Posts

MSCM Handheld CAB Files

In a previous article, we taught you how to bypass an error message “Internet Explorer cannot download file” on a Mobile Supply Chain Management, or MSCM, handheld. Today, we’re going to show you the simple way to to file share on MSCM handheld.

Occasionally you may need to copy the handheld CAB files to a file share so they can be loaded on the handhelds.

The local file path for MSCM up to version 11 is:

WAS_HOME\profiles\server\installedApps\cell\mscm.ear\hh.war

The local file path for MSCM starting with version 11.2 is:

WAS_HOME\profiles\server\installedApps\cell\mscm.ear\mscmwar.war\hh\installer

Tips for Preparing for Infor Patch Bundles

It’s that time again!  Infor Cloud is releasing a patch bundle for 2022, which is a pre-requisite for their year-end patching.  There are typically dozens (or hundreds) of patches applied during these bundles, to all the Infor applications hosted in the cloud.  This can be an overwhelming prospect for users and IT staff who are tasked with testing and validation during these patches.

If you haven’t already taken the latest bundle, here are some quick tips for preparing your organization for a patch bundle:

Preparation

  • Release notes: Infor always provides release notes on the patch bundle that they are implementing.  These release notes will be attached to the KB article that is associated with your bundle (which should be referenced in your email communication for the bundle).  If you are having trouble finding the KB article, your Infor account representative should be able to point you to it.
  • Security: Occasionally the bundles will impact Lawson Security, and even more frequently they will implement new forms/fields/tables/columns that need to be secured.  Run some security reports before the bundle so that they can be compared to the same reports after.  Also, search your html release notes for any tokens that will be added, and determine if your organization needs to secure them.
  • Reports: Run reports or queries for data validation, but also search the release notes for database changes, and make sure that you are ready to update any reports that are impacted by those changes.

MSCM

  • Certificate: If you own MSCM, it is almost always going to be updated as part of the patch bundle. There is often an issue with the certificate after this update.  Either the certificate is no longer valid, or it wasn’t generated during the patch.  After the update, make sure you go directly to the CAB file location and that you see a valid certificate there (it’ll be named like your server).  If you don’t see the file, or if you get security errors when trying to connect, open a ticket with Infor letting them know you think your cert is not valid.
  • CAB files: It is best practices to delete all your CAB files from the handhelds and reinstall them after these major updates.

IPA

  • Interface validation: There is a high probability that one or more of your IPA processes will be impacted by the patch bundle. It is important to test every single interface end-to-end.
  • IP Designer: The IP Designer version MUST match the Landmark/IPA version exactly.  So, after a patch bundle, you WILL have to download a fresh version of IPD.

Testing

  • What to test: You are most likely going to need to test everything.  Daily, weekly, monthly, and annual processes should be included in your testing.
  • How to test: Provide users with test scripts for each function, and have a central location for users to log the results. We like to use Monday.com as our central repository for testing.

Validation

  • You can use LID to validate data counts. You should also compare pre-update reports to post-update reports in all applications, including security.

 

Nogalis has assisted many cloud clients through the implementations of these patch bundles, and we would love to assist you as well!  We have some great resources on hand who can provide managed services of your system, training, and project work.  Check out our managed services program, or email our managed services and cloud expert Desi at desi@nogalis.com for inquiries about project work.

 

Disabling Custom Configurations in Infor Web Applications

When troubleshooting issues, you can look at the base UI of Infor applications temporarily without configurations by simply modifying the URL.

It is important to note that the URL addition must go on the Landmark URL (not Ming.le).

To open up the landmark URL, first right-click on any of the menu items on the side panel and select “Open link in new tab”.

 

Next, you will need to add the text &csk.disableuiconfigs=true to the URL.  Keep in mind that this will only work for the HTML4 web  UI.

That’s all there is to it. You’ve successfully disabled custom configurations in Infor web applications.

Renew WebSphere Certificates Manually

If your WebSphere certs fail to auto-renew, you might be presented with the Lawson error below, and the following log details in SystemOut.log.

First, navigate to the Personal certificates for the CellDefaultKeyStore and NodeDefaultKeyStore.  Select the certificate that is expired, then click the renew button.  Save the changes to the server configuration.

Next, update the Web Server certificates.  In console manager, go to Server Types > Web servers.

Click “Plug-in properties” on the right under Additional Properties.  Select “Copy to Web server key store directory”

Generate and propagate the plugins for the web server.

Run an iisreset command, or restart the WWW publishing service.

Bounce the application server and you should be good to go.

 

 

 

 

 

Updating LBI Certificates

LBI does not use a web server, so replacing those certificates differs slightly from Lawson & Landmark.  Replacing the LBI certificates is done exclusively in WebSphere console manager.

First make sure that you have a pfx file stored locally on the server, and that you have the private key for that file.  Open the console manager and navigate to Security > SSL certificate and key management > Key stores and certificates.

 

Select the CellDefaultKeyStore

 

Select Personal Certificates

 

Import the new certificate first.

 

Set the path to where you have saved the file locally, and enter the password.  Click “Get Key File Aliases” to get the certificate information.  Enter a meaningful alias for the certificate.

Select the old certificate and click “Replace…”.

 

Select the new certificate as the replacement.  Check the boxes to Delete the old certificate and signers.

Validate that the Trust Store certs were updated by going into CellDefaultTrustStore > Signer certificates.  You can add the intermediate and root certificates (base64 cer files) if they aren’t there.

 

Bounce the application server, and your certificates will be updated!

How to update certificates in Lawson & Landmark

IIS

The process to update web certificates in Lawson & Landmark is virtually the same.  First, change the selected certificate in the “Bindings” on the website.  Restart the World Wide Web Publishing service for the change to take effect.

