SlideShare a Scribd company logo

Lawson Security

Download as PPTX, PDF
Nogalis Inc
Nogalis Inc

This document provides an overview of Lawson security, including the components, tools, and simple tasks for getting started with Lawson security. It discusses the user, role, and security class hierarchy and how to secure different object types. It also demonstrates how to perform basic security administration tasks like adding a role to a user, granting access to an online screen, and granting access to a data source. The document stresses the importance of planning security implementation methodology and roles/classes beforehand and troubleshooting techniques if issues arise.

Software
1 of 28
Lawson Security The basics to get you started
Are you on Lawson Security? 48% 42% 10% Poll Lawson Sec LAUA No
What is covered • Overview of security past and present • Introduction to components and terminology • Introduction to the tools and menus • A few simple tasks that you’re likely to perform • Implementation methodology • Troubleshooting
HRGENCLASS PA52 PA100 HR07 HR04 HR01 HR00 HR09 HR10 HR11 PR12 PR13 PR51 PR52 PR67 PR68 HR12 User Security Class Secured Objects LAUA Security
User Security Roles DATAACCESS Security Classes PRADROLE HRGENROLE HRSETUPCLASS PAACTCLASS HR07HR04HR01HR00 PRACCESSCLASS PR12 PR13 PR51 PR52 PR67 PA52 PR68 PA100 HREMPCLASS HR09HR10 HR11 HR12 LSF Security ….
The Hierarchy (in one profile) •User has many oRoles have many •Security Classes have many oRules
What can you secure? • Online: Online Screens (e.g. HR11, PR13, GL00, PO20…) • Batch: Batch programs (e.g. PA100, HR211, PR198, GL190…) • Files: Database Tables • Elements … Not in this presentation • Element Groups… Not in this presentation • Data Source: The Productline • Securable Type o Form o Program o Table
Rule? • Grant All Access • Deny Any Access • Unconditional Access to Action • Conditional Rule Access
The Tools • RM Administrator o Add/Edit Groups o Add/Edit Roles • Security Administrator o Manage Security Profiles o Add/Edit Security classes o Add/Edit Security rules o Assign classes to roles o Manage user profiles o Run security reports o Manage security settings
How to log in • For either the Security Administrator or RM Administrator o Server: Same sever as your Portal URL (you don’t need to type in the “Http://” o User: Has to be a security administrator (there are other user types but for now …) o Password: Same password as used on Portal
Menus • Add/Edit Users • Add Roles to users • Manage identities • Add users to groups • Add/Edit security Classes • Assign a Class to A Role • Create an run reports
Simple Task 1: Add a role to a user • Log into the Security Administrator • Select “User Management” section on left side bar • Click on “User Maintenance”. Opens new window. • Search for the user name by last name. o HINT: You can use wildcards. e.g. Rez* will bring back Rezaei • Right-click the row and select “Edit RM Information” • With the “Role” row highlighted, click on the button to the right • “Skip to End”; “Back”; Check “Description”; Next • Select Desired role and click the > button • Click Finish • Close the “Change RM Object” window • Acknowledge saving the record • Viola
User Search/Edit Right Click
RM Record Should be set to Yes
Assigning Roles
Assigning Roles
Assigning Roles
Simple Task 2: Grant Access to online Screen • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Double Click the Security Class to add access to • Click the “Add Rule” button • Select the securable type. Example: “Online” • Expand the system code your securable object is under. Example “IF” • Check the object you want to grant access to. Example: CU01 o Select “Grant All Access” on the right and click Apply o Expand the screen name and select the token you want to grant access to. Example CU01.1 • Select “Grant All Access” on the right and click “Apply” • Viola: As long as you have access to the system code (Example “IF”) and the DataSource (Example “PROD”).
Granting Access to CU01.1
Did you catch that? • To grant access to a securable object like a screen, a batch job, or a database table, you need to grant access to the productline and the system code it resides in. • In order to grant access to a specific screen token (like HR11.1). You also need to grant access to the screen (HR11). The fields and tabs in the token are automatically granted unless you deny them specifically.
Simple Task 3: Grant Access Prod • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Click “Add” (to add a new Security Class) • Name your security class (e.g. “ProdAccess”), add a description and click ADD • Click “Refresh” scroll double click your new class. • Add Rule • Select “Data Sources” from securable type • Select “Prod”; on the right select “Grant All Access” • Click Apply • Viola
Drop downs and Drills • Must grant access to the tables the select or drill draws data from. • Table information can be found in the <system code>.or and <System Code>.sr files in $LAWDIR/Productline/??src
Couple of other things • LSF Security is grant based. If in any of assigned classes access is granted then the user has access. EVEN IF it’s explicitly denied in another one of the user’s classes. • You can write conditional rules based on lots of things. Here are some examples: o Data Elements: Company, Process_level, Department, Job_Code o Screen Fields o User Profile information o Date/Time o Structures o Elements / Element Groups o Identities
Implementation •50% Planning •30% Development •20% Testing
Methodology • Come up with a good naming convention for roles and classes before you do anything else. These should make sense at a glance and be easy to classify and sorting them should also group them. • Start with Roles in the company • Determine Tasks each role needs to perform (These will be your security classes) • Determine what each task is composed of (These will be your rules) • Assign classes to roles • Assign roles to users • Do one user group at a time, not all at once
Troubleshooting • If all else fails in your troubleshooting make sure to: o Perform an IOSCacheRefresh o Clear all your browsing history and restart the browser o Remove all other roles but the one you’re testing from the user o Run a security report o Check security log files in $LAWDIR/system/ o Clear Security Cache under the Server Management section of the security administrator o Reduce the “CACHING_INTERVAL” under the server settings in the Server Management section of the security administrator o Try it in LID o Take a break
Next Webinar July25 www.nogalis.com/education.html Microsoft Add-ins Simple queries and data loads.
@nogalisinc

