Posts

Configuring Lawson for LDAP Signing

As you might have heard, Microsoft is hardening their security with LDAP channeling and LDAP signing in an update coming sometime in the 2nd half of 2020. Any applications that rely on LDAP connections to Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS) need to be converted to LDAPS. LDAPS is a secure connection protocol used between applications like Lawson and the Network Directory or Domain Controller. In this webinar, we will provide you step-by-step instructions for preparing your Lawson and Landmark environments to work with LDAP Signing.

 

 

View the supplementary article Configuring Lawson and Landmark for LDAP Signing for a step by step guide.

Preparing for Lawson Year-End Regulatory Patching

It’s that time of year again! Infor has released the regulatory patching for Lawson. Patching affects 1099 reporting, benefits/ACA, and payroll. We have compiled some tips to help make your year-end patching experience as smooth as possible.

 

 

How to cut consulting costs by up to 30%

Those of you who know me also know that I’ve been a business application consultant for the past 16+ years. In that time, I’ve helped over 400 companies manage their business applications and have logged over 50,000 hours of billable time to clients. As much as I try to be a good steward of my client’s project budget, I can’t help them when they don’t want to be helped. Over the years I have seen so much time go wasted and many projects go over budget, all of which could have been prevented by taking a few measures early on. I thought I would put together some points to help the people in charge avoid some of the pitfalls and take advantage of my years of experience seeing first-hand how projects can be wasteful.

I’m going to list these points in no particular order below:

