troubleshooting lawson security
TRANSCRIPT
![Page 1: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/1.jpg)
Troubleshooting Lawson Security
The hacks you need to know
![Page 2: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/2.jpg)
Are you on Lawson Security? (Feb 2014)
48%
42%
10%
PollLawson Sec LAUA No
![Page 3: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/3.jpg)
Are you on Lawson Security? (Aug 2015)
80%
20%
PollLawson Sec LAUA
![Page 4: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/4.jpg)
Today’s Audience
53%40%
7%
PollIntermediate Beginner Expert
![Page 5: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/5.jpg)
LSF_IQ Clients
17%
83%
Yes No
![Page 6: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/6.jpg)
• ios.log • lase_server_0_0.log • security.log • secadmin.log
Method 1 – Log Files
All these files reside in $LAWDIR/system
![Page 7: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/7.jpg)
ios.log
![Page 8: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/8.jpg)
ios.log
![Page 9: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/9.jpg)
![Page 10: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/10.jpg)
Method 2 - Fiddler
• Available from www.telerik.com/fiddler
• Web Debugging• Performance testing• Traffic Recording• Session Manipulation• Security Testing
![Page 11: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/11.jpg)
Fiddler
![Page 12: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/12.jpg)
Tips for using Fiddler
• Use the Process Picker to select the browser in question
• Right Click row and “Mark Red” to highlight a task
• QuickExec BPU
![Page 13: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/13.jpg)
Method 3 - JXplorer
• Available from www.jxplorer.org
• LDAP Browser and Editor• Free and Open Source• Enterprise Version ($10)• Query and Edit LDAP
![Page 14: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/14.jpg)
JXplorer
![Page 15: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/15.jpg)
Tips for using JXplorer• Use the $LAWDIR/system/install.cfg file to
get your login paramters correct
![Page 16: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/16.jpg)
Tips for using JXplorer• You can expand all the trees and see the
attributes of every object down to the roles assigned to a user and their check_ls flag
• You can export all this data into text files• It is NOT recommended to modify LDAP
data using any external tools. These tools are intended for query purposes only. Very rarely is it necessary to modify anything using Jxplorer.
![Page 17: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/17.jpg)
Jxplorer Connection
• LLDAPPORT – The port number• RMPARENTDN – The base root
directory• DAPHOST – The host name• LDAPBINDDN – The User Name• LDAPPASSWORD – The
password
![Page 18: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/18.jpg)
Method 4 - lsdump• A Lawson delivered uitility for exporting
security information into an XML file.• It can be loaded back into another
environment.• The xml file can be viewed and edited
using a text editor.• Can be used with lsload to migrate
security setup to another environment (does not include user information)
![Page 19: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/19.jpg)
lsdump usage• lsdump –f <filename> PROFILE
[pofileid]
Example:
lsdump –f prd.xml PROFILE PRD
![Page 20: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/20.jpg)
lsload usage• lsload PROFILE <filename>
Example:
lsload PROFILE prd.xml
![Page 21: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/21.jpg)
Method 5 – ldifde and csvde
• A Lawson Microsoft utility for exporting LDAP information into a text file.
• The text file can be viewed and edited using a text editor.
• This file is useful for searching quickly and spotting issues.
![Page 22: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/22.jpg)
ldifde usage
Usage: ldifde -f <dumpfile> -s <ldap_server>:<port> -j <Logfile Directory> -d "BaseDN" -v -l <Comma Delimited List> -a <UserDistinguishedName> <password>
Example:ldifde -f f:\lsftest\rm_20150518.txt -s ldap.nogalis.com:389 -j f:\lsftest -d "OU=resources,O=lwsnrmdata,o=lwsntest,dc=nogalis,dc=com" -v -l name,cn,zzlwsnattrFirstName,zzlwsnattrCheckLS,zzlwsnattrGroup,zzlwsnattrAddins,zzlwsnattrProductLine,zzlwsnattrRole,zzlwsnattrLastName,zzlwsnattrPortalRole,zzlwsnattrWFUser,zzlwsnattrPortalAdmin,zzlwsnattrEmail,zzlwsnattrOLEDBC,zzlwsnattrName,whenCreated,whenChanged,uSNCreated,uSNChanged -a cn=ldapadmin,o=lwsntest,dc=nogalis,dc=com password1234
![Page 23: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/23.jpg)
Sample ldifde file
![Page 24: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/24.jpg)
Ldapsearch usage (UNIX)
Usage: ldapsearch -D <LDAPBINDDN> -w <LDAPPASSWORD> -h <LDAPHOST> -p <LDAPPORT> -b <RESOURCEDATADN> objectclass=zzlwsnobjPeople > $tmpfile
Example:ldapsearch -D "OU=resources,O=lwsnrmdata,o=lwsntest,dc=nogalis,dc=com" -w password1234 -h ldap.nogalis.com -p 389 -b "OU=resources,O=lwsnrmdata,o=lwsntest,dc=nogalis,dc=com" objectclass=zzlwsnobjPeople > $tmpfile
![Page 25: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/25.jpg)
Method 6 - Reporting
• Lawson Security Reports• Third party reporting solutions like LSF_IQ
• Home brewed reporting using LBI
![Page 26: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/26.jpg)
38 Clicks!!
![Page 27: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/27.jpg)
LSFIQSecurity Reporting in the Cloud
![Page 28: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/28.jpg)
Clearing All the Cache• Perform an IOSCacheRefresh• Clear all your browsing history and restart the
browser• Clear Security Cache• Reduce Caching Interval• Wait up to 15 minutes• Try it in LID
![Page 29: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/29.jpg)
![Page 30: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/30.jpg)
Naming Convention
Come up with a good naming convention for roles and classes before you do anything else. These should make sense at a glance and be easy to classify and sorting them should also group them.
![Page 31: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/31.jpg)
Free Educationwww.nogalis.com/education
![Page 32: Troubleshooting Lawson Security](https://reader035.vdocuments.net/reader035/viewer/2022070521/58f0753a1a28ab46208b45a3/html5/thumbnails/32.jpg)
Upcoming Events
www.nogalis.com/education
Aug 19
Aug 27
MWLUG – User Group
11 Performance Enhancers for your Lawson Environment