This problem can occur after updating Lawson and Landmark from an older version and or when organizations update previous users to a newer naming convention.
Problem: A user is trying to access their Inbasket to approve orders but receive the error below:
Validate the user is setup correctly in Lawson Security
Validate the user is setup correctly in Landmark via Rich Client or Process Server Admin
The RMID in Lawson Security must match the Landmark Actor ID.
If Step 3 does not resolve the error, look into the IOS.log and see how the users RMID is appearing there and make sure the Actor ID matches the casing there.
This can be a tricky issue to resolve, especially for organizations with a single Lawson professional to debug while they are swarmed in daily tickets and also tasked with maintaining recurring process flows.
Alternatively, organizations will hire a Lawson consultant team that have a wider range of expertise who offer managed services at a fixed monthly rate. This would be more ideal for larger organizations with many daily tickets or workflows to maintain or even smaller ones who don’t need a single dedicated Lawson professional but still need weekly maintenance/support.
https://www.nogalis.com/wp-content/uploads/2022/05/505-–-Internal-server-error-when-accessing-Lawson-Inbasket.jpg470470Angeli Mentahttps://www.nogalis.com/wp-content/uploads/2013/04/logo-with-slogan-good.pngAngeli Menta2022-05-27 08:08:212022-05-21 21:10:54505 – Internal server error when accessing Lawson Inbasket
Searching for user properties in LDAP may not be as straightforward to do or you may not have had formal instructions in past to do this task. Below is a step-by-step guide to easily search for user properties in the LDAP application.
https://www.nogalis.com/wp-content/uploads/2022/05/How-to-search-for-user-properties-in-LDAP.jpg470470Angeli Mentahttps://www.nogalis.com/wp-content/uploads/2013/04/logo-with-slogan-good.pngAngeli Menta2022-05-24 08:18:042022-05-20 18:40:59How to search for user properties in LDAP
If you receive a “socket” error when saving data in Infor Security Administrator, it is probable that your Federated Server Certificate is corrupt or out of sync and needs to be recreated. Note that this is NOT the WS Federation Certificate.
To recreate the Federated Server Certificate, open a command line window on the LSF server and set the environment variables. Log into ssoconfig -c.
First, get the Federated Server Certificate name. “Manage Federation” > “Manage Federated Server Certificates” > “List Federated Server Certificates”. Make note of the name.
Select “Manage Federation” > “Manage Federated Server Certificates” > “Delete Federated Server Certificate”. Type in the name that you saved above.
After a successful confirmation, restart the servers and try again. A new Federated Server Certificate will be generated upon recycle.
https://www.nogalis.com/wp-content/uploads/2022/05/Socket-Error-in-ISA.jpg470470Angeli Mentahttps://www.nogalis.com/wp-content/uploads/2013/04/logo-with-slogan-good.pngAngeli Menta2022-05-20 08:39:072022-05-19 11:41:04Socket Error in ISA
After making changes to Landmark application configuration or security configuration, it is not always necessary to restart Landmark. You can force configuration changes via command line, or in Rich Client.
To force changes via command line, open a Landmark command with environment variables set. Run the command clearconfigs -s <data area> to clear the security caches. Other options are -a for authendat, or blank for all (clearconfigs gen).
To perform this task in Rich Client, Go to “Start > Configure > Manage Cache”. Then select “Actions > <the cache you wish to clear>”
https://www.nogalis.com/wp-content/uploads/2022/05/Command-to-Force-Landmark-Configuration-Changes.jpg470470Angeli Mentahttps://www.nogalis.com/wp-content/uploads/2013/04/logo-with-slogan-good.pngAngeli Menta2022-05-17 08:28:052022-05-12 11:33:41Command to Force Landmark Configuration Changes
The listprod -d command shows information about the product line’s status. The -a option shows information about all product lines.
For Example:
D:\\>listprod -ad
prodline data area Status
gen gen active
prod prod active
test test active
dev dev active
Here are descriptions of the statuses:
Active
The data area has an active dictionary
Pending
The data area has a pending dictionary
Upgrading
The data area is being upgraded
Out-of-date
The framework version used to build the most recent dictionary for the data area does not match the framework version used to build the most recent “GEN” dictionary
Active-out-of-date
The framework version used to build the active dictionary for the data area does not match the framework version used to build the active “GEN” dictionary
Config-missing
There is no data area configuration file
Config-changed
The data area configuration file is newer than the newest dictionary for the data area
Source-missing
There is no source for the product line
Source-changed
The source for the product line has changed since the newest dictionary for the product line’s data area was built
https://www.nogalis.com/wp-content/uploads/2022/05/Landmark-Command-to-get-Product-Line-Status.jpg470470Angeli Mentahttps://www.nogalis.com/wp-content/uploads/2013/04/logo-with-slogan-good.pngAngeli Menta2022-05-13 08:33:562022-05-09 12:36:04Landmark Command to get Product Line Status
After configuring ADFS, if you attempt to launch LBI and receive the message “(security:3042) Unable to authenticate user”, go to the SystemOut.log to gather more information. If the error is displayed there with a reference to the username, this is a known issue with LBI and ADFS. Navigate to the SystemOut.log on the LBI server to gather more information.