Recommended

Lawson for Total Beginners
Lawson for Total BeginnersLawson for Total Beginners
Lawson for Total BeginnersNogalis Inc
 
Fisbone Diagrams Assgnmnt1
Fisbone Diagrams Assgnmnt1Fisbone Diagrams Assgnmnt1
Fisbone Diagrams Assgnmnt1ahmad bassiouny
 
The Top Ten things that have been proven to effect software reliability
The Top Ten things that have been proven to effect software reliabilityThe Top Ten things that have been proven to effect software reliability
The Top Ten things that have been proven to effect software reliabilityAnn Marie Neufelder
 
DBMS languages/ Types of SQL Commands
DBMS languages/ Types of SQL CommandsDBMS languages/ Types of SQL Commands
DBMS languages/ Types of SQL CommandsBHARATH KUMAR
 
DATABASE MANAGEMENT SYSTEM
DATABASE MANAGEMENT SYSTEMDATABASE MANAGEMENT SYSTEM
DATABASE MANAGEMENT SYSTEMSonia Pahuja
 
Gail 3d printing
Gail 3d printingGail 3d printing
Gail 3d printingG-Swift
 
RPI Infor Process Automation Presentation
RPI Infor Process Automation PresentationRPI Infor Process Automation Presentation
RPI Infor Process Automation PresentationRichard Leigh Stout
 
Data mapping tutorial
Data mapping tutorialData mapping tutorial
Data mapping tutorialDmitri Nesteruk
 

Recommended

Lawson for Total Beginners
Lawson for Total BeginnersLawson for Total Beginners
Lawson for Total BeginnersNogalis Inc
 
Fisbone Diagrams Assgnmnt1
Fisbone Diagrams Assgnmnt1Fisbone Diagrams Assgnmnt1
Fisbone Diagrams Assgnmnt1ahmad bassiouny
 
The Top Ten things that have been proven to effect software reliability
The Top Ten things that have been proven to effect software reliabilityThe Top Ten things that have been proven to effect software reliability
The Top Ten things that have been proven to effect software reliabilityAnn Marie Neufelder
 
DBMS languages/ Types of SQL Commands
DBMS languages/ Types of SQL CommandsDBMS languages/ Types of SQL Commands
DBMS languages/ Types of SQL CommandsBHARATH KUMAR
 
DATABASE MANAGEMENT SYSTEM
DATABASE MANAGEMENT SYSTEMDATABASE MANAGEMENT SYSTEM
DATABASE MANAGEMENT SYSTEMSonia Pahuja
 
Gail 3d printing
Gail 3d printingGail 3d printing
Gail 3d printingG-Swift
 
RPI Infor Process Automation Presentation
RPI Infor Process Automation PresentationRPI Infor Process Automation Presentation
RPI Infor Process Automation PresentationRichard Leigh Stout
 
Data mapping tutorial
Data mapping tutorialData mapping tutorial
Data mapping tutorialDmitri Nesteruk
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingDavid Blumentals
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1Eelco Visser
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
Practical Defense
Practical DefensePractical Defense
Practical DefenseSean Whalen
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development TestingCathal King
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionKaren Lopez
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.pptgealehegn
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskSecurity Innovation
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principlesOWASP
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSalesforce Developers
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2Andrey Oleynik
 
Advanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxAdvanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxmohayyudin7826
 
Module 6.pptx
Module 6.pptxModule 6.pptx
Module 6.pptxssuser66c4d5
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the LibrariesEoin Woods
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control FundamentalsSetiya Nugroho
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile WorldDavid Lindner
 
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxAssignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxssuser562afc1
 
Working Effectively with PeopleSoft Support
Working Effectively with PeopleSoft SupportWorking Effectively with PeopleSoft Support
Working Effectively with PeopleSoft SupportSmart ERP Solutions, Inc.
 
