Lawson user - changing this password

Hoping someone on here can shed some light as I'm struggling with support as they indicate to use their Consulting Services.

I am being tasked to change the local and domain Lawson user password.

I found a KB article relating to the LSF side and where all to check/change but can't find anything on the Landmark/LTM side.

We have LTM and LSF and are federated with LSF being our primary. LSF side we have GL, AM, Payroll and Benefits.

I know in LTM the Process Server set up uses the Lawson user to connect to LSF but other than that, I have no idea if there are config files, services, etc that have the password included somewhere.

If anyone has already done this, I would greatly appreciate any insight.

And for those of you that haven't, I am curious how your Security Audits with outside firms pass as this is what is getting me in trouble. AMS as well as some of our staff here have to have this password in order to do application patches and shutdowns/restarts following OS level server patching. So I need to show a process in which the password is changed after being used..

Find more posts tagged with

Infor Lawson Technology Group - Discussion

Comments

bhillz

We are in the same boat as you are, although several steps ahead. After about a year of questioning and probing, we have received a document from Infor that should work. We will be executing it shortly in a controlled environment. If you can wait for several weeks, I can let you know how it goes.

One of our goals is to have the procedure documented as a knowledgebase article so that it's officially known and supported. Security should be built in -- not an afterthought.

unknown

We've not had to change ours yet, but I am expecting it. We don't currently use and Landmark products, but have it installed, so I'd be curious if your process will cover those pieces, as well.

clara-tan

HI

I recently did this in Landmark - it wasn't obvious. we were an LSF only but now with Landmark too. we run on AIX, but likely no matter, in the server home directory of landmark , there's two HTML files 1) gen_ValidationURLs.htm and 2)ProductLIne_ValidationURL.htm if you put into a web browser http(s)://ServerName(.domain)/gen_ValidationURLs.htm and then log in with the default login password you have. you'll see several links. One of those is Web login that'll bring up 2 links (at least for me) the Login and User for the identity that owns Landmark - with a check box and "change password" button . i changed the SSOPv2 and that made the change for logging into Landmark (things like Rich Client login) There's also a Security Answers button on that page but I haven't tried that one.

Give that a try and let me know if it doesn't make sense. Best regards, Joe jboncha@sc.younglife.org

edwin-valle

Would love to get that Infor Document that your will be using for testing. Can you share? deb.roberts@cityofls.net

d-hofmann

Remember to look for any services or tasks on all your servers that may have the Lawson password saved.

I would also like to have that document if you can share.

unknown

For Landmark I would look at IPA. System Configurations might be using the lawson user. I would also check to see if any flows use the lawson user for logging in.

unknown

On the LSF side for ssoconfig or lsconfig you are using the local lawson user so you may want to change the password for that also.

unknown

Hello CGaware,

Just curious if you made any head way with this. We just put it on hold basically as we didn't have $ budgeted for consulting services to assist in pointing out where all to check on Landmark side to see what needs changed.

unknown

There is the article KB 1471475 for the LSF side, but I have yet to see one for the Landmark side.

0911060553270289.pdf

unknown

JimY, you are correct.. One doesn't exist for the Landmark side. We were told we would need to pay for consulting services because everyone is set up different. So.. here we are...

serafino

I just did this. Because I don't know where the magic lives in Landmark, I did it the old-fashioned way by using the Process Server Administrator web tool. First, I created a special user for Landmark services. I set that user up with access to everything it needs to run both LSF and Landmark administration. Then, I set that user up in the Landmark System Configuration to be the authentication for connecting to LSF. Next, I set that user up on the LSF side using "pfserv config lps" so that it can connect to Landmark and generate workunits. Finally, I chaned the "lawson" user password. Now we have a "service account" for Landmark for which nobody needs to know the password , and we can change the Lawson user password at any time without breaking anything.

I do not know how you can show a process in which the password is changed after being used. There are audits you can enable, but these track *everything* and grow horrifically large in no time. We were able to pass this test with a policy document.

Hope this helps.

Copyright © 2025 Infor. All rights reserved.