Server configuration properties

From the ISS console, administrators can update configuration properties for the security server.

  1. From the ISS console dashboard, select Configuration->Manage Server->Server Configuration.
    Updating server configuration properties from the dashboard
  2. Update these properties as needed:
    Property Description
    AUDIT Set to ON or OFF to turn auditing on or off. If auditing is on, it will track the items listed for the AUDIT_TYPES parameter.
    AUDIT_DATASRC The location where audit data is stored. If you select DB, the data is stored in the LSAUDIT file in the LOGAN data area. If you select LDAP, the data is stored in the LDAP repository. The default is DB. Be aware that if you select LDAP, large amounts of data may be placed in the LDAP repository.
    AUDIT_TYPES The type of activities that will be monitored if you turn on auditing: ADD = adding security data for profiles, security classes, and rules; CHG = changing security data for profiles, security classes, and rules; DEL = deleting security data for profiles, security classes, and rules; DEN = denial of access, SSO = authentication attempt.
    CACHING_INTERVAL The time in seconds that the system waits to check for updated security information.
    CLEAR_CACHE_REQUEST A request to clear cache has been submitted.
    DEDICATED_HANDLERS Set to TRUE or FALSE. If TRUE, then for each security request, a separate event handler is created that exists until the system is finished with the request. If FALSE, then the event handler for a request goes into a pool after finishing with each request, and is available for other requests. If you set this to FALSE, use the MAX_HANDLER_IDLETIME, MAX_CONN_BLOCK_TIME, MAX_HANDLER_COUNT, and MIN_HANDLER_COUNT parameters to control the event handler pool. TRUE generally results in faster performance but more intensive resource use.
    DEFAULT_USER Not used.
    INSTALLEDTYPES
    Note: There must be no spaces in the value for this property.
    LAWDIR The path for the directory on the application server for the Lawson applications, configuration files, and spooled print output.
    LOCAL_EXECUTION Not used.
    LOGGING_LEVEL

    The level of detail for the information that is included in the security logging for Lawson Security. The levels correspond as follows to the settings on the Auditing + Logging tab in the Lawson Security Administrator.

    • Critical: Only severe issues or warnings are logged.

    • General: Logs significant events that are not necessarily problems or warnings.

    • All: Logs all events, including issues and warnings.

    • Debug: Logs all events in debug mode.

    LOGGING_USERS The users that you have selected to audit.
    LOG_DIR The directory where the log files are located.
    MAX_CONN_BLOCK_TIME If DEDICATED_HANDLERS is set to FALSE, this is the amount of time in milliseconds until the pool of handlers becomes available.
    MAX_HANDLER_COUNT If DEDICATED_HANDLERS is set to FALSE, this is the maximum number of handlers in the pool.
    MAX_HANDLER_IDLETIME If DEDICATED_HANDLERS is set to FALSE, this is the time in milliseconds a handler should stay in the pool until the handler is stopped.
    MIN_HANDLER_COUNT If DEDICATED_HANDLERS is set to FALSE, this the minimum number of handlers in the pool.
    MODIFIEDON The most recent date and time security information was modified.
    PRINTNETMSG Set to TRUE to cause more verbose logging output. If set to TRUE, the maximum amount of information is sent to the ls<instancename>.log. Administrators must monitor the size of the log file if this parameter is set to TRUE.
    RM_DS_NAME Not used.
    RM_DS_TYPE Must be LARM. It refers to the Resource Management APIs used to access the Resource Management data source.
    RM_MODIFIED_ON The date and time Resource Management data was modified. The date and time are in the format: yyyymmddhhmmss.
    ROOTDN The LDAP node that is the root node for Lawson data o=lwsnrmmetaroot
    SCHEMA_VERSION Version of schema being used.
    SEC_DS_TYPE Set to LDAP to indicate that security data is stored in LDAP.
    SECURITY_CHECKING Whether security checking through Lawson Security is turned on or off for the Lawson system.
    SERVER_ADDR The address of the server (machine) that hosts the Lawson Security server.
    SERVER_INSTANCE Set by installation to "default."
    SERVER_PORT The port used by the Lawson Security server.
    TRACE Indicates whether tracing has been turned on or off.
    TRACE_DIR The directory where trace files are located.
    USERMODIFIED The date and time that the last change was made to the security system. The date and time are in the format: yyyymmddhhmmss.
    USE_SECURESOCKET If TRUE, SSL is used for transport of the password from Lawson Portal to LDAP. If FALSE, the password is sent as plain text using TCPIP.