Troubleshooting Lawson Security
Troubleshooting Lawson SecurityTroubleshooting Lawson Security
Troubleshooting Lawson SecurityNogalis Inc
 
Upgrade to IPA Made Easy
Upgrade to IPA Made EasyUpgrade to IPA Made Easy
Upgrade to IPA Made EasyNogalis Inc
 

More Related Content

Similar to Lawson Security

All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingDavid Blumentals
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1Eelco Visser
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
Practical Defense
Practical DefensePractical Defense
Practical DefenseSean Whalen
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development TestingCathal King
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionKaren Lopez
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.pptgealehegn
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskSecurity Innovation
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principlesOWASP
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSalesforce Developers
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2Andrey Oleynik
 
Advanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxAdvanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxmohayyudin7826
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the LibrariesEoin Woods
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control FundamentalsSetiya Nugroho
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile WorldDavid Lindner
 
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxAssignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxssuser562afc1
 

Similar to Lawson Security (20)

All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification Training
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
Practical Defense
Practical DefensePractical Defense
Practical Defense
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data Protection
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information security
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security Risk
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and Sharing
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2
 
Advanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxAdvanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptx
 
Module 6.pptx
Module 6.pptxModule 6.pptx
Module 6.pptx
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the Libraries
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control Fundamentals
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
 
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxAssignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
 
Working Effectively with PeopleSoft Support
Working Effectively with PeopleSoft SupportWorking Effectively with PeopleSoft Support
Working Effectively with PeopleSoft Support
 

More from Nogalis Inc

Troubleshooting Lawson Security
Troubleshooting Lawson SecurityTroubleshooting Lawson Security
Troubleshooting Lawson SecurityNogalis Inc
 
Upgrade to IPA Made Easy
Upgrade to IPA Made EasyUpgrade to IPA Made Easy
Upgrade to IPA Made EasyNogalis Inc
 
ProcessFlow/IPA Differences
ProcessFlow/IPA DifferencesProcessFlow/IPA Differences
ProcessFlow/IPA DifferencesNogalis Inc
 
Data Access Basics and Introduction to SQL
Data Access Basics and Introduction to SQLData Access Basics and Introduction to SQL
Data Access Basics and Introduction to SQLNogalis Inc
 
Attaching Files to S3 Applications
Attaching Files to S3 ApplicationsAttaching Files to S3 Applications
Attaching Files to S3 ApplicationsNogalis Inc
 
Lawson Microsoft Addins
Lawson Microsoft AddinsLawson Microsoft Addins
Lawson Microsoft AddinsNogalis Inc
 
Implementing Requisition Approval
Implementing Requisition ApprovalImplementing Requisition Approval
Implementing Requisition ApprovalNogalis Inc
 
Lawson ProcessFlow
Lawson ProcessFlowLawson ProcessFlow
Lawson ProcessFlowNogalis Inc
 

More from Nogalis Inc (9)

Troubleshooting Lawson Security
Troubleshooting Lawson SecurityTroubleshooting Lawson Security
Troubleshooting Lawson Security
 
Upgrade to IPA Made Easy
Upgrade to IPA Made EasyUpgrade to IPA Made Easy
Upgrade to IPA Made Easy
 
LBI For Dummies
LBI For DummiesLBI For Dummies
LBI For Dummies
 
ProcessFlow/IPA Differences
ProcessFlow/IPA DifferencesProcessFlow/IPA Differences
ProcessFlow/IPA Differences
 
Data Access Basics and Introduction to SQL
Data Access Basics and Introduction to SQLData Access Basics and Introduction to SQL
Data Access Basics and Introduction to SQL
 
Attaching Files to S3 Applications
Attaching Files to S3 ApplicationsAttaching Files to S3 Applications
Attaching Files to S3 Applications
 
Lawson Microsoft Addins
Lawson Microsoft AddinsLawson Microsoft Addins
Lawson Microsoft Addins
 
Implementing Requisition Approval
Implementing Requisition ApprovalImplementing Requisition Approval
Implementing Requisition Approval
 
Lawson ProcessFlow
Lawson ProcessFlowLawson ProcessFlow
Lawson ProcessFlow
 

Recently uploaded

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 

Recently uploaded (20)

