How to get a Lawson Profile ID in LID without access to Lawson Security Administrator

For whatever reason that you need a Lawson profile ID, below is a quick way to access it in LID.

  1. Login into LID and go to a temp directory you’re okay with dumping a file to.
  2. Run this command lsdump -f roledump.txt ROLE SuperAdminRole
  3. Go to the directory you dumped the file in and open roledump.txt in a text editor
  4. Search for ProfileID until you find the one you’re looking for

Chances are, SuperAdminRole is created with an admin class assigned to it. You can also view this file using LASHOW command without having to dump the file.

Good luck!

Document Express error 52 – Bad file name or number

You may be running Document Express with Lawson and Citrix Storefront and encountering this error. Before you jump to conclusions that this issue is related to Lawson or Citrix security, check these steps below.


The user is likely experiencing this error when trying to import invoices into Document express.

  1. Make sure that all application related access is set in MHC.
  2. Verify the user has Active Directory access to the import routine folder on the server where the invoices are loaded in from Lawson.
  3. Lastly, verify the user has access to the import routine directly from Windows folder explorer. This path can be found in the import routine itself in document express.
  4. Copy the import routine path, paste it into Windows folder explorer to verify access.

Conclusion: When the user imports the invoice in doc express, it downloads the file locally and opens it. Verify both channels are open for the user.

How to verify Lawson user AD identity through Windows powershell

A user in Lawson is unable to login to their account. Username or password is incorrect. Assuming your organization is using single sign-on through Active Directory, you can verify the user’s username via Windows powershell.

  1. Login into Lawson Security Administrator (or SCWeb Admin App). Locate the user and copy the username.
  2. Open powershell and check the user via this command: Get-ADuser -identity <username>
  3. If you receive this error: “Cannot find an object with identity”, the user is not setup in AD under that username.
  4. Check with the organizations IT team to verify the correct AD user (assuming you don’t have direct access).
  5. Once they send you that ID, check via powershell again and it should return this result:

How to fix bookmark add error in Lawson portal

If you’re trying to add new bookmarks in Lawson portal and receiving an add error, there might be an issue with your bookmark xml files.

To resolve this, follow the steps below:

  • Login into Lawson portal as an admin and run Rebuild Custom Form Index
  • Verify lo12.1.addchild.xml, lo12.1.addtop.xml, lo12.1.edit.xml are in the LAWDIR/persistdata/lawson/portal/content/forms directory
  • In portal go to Set Custom Forms Data Area
  • Click Find ‘lo’ to show data forms (switch “current data area” if they don’t show).
  • In the new data area select LOGAN and click Update. Run IOSCacheRefresh.


How to delete a recurring Journal Entry in Lawson

Though this is a fairly simple task, it typically requires higher access (sometimes temporary access as some organizations only want users deleting journal entries once or twice a month).

  1. Login to Lawson portal and go to GL70.1
  2. Enter the company and journal entry number, hit Inquire.
  3. Click the “New Entry” button
  4. This will take you to GL70.2 and contain the same company/entry number (if not, enter again and hit inquire).
  5. After inquiring again, hit Delete and confirm the journal entry has been deleted.


And you’re done!

APMONITOR not found or accessible

You may need to access APMONITOR for a failed job etc. Its usually as simple as searching APMONITOR in Lawson Portal. Often times its not setup in Lawson security and needs to be added.

  1. In Lawson security, go to the class you want to add APMONITOR to.
  2. Add a new rule and go under Online system code AP and search for token QAPM, grant all access.
  3. Clear server cache and log back into Lawson, search APMONITOR and your user should now be able to access it.

NOTE: As of March 2016, patch (CTP104021, JT-751224) has changed the token for APMONITOR to AP94.

Lawson APINVOICE database table contains usernames instead of NTIDs

You’re being audited or want to review previous invoices and you notice that usernames were being stored in the APINVOICE database table. Usernames of employees that no longer work for your organization or may have had a name change, thus not matching up their NTIDs found in your listusermap. This makes it near impossible to hold previous and existing employees accountable for older invoices.

To resolve this issue, follow these steps:

  1. Download and apply patch CTP-121954 from Infor Concierge cloud portal.
  2. A new token AP900 is added to Lawson Security. Add this token access to an existing class/role.
  3. Login to Lawson Portal, go to AP900, add a new job for each company your organization has.
  4. Backup the APINVOICE table.
  5. Submit the AP900 Job, this job can take anywhere from minutes to hours to complete.
  6. Verify all usernames have been converted to NTIDs.


Cannot Delete, Requisition is Awaiting Approval

Often users submit a requisition in Lawson and later find an error in the order and need to re-submit. When trying to delete via RQ10, they get the error “Cannot delete, requisition is awaiting approval.” Luckily this is an easy fix.

  1. Go to RQ13 and inquire on the company and requisition number. Then click Unrelease and confirmed it released.
  2. Go back to RQ10.1 and inquire on the same requisition. You’ll now see that its status is “Unreleased”. Now press Delete.

Done! Now go ahead and resubmit a new requisition with corrections.

Security Violation for Activity Group

You may have tried to add a report or update a job recently in Lawson and received a “Security Violation for Activity Group <XXXXX>”


Your first solution may be to give the user full rights to the Activity Group form (AC00) and table, but you’ll find that this solution will heed the same results.


  1. Check the security class causing the error. It’s likely it was written as an ELM rule (element) based on the Company Element.
  2. If this is true, it’s checking the CompanyControl attribute on the user’s RM Admin setup.
  3. The AC system uses the Security Code as defined on the AC00 (Activity Group) setup and interprets that value as the Company for AC security. By default, the AC00 Security Code is 9999.
  4. Add Company 9999 on in the users attributes as a valid company in the CompanyControl settings.


Recap: Because the ELM rule checked the CompanyControl attribute values, this Security Code (Company) value of 9999 needs to be added to the CompanyControl values for the user.

Infor Cloudsuite How to Change Password

Follow these 6 simple steps to change your password on Infor Cloudsuite.

  1. Login to your Cloudsuite url:
  2. Go to Service Requests:
  3. On the top-right select Create a Service Request:
  4. Request type is SQL Manage User and click Next:
  5. Fill in Action: Change Password | User: userID | Password: New_Password
  6. Request takes up to a minute to process.