User Data (ttaad2500m000)

Use this session to specify the system data, defaults settings, authorizations, and templates applicable for the LN user. The data is necessary for the user to start up a Tools application successfully. In this session you can also specify the Tools user's address data. For example, the e-mail address, telephone number, fax number, and so on.

Click Convert Changes To Runtime DD on the appropriate, to create or change the user file. The user file u<user name> is located in the $BSE\lib\user directory.

To ensure that the LN user can use information from a database, click Convert LN users to Database Users on the appropriate menu to give the user the proper authorizations.

You must restart Tools to make the changes effective.

If you delete a record with user data, all user data in the sessions linked to that user are removed as well. If you change a user from super user to normal user, all authorizations will be deleted.

Note

If you have started this session by zooming, you can only find and select a record.

 

User
A user code to identify the user as an LN user.

The Tools user code is normally similar to the user code specified in the System Login field. You can specify more than one Tools user for one system logon.

When a user starts the bshell, by default the system starts with the Tools user code that is equal to the system logon code. You can start the bshell with a different Tools user code by setting the User environment variable.

Example

System logonLN user
davedave
davedave_01
davedave_02
johnjohn
johnjohn_01

 

If the user with the system logon dave starts the bshell, by default he will be user dave in Tools. The user dave can fill the environment variable User with dave_01 or dave_02, to start as another Tools User.

If the user with the system logon dave sets the environment variable USER to john or john_01 and tries to start the bshell, the message Not authorized to run as user john appears. In the same way, UNIX user john can only start the bshell as Tools User john or john_01, but not as dave, dave_01 or dave_02.

Note

After running the Change length of OS User Names (ttaad2220m000) session, a one-to-one relationship exists between system login and LN User. You can link each system login to only one LN user.

IFS User
If this check box is selected, IFS is the SoR and LN is not the owner of Security User Data. The SSO User field becomes readonly and this field becomes mandatory. The state of the Name, Email Address and Role fields depend on the data as stored in table 'User Data Maintenance Ownership Parameters' (ttaad212). In case LN is the SoR and the owner of the Security User Data, the field IFS User is not applicable.
IFS Status
This is a display field. In case LN is the SoR and the owner of Security User Data, the fields IFS User and IFS Status are not applicable.
Name
The name of the Tools user. This field becomes readonly in case the ‘Name’ User Property is owned Outside LN.
SSO User
This field is displayed only if the SSO Active check box in the AMS Parameters (ttams0100m000) session is selected. Specify the name of the user as it is known in SSO Service.

You can leave the SSO User field blank. In that case the value of the System Login field is used during the Convert to Runtime. The Infor SSO User must be unique; for example, an Infor SSO User can only be specified for one LN user.

During the convert to runtime this field is dumped into the u<user> file with the sso_user tag.

Also a $BSE/lib/user/sso/s<SSO_USER> file, that contains the Application User name, is created. The format is baanuser:<baan user name>. This file is used by the Bshell to make the mapping from SSO user to Application User.

To prevent that an end user can tamper with the configuration to get more credentials, an extra file $BSE/lib/sso.permissions is introduced for BLogin. This file contains the permissions for SSO users to impersonate a certain OS user. The system administrator must maintain the file which is only writable on OS level by the system administrator. It must be considered as having the same security status as for example the OS password file. If this file does not exist, BLogin refuses to handle SSO requests.

Register the SSO permissions file location in the Systems (ttaad0550m000) session. Updates on the SSO permissions file are then processed automatically. The updates are handled as part of the System Data/User Data/Text Groups option by the Convert Changes to Runtime DD (ttams2200m000) session.

Notes:

  • The file must already exist, a fresh create is not supported.
  • Data is only added. If not already present, the file is updated with the processed OS/SSO user combination.
Use Generic System User
If this check box is selected, the default OS-user identity that is used in SSO mode to run the binaries will be displayed. Any user can impersonate the Generic System User. After conversion this data is placed into the sso_config file as generic_user:<Generic User>.

The Use Generic System User field is enabled if the Overrule System User Allowed check box in the AMS Parameters (ttams0100m000) session is selected.

Identity (UUID)
The IFS identity.
System Login
The System Login code of the user. The user code specified in the User field is used as the default.

Before installing Tools, a number of system logons have to be created by the system manager by using a system administration program.

Tools checks if the logon code specified in this field exists in the password file. If not, a warning appears.

Important!

You can only specify system login codes that are in lower case.

Note that if SSO is active, the value of the displayed Generic System User field is used during the Convert to Runtime, instead of the System Login.

User Type
Specifies the user type of the LN user.
Package Combination
The user's package combination of the Tools software.
Package Combination
The description of the package combination.
Company
The default company that contains data that the LN user will work with.

Access to a company is only possible if the package combination of the Tools user and company are the same.

There are exceptions to this rule. The company's package combination can only differ from the user's package combination under the following restrictions:

  • Both package combinations must include the same library authorizations.
  • The package VRCs in both package combinations can only be different if both package VRCs are derived from each other, or both package VRCs are derived from the same package VRC, and no changes in data definitions or domains have been made in the derived package VRCs.
Note

If the user is a normal user, the company authorization for the specified company is automatically generated.

