Lawson Security – The Theory of Greatest Privilege Access Explained

When Lawson left LAUA security, it redesigned its hierarchical security as so:

  • Roles
    • Classes
      • Tokens (or rules)

These all followed the theory of the greatest privilege access since v9


What does this mean?

In the simplest form, it means that if there is an ALL_ACCESS and a DENY_ACCESS rule within the same class or role, the ALL_ACCESS wins and grants access to the rule.


Real world example:

Problem: Say you wanted to grant a user access to view an AP form but noticed that the form itself shows a vendor’s number under the TAX ID field.


If the vendor does not have a vendor number, typically they use their social security number and this is added to the TAX ID field which is a field on the APVENMAST table.


If we set DENY_ACCESS on the TAX ID field within APVENMAST as shown below:

When the user loads the AP form up again, that field will appear blank or greyed out.


Let’s say this user eventually takes on newer tasks and gets a new role assigned to them to submit requisition orders and this newly assigned access inadvertently grants ALL_ACCESS to the APVENMAST table.

This new access now overrides the DENY_ACCESS set on the TAX ID field and the user can now once again see the TAX ID field and reveal sensitive information such as a vendor’s social security number.


I hope this helps when designing your security for employees.

ERP’s Defining Characteristics, and Why Your Business Can’t Live Without Them

Technology has changed the way we operate systems these days. Enterprise resource planning (ERP) has gone further than having “the ability to deliver an integrated suite of business applications” (as defined by Gartner in 1990). The ERP landscape has evolved and while it still does what its original definition was, with the rise of postmodern ERP deployment and a shift toward third-party integration, the future of ERP as we know it hangs in the balance. Zach Hale shared an article on that shares what ERP can do for your business and why you need to deploy an ERP system in 2020.

Common ERP modules and functions

  • Financial management. Also known as accounting, the financial management component records, processes, and organizes transactions within modules such as general ledger, accounts payable, accounts receivable, and fixed-asset tracking.
  • HR management. ERP software can automate core HR functions such as personnel tracking and benefits administration, as well as more strategic processes such as recruiting, employee evaluation, and training.
  • Inventory/supply chain management. These functions support the planning and execution of supply chain transactions to optimize inventory levels and meet customer demand, from the acquisition of raw materials to production and delivery.
  • Manufacturing resource planning (MRP). Using ERP’s manufacturing planning functionality helps to efficiently plan production based on materials, labor, and machinery.
  • Customer relationship management (CRM). Basic CRM functionality includes sales- and client-related processes such as managing contacts, leads, and cases.
  • Project management. Through their ERP system, businesses can manage projects independently so users can create plans, schedules, resource assignments, budgets, estimates, and more.

New developments and features in ERP systems

  • Third-party integration. Integration helps businesses incorporate industry-specific applications from third-party vendors into their day-to-day and tailor their system to the needs of the organization.
  • Cloud-based deployment options. In the last decade or so, ERP vendors have begun offering an alternative to on-premise deployment: a cloud-based option hosted on the vendor’s servers and accessed through any approved device with internet access.
  • Data collection and analysis. As home to virtually all your business data, ERP software can use artificial intelligence (AI) and predictive analytics to analyze performance, project future outcomes, and inform business decisions.
  • Workflow automation. ERP systems can automate repetitive tasks, create workflows that trigger processes, and send notifications to users or payment reminders to clients.

With its core functions and new developments, they represent an unprecedented leap forward for the ERP market. Businesses that implement this tech-driven system stay ahead of the curve, while those who have yet to embrace it may be on the verge of being left behind.


For Full Article, Click Here

Burton Snowboards Selects Infor to Support its Digital Transformation and Global Expansion

Infor is partnering with leading snowboard brand Burton Snowboards and will implement the Infor CloudSuite Fashion, an ERP (enterprise resource planning) system tailor-made for the fashion industry. A long-time customer of Infor, the global leader of snowboards and sports gears has expanded its Infor Nexus supply chain management capabilities to optimize inventory across channels, increase its direct-to-consumer business, operationalize its expansion to global markets, and upgrade its technology footprint to the cloud. Burton is constantly challenged to manage inventory with seasonal demand and orchestrate products across a global supply chain. Infor will enable Burton to standardize enterprise processes and optimize inventory flow from source to customer across all channels, including direct-to-consumer and e-commerce, while reducing its legacy technology footprint.


For Full Article, Click Here

How to Analyze a Cloud-based Log Quickly in Lawson

In a Lawson Cloud environment, its difficult to get logs off the server since now you’re likely restricted to FTP access and the latest logs are currently being written to by the server itself, thus throwing a deny exception when trying to download the latest logs from FTP.

I previously made another article on this explaining a work around for this but that takes a few extra steps and time. This is a quicker command line method if you need to test something immediately.


