Best way to get LAUA reports

Welcome to LawsonTalk. We hope you enjoy your visit.

You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free. After registration, please check your e-mail within 24 hours for an message from us, read it, and reply to it.

Join our community!

If you're already a member please log in to your account to access all of our features:

Best way to get LAUA reports; Comparing 8.0x to 9.0 Security
Topic Started: May 29 2009, 10:09 AM (436 Views)
Mil0n023	May 29 2009, 10:09 AM Post #1
"You probably shouldn't do that...." Posts: 237 Group: Members Member #591 Joined: May 11, 2006	I need to compare all of my Security profiles(classes) in our current 8.0x (LSF9.0 Env) to our Target 9.0 LAUA. The two do not match and would like to compare them and reconcile new fields, etc... The LAUA reports are ugly. Is there a good way to get them into Excel so I can do a compare? :afro:



3monkeys	Jun 2 2009, 11:09 AM Post #2
Super Member Posts: 169 Group: Members Member #240 Joined: January 13, 2006	If you're trying to get two LAUA security setups to match, is it too late to do a secdump/secload? You could always query or rngdbdump from the GEN tables holding the security, but that would be quite tedious and probably time prohibitive if you have a lot of security classes.



Mil0n023	Jun 3 2009, 11:25 AM Post #3
"You probably shouldn't do that...." Posts: 237 Group: Members Member #591 Joined: May 11, 2006	Well we completed a secdump and secload - but the issues was with the new functionality that 9.0 Apps brings (forms, fields, etc..) that we dont have in our 8.03x. SO I wanted to do a file compare in Excel or UltraEdit for each Module. No worries. I will go the GEN route and see what I come up with.



Mil0n023	Jun 3 2009, 11:41 AM Post #4
"You probably shouldn't do that...." Posts: 237 Group: Members Member #591 Joined: May 11, 2006	3monkeys Jun 2 2009, 11:09 AM If you're trying to get two LAUA security setups to match, is it too late to do a secdump/secload? You could always query or rngdbdump from the GEN tables holding the security, but that would be quite tedious and probably time prohibitive if you have a lot of security classes. do you have an example of a gen report i can piggy back off of? I can't seemt o link my Secclass with the Function Codes... ?? :werd:



3monkeys	Jun 4 2009, 08:13 AM Post #5
Super Member Posts: 169 Group: Members Member #240 Joined: January 13, 2006	I don't have a report, but I used to have a process for reporting this kind of thing. If this is the first time you've had to try mining laua data out of GEN, you'll see that those tables only store what the security class does NOT have access to. Which makes it a little harder to answer the basic "who has access to token X?" question. And then if the security class doesn't have access to an entire system code such as AP, then the tokens in that system code are not stored because you already don't have the system code. Try extracting something from these tables: USERCAT - the system codes they DO NOT have access to USEREXE - the tokens (programs) they DO NOT have access to WITHIN the system codes they DO have access to USERSCR - the function codes they DO NOT have access to for the tokens the DO have access to Look into those tables and you'll start to see why the standard laua security reports suck so much. In the end, you may end up with two LID screens open and comparing laua classes side by side the hard way. Good luck!



schroncd	Jun 12 2009, 09:42 AM Post #6
Lawson Technorati Posts: 689 Group: Members Member #13 Joined: January 11, 2006	There are folks who have found this little perl script useful. It came off the old SW User Groups website, before they removed the download section. # # whocan - who can access a screen code # # usage: perl whocan.pl screenname reportfile # # Screenname should be something like HR11.1 or HR11\\. (case in-sensitive) # # Reportfile is the output from a formid security report from laua # BEGIN { $screen = shift @ARGV or die "usage: whocan AB12[.3] report_file"; $secclass=""; print " SYSTEM PROGRAM UNSECURED SECURED\n"; print "SECCLASS PRODUCT LINE CODE CODE FORM ID SECURED FCs FCs\n"; print "---------- ------------------------------------------------------------------------------\n"; } if (/SECURITY CLASS:\s+(\S+)$/) { $secclass=$1; next; } if ($secclass) { printf("%-11s%s", $secclass, $_) if /$screen/i; }


« Previous Topic · Security · Next Topic »