  1. Travel vs. Remote: Do you really need your consultants to be on site? Do you conceive that somehow there’s a difference between him being in the same building or several hundred miles away? Travel is not only expensive from a hard cost perspective but also from a time perspective. The hard cost of travel for most of the guys I have managed over the years is around $2000/week. That’s Over $100k per year per consultant. You can hire a fulltime employee for that much. Not only that, travel time eats into project time and cuts down on productivity tremendously. The average traveling consultant is on the road 12-16 hours per week (between booking, driving, airport time, air travel time, hotel…). That’s 12-16 hours they could be spending on the project to get it done faster. That’s over 800 hours per year just wasted. Not to mention they’re now less happy to work for you because they’re away from their family, their warm bed, their home, and have to spend several hours a week dealing with travel related stress. The true cost of a traveling consultant is several times the actual travel cost. So if you can help it, arrange for your consultants to work remotely.
  2. VPN: Working via a remote connection has gotten so much easier over the past decade. Nowadays I can work on any customer’s private network with a quick click. But there are several dozen flavors of VPN software and they all vary from place to place. Some make life easier and some make life miserable for your consultants resulting in several of hours of wasted time each week. Here are some of the common ones I have to use each week and how I feel about them:
    1. VMware Horizon View Client – I absolutely love this method. I basically get a VM on the client’s network that I can access with a click of an icon. From there I can jump to whatever machine I want and get my work done. What I love about it is it doesn’t mess with my local internet connection at all and I can be logged into several different clients at once with this client.
    2. Citrix Receiver – This is one of my least favorite things to use. Not only is it typically painfully slow, it’s also very confusing and it requires several bits and pieces to be installed. And I’m sure you can set good user/password policies but most of the time it seems I have to reset my credentials way too often, resulting in support calls and several hours can be burned this way. I’m being generous with 2 stars. 
    3. Cisco AnyConnect – I don’t really like client VPNs in general but the Cisco AnyConnect VPN works really well. If set up correctly on the server side, it can be really solid and never drops off. Only problem with client VPN software like this is you can only log onto one client at a time which is pretty badly limiting when you have multiple accounts to maintain. 
    4. GlobalProtect (by Palo Alto Networks) – This one seems to be okay but somewhat finicky. For some reason I can’t connect to it using my Wi-Fi and I have to be hardwired to get it to work. Although I’m confident this is just an issue on my side, I haven’t had that problem with others software so … And again, having to install a local client prevents me from logging into other client’s which is a negative.
    5. SecureLink – This thing has wasted so much of my time over the years. I hate it for so many reasons. For one it’s Java based and super confusing and picky. I can only get it to work from Internet Explorer and even then I can’t seem to control the resolution of the RDP session or the login credentials leading to several issues. I give this one 2 of 5 stars. 
    6. F5 Networks SSL VPN – This is a pretty good way to go and it seems to work well until it doesn’t. But overall no issues. Really nice because there’s nothing to install client side and it’s SSL only which leaves me intact to work on other stuff. 
    7. Juniper Networks SSL VPN – Another relatively nice VPN application that allows me to log in and get work done relatively quickly but the fact that it requires a local install and several versions makes it difficult to work with and get right. But overall it works well so I’m giving it 3 stars.
  3. Security – This is a touchy subject. Most companies these days would rather err on the side of caution and throw money into a proverbial furnace rather than open up security any wider than the minimum allowable to let you get your work done. That’s all fine and good until it starts to be wasteful. Case in point, the ability to do ftp. One of the first things we typically have to do as a part of an install of Lawson is download a few GB of software. Well, most of the sites we download from use FTP as their transfer protocol. If the customer has the ftp port completely shut off then we have to download several GB into a local machine first, and then upload it to the server over a super slow VPN connection. What should take an hour can now take days to complete. This is just one example of security measures that don’t make much sense. FTP on its face is no more unsecure than HTTP but security consultants are quick to recommend the port be blocked. Mind you, we’re not talking about transferring sensitive information, this is just software downloads. In my experience, unnecessary security measures can hinder progress and efficiency by as much as 30-40% depending on the project and the restrictions.
  4. Project management and issue tracking software – I have spent a lot of time with every software and every methodology on the market. In the past 16+ years the best methodology for actually getting work done has turned out to be Agile Scrum. There are several dozen applications that can help with managing a project and they all work well if you use them well. But please use them well and hold everyone accountable. Invest in something like Pivotal Tracker, Asana, Trello or Jira and just stick to it and make sure everyone is using it correctly. There is no need to ask me for a status report when these tools are being used, That’s a huge waste of time that no one ever reads. Keeping track of issues, features, and bugs any other way in today’s world should be punishable by termination. We use a combination of JIRA and Trello at Nogalis depending on whether the project requires client interaction or not. We love both tools equally. 
  5. A solid single point of contact – More than everything else I’ve mentioned above, this one has probably saved the most amount of time. When clients appoint someone to work as my single point of contact, things just move a lot faster. This is important when dealing with access issues, change control decisions, user testing, documentation, getting consensus from upper management. When there’s a single point of contact we can interface with who knows the organization well, we don’t have to email a group of people or get on the phone for hours trying to figure out how to get a 5-minute task done. So assign a competent single point of contact to work with your consultants and make sure he/she has a bit of autonomy to make easy decisions. The companion point here is about putting too many people in charge. If I have to answer to more than one person, then I have to explain everything to two people, and ask permission from two people, and get feedback from two people. That’s double the time for half the productivity.
  6. Access – A lot of my time is wasted because I don’t have access. I would easily sign whatever document you want me to sign and give you whatever guarantees you need that I won’t do what I’m not supposed to. The way I see it, if you don’t trust me, you shouldn’t have hired me. When I don’t have proper access, I have to come up with alternative ways to get things done. That means making calls, getting others involved, sending emails, and talking to your support line or just compromising and doing things the unintended way. Just give me the access I asked for to get the job done and then remove it when I’m done with the job. You’ll save yourself a ton of money that way.
  7. Tools of the trade – If you’re dealing with consultants, chances are you’re paying $100-$300/hour for the work being done. It may be a good idea to find out what tools they prefer to work with and purchase the tools ahead of time for them. I use a text editor called EditPlus. It’s like $30. But it can save me easily two hours of work each day vs an editor I don’t have experience with. You do the math. (Also, give me enough admin privileges to install it)
  8. A clear SOW – Before starting any substantial project, your first goal should be to determine exactly what everyone is working on. Taking the time to define roles and responsibilities well ahead of time can save you tremendous amount of wasted time. I recall my first project as an independent consultant. I showed up at the client site in New Hampshire eager to work, but no one knew what I was supposed to work on for the first two weeks. So I just sat around and bugged people for a response. This was before Facebook ;). Some of the PM tools I mentioned above can ensure you never waste your resources this way and be prepared for them when then start.

There are probably dozens of other tips I could give you to help save thousands of dollars a year on your consulting costs but the above should be a good start. If you have other suggestions please feel free to leave them in the comment section below.

UpgradeX and Infor Lawson in the Cloud

The case for moving your ERP application to the cloud is becoming more compelling each day. Whether you are a CIO or in a planning role within your organization, you will find this session very informative. This session will have an extended Q&A to answer all your questions about moving to the Infor Cloud.