Related topics

  • Infor LN User Guide for Multicompany Structures
Company
The name of the company.
Logistical Company
The logistic company that contains data that the LN user will work with. This field will only be visible if the parameter for dynamic Logistic - Financial Company switching (ttaad0101s000) has been enabled.

Related topics

  • Infor LN User Guide for Multicompany Structures
Financial Company
The financial company that contains data that the LN user will work with. This field will only be visible if the parameter for dynamic Logistic - Financial Company switching (ttaad0101s000) has been enabled.

Related topics

  • Infor LN User Guide for Multicompany Structures
Role
The user's default role. If this field is blank, the role mechanism is not available.

A role contains personalization settings, such as session personalizations and menu personalizations.

A role-enabled user has one current role and can have multiple roles assigned. If multiple roles are assigned to a user, the user can switch between these roles.

Language
The code of the Software Language in which the user starts up the application.
Data Language
The code of the Data Language of the user.
Authorization Password
Menu Browser
If this check box is selected, the Menu Browser is included in the user's WorkTop at startup.
Startup Menu
The package code of the user's startup menu.
Startup Menu
The module code of the user's startup menu.
Startup Menu
The code of the user's startup menu.
Startup Menu
The description of the user's startup menu.
Infor LN Process Browser (DEM)
If this check box is selected, the Infor LN Process Browser (DEM) is included in the user's WorkTop at startup.
Infor LN Workflow
If this check box is selected, the Infor LN Workflow is included in the user's WorkTop at startup.
Remember the user's settings
If this check box is selected, if the user restarts an overview session, the session starts with the last index the user selected for the session.

If this check box is cleared,

  • Sessions start with the default window size, and the default screen position.
  • Overview sessions start with the default column widths.
  • Overview sessions start with the session's default index.
Note

The user can only select a session's index if the Sort by command on the View menu is enabled.

Non-interrupting Message Mode
The user's Message mode. At runtime, users can change the message mode in the Options (ttams1100s100) session, which they can access by clicking Options... on the Tools menu of any overview session.
Standard Toolbar
The location of the user's standard toolbar on a session's form. Users can maintain this field in the Options (ttams1100s100) session, which they can access by clicking Options... on the Tools menu of any overview session.
Application Toolbar (Icons)
The location of the user's application toolbar (icon buttons) on a session's form. Users can maintain this field in the Options (ttams1100s100) session, which they can access by clicking Options... on the Tools menu of any overview session.
Application Toolbar (Text)
The location of the user's application toolbar (text buttons) on a session's form. Users can maintain this field in the Options (ttams1100s100) session, which they can access by clicking Options... on the Tools menu of any overview session.
User Data
The Tools user's user data template.
Note

You create the templates in the User Data Template (ttams1110m000) session.

Default Text Groups
The Tools user's default text group template.
Note

You create the template in the Default Text Groups Template (ttams1121m000) session.

Default Text Fields
The LN user's default text field template.
Note

You create the template in the Default Text Groups by Text Field Template (ttams1120m000) session.

Development Parameters
The Tools user's development parameters template.

You create the template in the Development Parameters Template (ttams1150m000) session.

Device Preferences
The Tools user's device preference template.
Role
A role of the LN user in an organization. All elements of this field become readonly in case the ‘AMS Roles’ User Property is owned Outside LN.
Note

You can link the Tools user to more than one role.

Example

A manager must have the same authorizations as his staff in the organization, in addition to his own authorizations.

Role
The description of the role.
Default Authorization for all Package VRCs
If this check box is selected, the developer has default authorization to change software components in all package VRCs. If a package VRC is specified in the Developer Authorization Template (ttams1151m000) session, the developer will no longer be authorized for all package VRCs, but only for the specified VRC.

If this check box is cleared, the developer is only authorized for the package VRC that is specified in the Developer Authorization Template (ttams1151m000) session.

Developer Authorizations
The code of the template in which the authorizations for the developer are specified.
Note

You create the template in the Developer Authorization Template (ttams1151m000) session.

Text Group Authorizations
The code of the template in which the text group authorizations for the LN user are specified.

A textgroup authorization template must be specified for a normal user, otherwise the user is unable to read or write text in Tools.

Note

You create the template in the Text Group Authorization Template (ttams1122m000) session.

Email Type
The address type of the user's e-mail address.
Email Address
The e-mail address of the recipient. LN checks the validity of the e-mail address based on the e-mail type. This field becomes readonly in case the ‘Email Address’ User Property is owned Outside LN.
Telephone Number
This field is not yet supported by LN.
Fax Number
This field is not yet supported by LN.
Telex Number
This field is not yet supported by LN.
SITA Address
This field is not yet supported by LN.
SMS Address
This field is not yet supported by LN.
Default Address Type
The default address type for the user. LN uses the default when an application does not specify how a message should be sent to the user. If you use a default message type, you must also supply an address for that type. You can also leave this field empty, meaning this user has no default message type.

 

Get Identity
The Get Iidentity is not available in case IFS is the SoR.