7/2/19 11:58:30:986 EDT] 00000069 webapp E com.ibm.ws.webcontainer.webapp.WebApp logServletError SRVE0293E: [Servlet Error]-[GenericServletWrapper]: com.lawson.efs.security.GeneralAuthenticationException: (security:3042) Unable to authenticate user.
com.lawson.security.interfaces.GeneralLawsonSecurityException: Event request failed: Could not get identity for user – lawson
Stack Trace :
com.lawson.lawsec.authen.LSFSecurityAuthenException:Could not get identity for user – lawson
If your stack trace looks similar to the above, you will need to create a user in Lawson security where SSOP matches RMID. This means, that you need a user whose RMID is formatted as their userPrincipalName. To do this, you must have a service account that can be used for the purpose. Also, you must load the user details with the loadusers command, as the characters “@” and “.” are not allowed when adding users in LSA.
First, have your networking team create a service account for this purpose. Then, create a loadusers.xml file like this:
Next, on the Lawson server, run the command loadusers -f <full path to your loadusers file>. In LSA, assign the LBI admins and LBI users groups that your organization uses to this account, and verify that the user has the SuperAdminRole. In the Framework Services Configuration assistant in LBI, change the RM user to [email protected] and set the password. This can also be done in the SYSCONFIG table of the EFS database.
Restart LBI WebSphere and try the connection again.
https://www.nogalis.com/wp-content/uploads/2022/04/Unable-to-Authenticate-User-Lawson-After-Configuring-ADFS.jpg470470Angeli Mentahttps://www.nogalis.com/wp-content/uploads/2013/04/logo-with-slogan-good.pngAngeli Menta2022-05-10 08:34:462022-05-03 13:29:22Unable to Authenticate User Lawson After Configuring ADFS
Infor’s Configuration Console is a tool that can be used to configure Landmark applications. It can be used to create new user interface components, or customize existing user interface components. It is a very useful tool for customizing and enhancing the user experience in Landmark applications. The tool uses a proprietary language called “Landmark Pattern Language” (LPL).
To get to the Configuration Console in Rich Client, go to Start > Configure > Application. Or, you can ctrl+shift+click on a Landmark form and click the “Configure” link.
The “empty sheet” button is used throughout Landmark applications to create a new item. Configuration Console is no exception. Press this button to create a new configuration. The save and delete buttons are also intuitive. When you click the delete button, remember you are deleting the configuration only, not the Infor-delivered component!
In most cases, the “pencil” button indicates editing the configuration LPL directly, and the “Configure” button is for editing the component using a graphical interface.
Menus
Configuring menus is pretty straightforward. Menu items can be deleted, and menus can be hidden from user view. Note that if a menu is hidden in Configuration Console, this setting takes precedence. So, if the menu is available via security, it still can’t be viewed.
Pages
There are a few options available in configuring pages. Mostly you can add different fields, including computed fields. This is one example where the pencil button does not indicate LPL configuration. On the main configuration screen for a page, the pencil button takes you into the page editor. At the bottom of that screen, you will have to option to edit the LPL code.
Web Applications
Web Applications have a few options for configuration. One thing that can be customized is the home landing page for the web application. Just make sure the page exists in the correct location on your server!
User Fields
User Fields are probably one of the most widely-used configurations available. The value in a User Field will be saved in the database, so that it can be accessed later in Landmark queries or Spreadsheet Designer. There are several types of fields available to allow you much flexibility in form customization.
A snapshot is sort of what it sounds like. It is a copy or a “snapshot” of another field from a related business class.
A condition field is a way to test a condition without having to rewrite code over & over. A condition field should always return true or false.
A compute fields allows you to do mathematical and date computations on one or more fields in the business class.
Derived fields are the most flexible option, and can be used in place of all of the above field types. They can be used to convert data types, take substrings, or write more complex bits of code to return the desired information.
Forms
Forms are another highly configurable component. User Fields can be added to forms. Fields can be hidden, actions can be disabled, and basic checks can be done to customize the flow of a form. Here are some examples for setting default values on a Form.
Relations
Relations are another very useful tool in the Configuration Console arsenal. They can really open up your forms and other components to allow you to get data from other areas in the application that isn’t readily available. Relations are a way of relating two business classes on key fields. A one-to-one relationship requires all of the key fields to be populated. A one-to-many relationship does not, but be aware that this could return a list of values instead of one value!
These are examples of relating the Candidate business class to the Employee an WorkAssignment business classes.
Actions
Actions can be configured with Entrance Rules (things that happen when the action loads), Exit Rules (things that happen when the action is released), and User Parameters. The User Parameters would follow the action into the next step, such as an IPA approval flow. Some of the fields on an action can be configured to be required, or not required.
History
All configuration changes are version and stored each time the configuration is saved. This means that you can compare current state to any of the previous states to the beginning of the configuration, as well as the base LPL. This is highly useful, and a great feature! To get to the history, on the main page of any component, select “Vew History”. On the left side is the historical configuration. On the right side is present-day. You can click the dropdown to select the configuration you want to compare. If you are ready to go back to that configuration, click the “revert” button. If you are satisfied, don’t forget to save your changes!
Helpful Links
Infor’s documentation site is a great jumping-off point for learning about Configuration Console and LPL.
