Here is a brief guide to get yourself set up with Spreadsheet Designer (ISD).

  1. Ability to comment out rows and worksheet/s enhancement is available in ISD 10.0.16.245.
  2. Click the Infor Button > Settings

The feature is disabled by initial install/upgrade. Check the Comments>Enable checkbox to turn on comments.

 

 

  1. Using Row Comment
    • For row comment/s, insert “//<space>” or “// ”on first column of the row.
    • Click Upload/Upload Sheet Range/Upload All

 

** For Batch Upload, check Upload in Batch Mode in Settings, then repeat steps 4.1 and 4.2

 

 

  1. Using Worksheet Comment
    • For Worksheet comment, insert “/*<space>” or “/* ”on first cell of the Worksheet (cell A1).

Or

  • Click Upload or Upload All

** For Batch Upload, check Upload in Batch Mode in Settings, then repeat steps 5.1 and 5.2

 

In Lawson ISS, you may come across one or both of the two scenarios below:

  1. I removed a role from a number of users in Lawson System Foundation (LSF) and want to use an Infor Security Services (ISS) sync to remove these same roles from Landmark (LMK).

or

  1. I removed a role from a number of users in Landmark (LMK) and want to use an Infor Security Services (ISS) sync to remove these same roles from Lawson System Foundation (LSF).

 

There is a resolution for both of these scenarios:

A full ISS sync does not have the ability to remove roles from users. However, you can run a list-based sync via an ssoconfig command to remove the roles in the other system.

 

There is a flag that can be included in the list-based sync file that allows for roles to be overwritten in the system that is being updated called the mergeActorRoles flag. When this flag is not included in the xml file to be used, or is set to true, the roles from the source system (the one you are NOT updating) that are not found in the other system will be appended to the roles currently assigned. When this flag is set to false, mergeActorRoles=false, the roles assigned in the system that is being updated will be overwritten to match those in the source system, hence removing roles if necessary.

 

A list-based file template is delivered with each upgrade to ISS, you will use this file as a base for your work. The location of the file is:

 

GENDIR\system\provisioning\metadata\backgroundSyncTemplate.xml

Create a copy of the file and edit the copy, ensure the following are set:

 

defAction is set to update the system where the roles have NOT already been removed options:  update_remote or update_local

mergeActorRoles is set to false

IMPORTANT: The local and remote sections shown in the example below MUST be included since the users already exist in bot LSF and Landmark. These areas would contain each user to be updated.

Example of a completed list-based sync file that will update roles in LMK for existing users test1 and test2 to match roles in LSF:

Once you have the file the way you need it, you need to run the ssoconfig command for the list based sync.

The syntax for that is as follows and there is no ssoconfig password required for this process/command syntax:

 

ssoconfig -S sync_file_with_fullDirectoryPath

 

Example command for Windows customers:  ssoconfig -S D:\LSFPROD\gen\system\provisioning\metadata\FileNameOfBackgroundSyncTemplate.xml

Example command for Unix or IBM i customers: ssoconfig -S /LSFPROD/gen/system/provisioning/metadata/FileNameOfBackgroundSyncTemplate.xml

 

NOTE: In the above examples, if you placed the xml file for this process in another directory, simply replace the full path to the location of your xml file.

 

 

We recently had a requirement to disable TSLv1 in our ADFS instance.  Some portions of Lawson, as well as LBI, still depend on TLSv1 security.  So, the best way to accommodate this requirement, while also making sure the applications stay fully compatible, is to set the QoP (Quality of Protection) protocol to SSL_TLSv2 in WebSphere on all nodes for all products.

To do this, for each WAS instance, log into the console and navigate to SSL certificate and key management > SSL configurations > (cell or node – do them all) > Quality of protection.  Set the protocol to SSL_TLSv2.  Once you have saved these changes for all cells and nodes, restart the server.

To debug batch programs through command-line entry, use the following steps:

To debug batch programs through command-line entry

  1. If LAWENV is not called as part of your user profile’s sign-on program, you must call the LAWENV program to set the environment variables correctly.
    1. At the IBM i command line, type
      CALL LAWENV
    2. Type the name of an Environment and press Enter.
  1. Compile the program you want to debug. At the Qshell command line, type
    qcompile -D productline systemcode programcode

Note: If you need to include modules in the compile, use qcompile -Dm productline systemcode programcode .

