infor.com
concierge
infor u
developer portal
Home
Groups
Lawson - Technology Customer Community [READ ONLY]
PRINT MANAGER access - allow other users to access certain users print managers
unknown
In LSA security has anyone been able to set up security to allow certain users to access other certain users print managers, as well as , their print manager jobs? If so would you mind sharing how you did it?
Find more posts tagged with
Infor Lawson Technology Group - Discussion
Comments
unknown
User groups (in LID, usergrpdef).
Then assign the appropriate group to the RMID (Lawson Environment Information, User Group).
unknown
Hi Barb, I have tried that, but it seems that unless your RMID and your OS ID (Managed Identity) match this does not work. Do yours match?
unknown
We only allow portal access to back-office users. Their RMID usually matches their AIX ID, however not always. The RMID must match the Active Directory account since we are bound to the LDAP. The AIX id has a 10-character limitation due to the restriction on the RMID entry, so for some users the RMID and OS ID do not match. We have not had trouble with those. We assign the user group ALL to everyone - I don't know if that makes a difference (and that might not meet your requirements). Our self-service-only users who use the "managed identity" are not allowed portal back-office or job submission access and would not be on the Print Manager form.
unknown
We are also bound to AD but our RMIDs do not match the AD user account, the SSOP identity does have to match the AD user ID.
We allow some users to look at other print queues based on rules written on BATCHxx security classes in the GEN profile. For example, the rule below on the Username element and the JOB, JOBSTEP and QUEUEDEDJOB files allows users to view and maintain their own batch jobs as well as batch jobs for user HRBATCH:
if(UserName==user.getHostServiceId()||UserName=='hrbatch' )
'I,A,M,'
else
'NO_ACCESS,'
I haven't looked at this in some time so it might not be quite as simple as that.
unknown
hrbatch is that a user that you set up or a usergroup?
unknown
hrbatch would probably be a Security Class (as a Child of Batch) in ENV
jacob-jellison
I created custom groups and assign those groups to users. Then wrote rules on the 'UserName' element in the GEN profile. See attached screenshot showing example:
If User belongs to 'JQ-PRSystemAnalyst' group and UserName is Member of 'JQ-PRManager' group then allow User "All Access" to UserName GEN data.
unknown
HRBATCH is a user that is used to run batch reports that are shared by all HR users. This rule on the user name in the BatchSupervisor security class in the GEN profile allows a user to view reports in other users print managers, assuming that the user has access to the batch program:
if(UserName==user.getHostServiceId())
'I,A,M,'
else
'I,'
unknown
awolff01 could you please email me that screen shot, can't read it and cannot enlarge and make it readable. Cheryl.nowacki@mwhc.com
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Help
Popular Tags
Infor Lawson Human Resources Group - Discussion
Infor Lawson Technology Group - Discussion
General Discussions
VISUAL - Enterprise General Discussions
Infor Lawson Supply Chain Management - Discussion
Process Automation (IPA) - General Discussions
Pegasus - Partner General Discussions
Infor Lawson Supply Chain Group - Discussion
Infor Lawson Financials Group - Discussion
Infor EPM Discussions
