendations on how to fac
S3 Systems Administration
Running AC120 deleted records from ACMASTER table
10/22/2024 3:40 PM
We recently ran the AC120 as normal and somehow it
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3291
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1372
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
Performance Management
Lawson Business Intelligence/Reporting/Crystal
User Ids in a Report Security group in LBI
Please
login
to post a reply.
15 Replies
0
Subscribed to this topic
22 Subscribed to this forum
Sort:
Oldest First
Most Recent First
Author
Messages
Ruma Malhotra
Veteran Member
Posts: 412
5/2/2012 7:57 PM
I am trying to query the reporting services database to find out the user-ids that are attached to a report security group in LBI. I see that ERS_REPORTACCESS has the access_type and access_value which could be a securitygroup for access type and has an access value associated but cannot seem to find a table that lists the user-ids attached to that report security group.
We are on the lates version of 9.0.4.2. Previously these values were stored in a table called ENPUSERGROUPLIST. Does anyone know what happened to this table, whether it is still there or not ? Otherwise where all the suer-ids with a security group stored.
Thanks in advance.
Chris Martin
Veteran Member
Posts: 277
5/2/2012 8:27 PM
http://www.lawsonguru.dan...lbi-security-groups/
Ruma Malhotra
Veteran Member
Posts: 412
5/2/2012 8:44 PM
This gives only the name of the Report sec group and not the actual user-ids that belong to the report sec group. Previously these user-ids in a previous version was stored in ENPUSERGROUPLIST but this table does not exist in the latest version of LBI for 9.0.4.2. These user-ids that are attached to a report security group have to be stored somewhere but where ?
Greg Moeller
Veteran Member
Posts: 1498
5/2/2012 8:53 PM
Ruma: Take the ERS_SECURITYGROUPS.SECURITYGROUPID and use that to link to ERS_REPORTACCESS.JOBNAME
Then filter ERS_REPORTACCESS to REPORTID=-99 and INSTANCEID=-99
I think that will get you close.
Ruma Malhotra
Veteran Member
Posts: 412
5/2/2012 9:02 PM
I got this part. If I created a group in sec admin and attached that to a report security group in LBI there used to be a table called ENPUSERGROUPLIST that had all the ids for these users. These user-ids were attached to group in sec admin. I guess the table was removed from LBI so we can no longer find out the user-ids that were attached to a group in sec admin that could be attached as part of the report security group.
Greg Moeller
Veteran Member
Posts: 1498
5/2/2012 9:06 PM
Something similar to this works for me.
Select *
from LAWRS.ERS_REPORTACCESS RA,
LAWRS.ERS_SECURITYGROUPS SG
where RA.INSTANCEID='-99'
and RA.REPORTID='-99'
and RA.JOBNAME = SG.SECURITYGROUPID
;
Greg Moeller
Veteran Member
Posts: 1498
5/2/2012 9:13 PM
Ruma: Do you mean Lawson Security Admin? If so, you'd have to query the ldap to find out the members of the groups.
See the Unix script that I've attached.
Attachments
004_003_002_001_groupheader_users.zip
Ruma Malhotra
Veteran Member
Posts: 412
5/3/2012 4:46 PM
Thanks Greg. This helps me. I am however disappointed that there are 2 tables removed that used to store this information in LBI. One for reporting services called ENPUSERGROUPLIST and the other in framework services called ENPENTRYACCESSLIST.
Greg Moeller
Veteran Member
Posts: 1498
5/3/2012 5:54 PM
It's probably from Lawson's own recommendation to
not
run the LBI Sync with the "remove expired users and roles" box checked. I can see LS and the tables getting horribly out of whack.
With our rate of turnover and/or reorganizations/reassigning job duties, it's probably a good thing that all we need to do is keep people in the correct groups in LS. But I can see your point as well.
Donna
Veteran Member
Posts: 110
6/10/2013 7:27 PM
Hi there,
I read the entries to this post and still have a question.
Can you delete a user ID without removing the user from all of the reports, dashboards and rights that are assigned to the user ID? It appears that that is the case when I read the post but I would like to verify the procedure. We have some orphans that are no longer in AD and some other IDs that I need to research before taking action. I also think we may have a user or 2 that have multiple IDs.
Thank you.
Greg Moeller
Veteran Member
Posts: 1498
6/12/2013 12:58 PM
@Donna: You can delete an ID from Lawson Portal and as long as you are NOT running the LBI sync with the 'remove expired users and roles' box checked, they will still be in LBI... If you are running the LBI sync with this box checked however, you will be removing them from all reports, smartnotes, dashboards, etc.
Donna
Veteran Member
Posts: 110
6/12/2013 6:53 PM
Greg,
We do not have the 'remove expired users and roles' box checked. However, in most cases the users we are removing are either orphaned users (no longer in active directory) or termed users so your answer is very reassuring.
Thank you for taking the time to respond.
Donna
Greg Moeller
Veteran Member
Posts: 1498
6/12/2013 7:13 PM
Donna: Why would you want termed users to still be on reports?
Our practice here is to remove their LBI delivery device, and eventually remove them from the reports as well.
I'm just curious.
Donna
Veteran Member
Posts: 110
6/12/2013 8:02 PM
Greg,
I don't want to keep them in LBI but I did not want to do anything that will create other maintenance issues so we have not checked the 'remove expired users and roles' yet.
We are beginning a maintenance project on LBI and will probably check the 'remove expired users and roles' once we have the analysis complete.
I do have one more question though. It appears that all we have to do with the Termed employees who are no longer in Active directory is delete them from Lawson Security. Is that correct?
Thanks to some of your prior posts, I have been able to create reports that allow me to analyze users and their relationships to LBI roles and published reports since my last post. Now I just need the time to do the actual analysis and perform the clean up tasks.
Thank you again.
Donna
Greg Moeller
Veteran Member
Posts: 1498
6/12/2013 8:32 PM
Deletion from LSA is all that we do here..
With the 'remove expired users and roles' box checked though, if the expired user owns anything in LBI and gets removed from LBI, that content will be transferred to a default account called SYSTEMMANAGER --- Any LBI administrator can use the 'Content' link from the Tools dashboard to transfer and reallocate the content. The LBI Guide recommends that before a user is removed from LBI, they transfer their content themselves though to prevent the system from doing it automatically and possibly screwing something up.
The last part is not actually part of the documentation, but my thoughts alone.
Thank you for the kind words!
Donna
Veteran Member
Posts: 110
6/12/2013 8:45 PM
Greg,
Thank you. I have enough information now to complete my task.
Your contributions to Lawson Guru are a wonderful help to members of the community and certainly should be recognized.
Please
login
to post a reply.