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 

Lawson Security

  • 1. Lawson Security The basics to get you started
  • 2. Are you on Lawson Security? 48% 42% 10% Poll Lawson Sec LAUA No
  • 3. What is covered • Overview of security past and present • Introduction to components and terminology • Introduction to the tools and menus • A few simple tasks that you’re likely to perform • Implementation methodology • Troubleshooting
  • 5. User Security Roles DATAACCESS Security Classes PRADROLE HRGENROLE HRSETUPCLASS PAACTCLASS HR07HR04HR01HR00 PRACCESSCLASS PR12 PR13 PR51 PR52 PR67 PA52 PR68 PA100 HREMPCLASS HR09HR10 HR11 HR12 LSF Security ….
  • 6. The Hierarchy (in one profile) •User has many oRoles have many •Security Classes have many oRules
  • 7. What can you secure? • Online: Online Screens (e.g. HR11, PR13, GL00, PO20…) • Batch: Batch programs (e.g. PA100, HR211, PR198, GL190…) • Files: Database Tables • Elements … Not in this presentation • Element Groups… Not in this presentation • Data Source: The Productline • Securable Type o Form o Program o Table
  • 8. Rule? • Grant All Access • Deny Any Access • Unconditional Access to Action • Conditional Rule Access
  • 9. The Tools • RM Administrator o Add/Edit Groups o Add/Edit Roles • Security Administrator o Manage Security Profiles o Add/Edit Security classes o Add/Edit Security rules o Assign classes to roles o Manage user profiles o Run security reports o Manage security settings
  • 10. How to log in • For either the Security Administrator or RM Administrator o Server: Same sever as your Portal URL (you don’t need to type in the “Http://” o User: Has to be a security administrator (there are other user types but for now …) o Password: Same password as used on Portal
  • 11. Menus • Add/Edit Users • Add Roles to users • Manage identities • Add users to groups • Add/Edit security Classes • Assign a Class to A Role • Create an run reports
  • 12. Simple Task 1: Add a role to a user • Log into the Security Administrator • Select “User Management” section on left side bar • Click on “User Maintenance”. Opens new window. • Search for the user name by last name. o HINT: You can use wildcards. e.g. Rez* will bring back Rezaei • Right-click the row and select “Edit RM Information” • With the “Role” row highlighted, click on the button to the right • “Skip to End”; “Back”; Check “Description”; Next • Select Desired role and click the > button • Click Finish • Close the “Change RM Object” window • Acknowledge saving the record • Viola
  • 14. RM Record Should be set to Yes
  • 18. Simple Task 2: Grant Access to online Screen • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Double Click the Security Class to add access to • Click the “Add Rule” button • Select the securable type. Example: “Online” • Expand the system code your securable object is under. Example “IF” • Check the object you want to grant access to. Example: CU01 o Select “Grant All Access” on the right and click Apply o Expand the screen name and select the token you want to grant access to. Example CU01.1 • Select “Grant All Access” on the right and click “Apply” • Viola: As long as you have access to the system code (Example “IF”) and the DataSource (Example “PROD”).
  • 20. Did you catch that? • To grant access to a securable object like a screen, a batch job, or a database table, you need to grant access to the productline and the system code it resides in. • In order to grant access to a specific screen token (like HR11.1). You also need to grant access to the screen (HR11). The fields and tabs in the token are automatically granted unless you deny them specifically.
  • 21. Simple Task 3: Grant Access Prod • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Click “Add” (to add a new Security Class) • Name your security class (e.g. “ProdAccess”), add a description and click ADD • Click “Refresh” scroll double click your new class. • Add Rule • Select “Data Sources” from securable type • Select “Prod”; on the right select “Grant All Access” • Click Apply • Viola
  • 22. Drop downs and Drills • Must grant access to the tables the select or drill draws data from. • Table information can be found in the <system code>.or and <System Code>.sr files in $LAWDIR/Productline/??src
  • 23. Couple of other things • LSF Security is grant based. If in any of assigned classes access is granted then the user has access. EVEN IF it’s explicitly denied in another one of the user’s classes. • You can write conditional rules based on lots of things. Here are some examples: o Data Elements: Company, Process_level, Department, Job_Code o Screen Fields o User Profile information o Date/Time o Structures o Elements / Element Groups o Identities
  • 25. Methodology • Come up with a good naming convention for roles and classes before you do anything else. These should make sense at a glance and be easy to classify and sorting them should also group them. • Start with Roles in the company • Determine Tasks each role needs to perform (These will be your security classes) • Determine what each task is composed of (These will be your rules) • Assign classes to roles • Assign roles to users • Do one user group at a time, not all at once
  • 26. Troubleshooting • If all else fails in your troubleshooting make sure to: o Perform an IOSCacheRefresh o Clear all your browsing history and restart the browser o Remove all other roles but the one you’re testing from the user o Run a security report o Check security log files in $LAWDIR/system/ o Clear Security Cache under the Server Management section of the security administrator o Reduce the “CACHING_INTERVAL” under the server settings in the Server Management section of the security administrator o Try it in LID o Take a break

Editor's Notes

  1. Skip this