  1. First login to Lawson Interface Desktop
  2. Go to the directory in which the logs exist
  3. Type this command: tail -500 <name of log file being written to> | lashow
  4. Example: tail -500 ios.log | lashow

As you see above, this uses the tail command combined with -500 parameter which returns the last 500 lines written to the log. You can change -500 to whatever amount of lines you want to return (the more the longer it takes to load)

The optional piped LASHOW command is to open this in a separate scrollable and searchable window within LID.

This becomes especially useful when testing live forms or code in Lawson.


Good luck!

Infor Broadens Relationship with Accor

Infor has successfully extended their 13-year relationship with Accor, a global leader in augmented hospitality. This extension was made possible by Accor signing a global agreement to continue their collaboration with Infor EzRMS revenue management software. The application is currently used at more than 1,100 properties worldwide. Accor will have mobile access, function space revenue management, extended stay optimization and a variety of pricing methodologies. Per the press release, as part of the agreement, Infor will offer three new packages for different properties throughout the Accor portfolio. This will enable Infor to continue to help support the global network dedicated revenue managers in Accor. Additionally, this new agreement allows new brands in the Accor portfolio to benefit from Infor EzRMS, including newly integrated brands.


For Full Article, Click Here

IP Designer Series – Landmark Admin Node

The Landmark Admin Node can be used to run command line utilities on the Landmark Server.  In the node properties, select the command you wish to run.  Then click Build and provide the parameters to be used in your command.


3 Ways Your Business Can Benefit From a CRM System

It’s no secret that many major corporations spend thousands of dollars on customer relationship management (CRM) systems to organize their customer data. While we can’t all have the pocket book of a fortune 500 company, there are small to medium sized businesses who can benefit from the same enterprise software. shares some ways that your business can benefit from a CRM system without having to spend a fortune.

Customer database
“A CRM system will establish a database for your business that organizes where customers are located, what products or services they ordered and what they might order in the future. It  can also be used to show what products or services current and prospective customers are most interested in.”

Sales campaigns
A CRM can be used to track if and when sales emails have been opened and if they have generated interest, as well as schedule your emails so that they will arrive at the optimum time. CRM systems can also filter through contacts to better generate leads, thus allowing sales personnel to make better use of their time.

Find, keep and win back customers
“A CRM can help identify loyal customers, as well as what has made them loyal, and what rewards or efforts can keep their loyalty. It can also detect patterns that could be repeated or applied to dealings with prospective or former customers to gain or win back clients.”

For Full Article, Click Here

Resolving the “Operator Not Authorized to Change Unit Cost” error

This is one of those Lawson errors that could waste a morning of work looking through the Infor knowledge base, analyzing/changing security, and or reviewing logs.


So, you’re on PO20.1 and want to make a change to a PO entry and get this error:

To resolve this is actually incredibly simple and can be changed on PO04.1 at the bottom of the Buyer Information Tab (your settings may be different based on your needs):

If you happen to get a similar issue for a requisition cost change “Requester not authorized to change unit cost”, simply go to RQ04 and allow unit cost override for the specific requester (your settings may be different based on your needs):

TPG Hotels & Resorts Selects Infor Hospitality to Standardize Processes

To start off the new year, Infor recently announced that TPG Hotels & Resorts has selected the tech giant to standardize property management systems and provide a single source of data across its independent hotel portfolio. With Infor, the organization will have consistency across its property technology platform. This will make managing daily processes easier. TPG Hotels & Resorts will be able to better manage operations throughout reservations, the front desk, housekeeping, concierge, and accounting in a single application. Infor Hospitality Management Solutions (HMS) will provide TPG Hotels & Resorts with a more complete solution for managing multiple hotel functions at seven independent properties. Per the press release, “We partnered with Infor based on their track record in the hospitality industry and understanding of our goals to unify operations to make day-to-day business more efficient. Infor will be a key strategic partner for our organization and help us modernize our technology stack across our independent hotels, allowing us to put even more focus on the guest experience with the ease of information exchange,” said Sameer Mehra, executive vice president of revenue strategies, TPG Hotels & Resorts. “Infor has a good library of system interfaces, which gives an edge over other PMS providers when it comes to introducing other technology platforms.”


For Full Article, Click Here

How to find a Lawson user ID from an HR11 Employee ID

Some Lawson Security systems are setup with a form of the user ID being a combination of the last name with middle initials / first name initials.

Something like DoeJ for John Doe. Often users get their names updated due to a marriage or divorce and their user ID never gets updated along with their last name.

  1. To find the user by employee number, we need to first go to HR11 and find the user by their new last name to uncover their Employee ID.
  2. For this example, let’s say we search John Doe and it returns an employee ID of 264
  3. Now open Lawson Security Administrator and go to User Management >> Manage Identities
  4. Once in Manage Identities under “Services”, select the employee identity service, ours is named TEST10_EMPLOYEE:
  5. Select employee = <employee ID> and click Add Criteria
  6. Once the criteria is added, Execute Query
  7. You’ll be put to the results tab and if that user exists in Lawson security, it will show as so:

That’s all there is to it!