  1. Submit the program to a job queue that is on hold or is not tied to a subsystem (so that the batch job does not execute).
  2. Start a service job for the program.
    1. Get the job information by typing at the IBM i command line,
      WRKJOBQ QueueName
      where QueueName is the job queue to which you submitted the batch program.Select option 5 (Work with) for the job queue and then write down the job, user, and job number information for the appropriate job.Note: You can also use the WRKUSRJOB command to find the job information, but this may yield a much longer list of jobs to view in order to find the one you need.
    2. At the IBM i command line, type:
      STRSRVJOB JobNumber/UserName/JobName
  1. Start debug. At the command line, type STRDBGand prompt it (F4). Make sure the library is the one where you compiled the source and that UPDPROD(*YES) is set. If the information is correct, press Enter.
  2. When source listing appears, press F12to resume.
  3. Start the batch program by changing the job to run in an active queue. On the “Work with Job Queue” screen, enter 2(Change) to change the job queue for the job. After typing in the job queue name, press Enter.The ILE debugger will display the “Start Serviced Job” screen with the following message: “The serviced job has been released from the job queue. Press Enter to start the job or F10 to enter debug commands for that job.”
  4. Press F10and then at the IBM i command line, type:DSPMODSRC
  1. Set break points (F6), then press F12, and then press F3 to return to the “Start Serviced Job” screen.
  2. Press Enterto run the program.
  3. After finished with debugging, end debug and the service job. At the IBM i command line, type:
    ENDDBG
    thenENDSRVJOB

Users are receiving the following error when running a query or upload in Microsoft Office Add-ins:

FATAL ERROR: ITEM_SECURED

File FILERELFLD is secured.

 

Resolution:

This is a security setup/configuration issue.

First, you need to decide where the security rule needs to be added.  The steps below are very specific to doing this change to the ADDINS security class which Infor Lawson delivers out of the box. This ADDINS security class is assigned to the LawsonQueryToolsRole security role.  In general, end users that need to use MOA should have the LawsonQueryToolsRole assigned to them since it’s an out of the box deliverable allowing all necessary access to the items need for use with MOA.  If you are using a different configuration, then in the steps below, instead of ADDINS, you’d add the rule to the appropriate security class.  That security class would need to be assigned to a ROLE that the user already has assigned to them.

  1. Log into Lawson Security Administrator (LSA)
  2. Click on “Profile Management” tab
  3. Click on “Profiles”
  4. Double-click on the “GEN” Profile id
  5. Double-click on the “ADDINS” security class name
  6. Click on the “Add Rule” button
  7. Change the “Securable Types” to “Files”
  8. Expand (Click on +) “CS”
  9. Locate the table that is showing in the error in the list under “CS” (Example: FILERELFLD) and put a check mark in the box next to it
  10. Click on “Apply” and have the user test.

Your error should go away.

After a Java update in Landmark, there are typical steps to follow to reset the java location.  Firstly, change the JAVA_HOME and LAW_JAVA_HOME environment variables.  Verify that the new path is also stored in the Path environment variable.

 

Next, run the change-jdk.jar command in the grid home/tools folder.

Finally, validate the LAW_JAVA_HOME setting in the config.bat file.

After those steps are completed, reboot the server and make sure the application starts.  If it doesn’t, it’s time to get into the nitty gritty.

Open up the Grid Manager.  Click on Configuration > Grid Configuration.

Select Grid Properties.

Under Node Properties, select Java Executable.

It is most likely pointing to the old location for Java.  Fix that, then reboot and you should be good to go.

When we try to update some user records on the Infor Security Services (ISS) webpage, it gives an error stating: “loadResource(): returned identity [User:] already exists”

This error is due to missing extended attributes in LDAP. The extended attributes are what allow ISS to know that the user exists in LMK and are created when a user is added via ISS or the user is included in a sync.

To create the extended attributes for the user, you have two options (we recommend step 1):

  1. Run a list-based sync for the user who you are getting the error on.
  2. Run a full sync via the ISS webpage.

 

See LSSCG_11.0.0.0_UWA.pdf via Infor Concierge for example on list-based sync.

 

This is typically done by a Lawson technical resource. Organizations often hire a Lawson consultant team who offer managed services at a fixed monthly rate. These Lawson teams have a wider range of expertise and knowledge and are ideal for larger organizations but also are great for smaller ones that don’t need a dedicated Lawson employee on-site. Nogalis does offer this as a service so feel free to reach out to us via our contact page.