WebSphere

Some sites use the default WebSphere generated certificate, which auto-renews.  In the event that your organization has configured WebSphere to use an organizational server or wildcard certificate, you will also need to replace that certificate in WebSphere.  First make sure that you have a pfx file stored locally on the server, and that you have the private key for that file.

Open the console manager and navigate to Security > SSL certificate and key management

Select the CellDefaultKeyStore

Select Personal Certificates

Import the new certificate first.

Set the path to where you have saved the file locally, and enter the password.  Click “Get Key File Aliases” to get the certificate information.  Enter a meaningful alias for the certificate.

 

Select the old certificate and click “Replace…”.

Select the new certificate as the replacement.  Check the boxes to Delete the old certificate and signers.

Follow these same steps for the NodeDefaultKeyStore

Save the changes to the master configuration.

Validate that the Trust Store certs were updated by going into NodeDefaultTrustStore and CellDefaultTrustStore > Signer certificates

Web Server

Copy the new certificate to the Web server.  In console manager, go to Server Types > Web servers.

Click “Plug-in properties” on the right under Additional Properties.  Select “Copy to Web server key store directory”

Generate and propagate the plugins for the web server.

Run an iisreset command, or restart the WWW publishing service.

Your certificates are updated!  You can validate this by going to the web site and looking at the certificate (click the little lock).  You can compare the thumbprint of the website certificate to the new certificate you just added.

Troubleshooting IPA Schedules

Sometimes you may find that your scheduled flows have not run, seemingly with no explanation.  When this happens, there is a good possibility that there was an error in the scheduler that needs to be resolved.  To check the scheduler, log into Rich Client or your IPA Web Administrator.

To view/edit your own schedules, to Start > My Actions.

To view/edit ALL schedules, log into Rich Client and navigate to Start > Applications > Async Framework Components > Requests.  From there, you will be presented with a list of all Async Action Requests.  The IPA process schedules are under module “pfi”.

Find the schedule of the flow that didn’t run, and verify if there is an error.  Double-click on the failed instance at the bottom of the screen to get more detail on the error.

 

Once you have resolved the issue that caused the error, right-click on the instance and select “Requeue”.  Note that this will cause your schedule to run immediately.

 

After the schedule has run successfully, there will not be any more items in the “Action Instances” tab.

 

If your schedule is still failing, open a chat session with Nogalis and we would be happy to help you with a bit of troubleshooting!  And if IPA is a pain point for you, we have some great resources on hand who can provide managed services of your system, training, and project work.  Check out our managed services program today!

 

 

 

 

 

How to fully uninstall CRAS

Sometimes uninstalling Crystal Reports Application Server from the Programs utility leaves behind extra “stuff” that needs to be removed.  Else, you won’t be able to upgrade or reinstall CRAS.

To clean up CRAS after an uninstall, first make sure install files are deleted (usually under the Business Objects or SAP BusinessObjects folder).

Next, delete the following registry keys:

 

HKEY_LOCAL_MACHINE\SOFTWARE\SAP BusinessObjects

HKEY_CURRENT_USER\Software\SAP BusinessObjects

HKEY_USERS\S-#-#-##-…-####\Software\SAP BusinessObjects

The number signs (#) represent a series of numbers that are different on each computer.

 

Restart the computer

 

You should now be good to install a new version of CRAS.

 

How to redeploy Landmark Applications

There may be some times where you need to redeploy Landmark and the applications.  This should be done with every CU maintenance, but also can be done in between if there seem to be issues with one or more applications. This process will not reinstall your Landmark and Applications, it will just stage and redeploy what is already there.

The two commands are:
stagelandmark –rebuild –all
activatelandmark –all

After staging and deploying, you will need to generate and propagate the web server plugins in IBM.  Then, you will restart the web server in ISS (do an IIS reset or restart the WWW Windows service).  Finally, you will reboot the WebSphere application server.

 

 

 

 

 

 

Updating the ADFS Token-Signing Certificates

When the ADFS Token-Signing certificate is updated on the ADFS server, it will have to be imported to Lawson and Infor OS.  The networking team should let the Lawson team know when the certificate is being updated in ADFS.

The networking team will need to export the certificate and provide you with the “.cer” file before these tasks can be completed.

Update the Certificate in Lawson

  1. Log onto the Lawson Server
  2. Start a ssoconfig -c session
  3. Go to “Manage WS Federation Settings” > “Manage Certificates”
  4. Select “Delete IdP certificate”
    1. Enter the IdP service name for your ADFS configuration
  5. Select “Import IdP Certificate”
    1. Enter the IdP service name for your ADFS configuration
    2. Provide the full path where you have the token-signing certificate saved

Reboot the server

 

Update the Certificate in Landmark

  1. Open a LMK command line window
  2. Type in secadm -m
  3. Type the password
  4. Manage WS Federation Settings > Manage WS Federation Certificate
  5. Select “Delete IdP Certificate”
    1. Enter the IdP service name for your ADFS configuration
    2. Property name is IdPSigningCertificate
  6. Exit
  7. Select “Import IdP Certificate”
    1. Enter the IdP service name for your ADFS configuration
    2. Provide the full certificate path
    3. Property name is IdPSigningCertificate

 

Update the Certificate in Infor OS

Log into the Infor OS server as the LAWSON user

Double-click on the desktop icon for InforOSManager

 

Go to Identity providers on the left side

Double-click on the identity provider

 

Select “From URL” to import the new certificate and metadata

Provide the URL: https://<adfsserver>/federationmetadata/2007-06/federationmetadata.xml

Click “Load”

Make sure the certificates load (there may only be one, but there should be at least one)

 Reboot the server