Administrative Profiles

There are two kinds of profiles that apply to administrators, one for securing Lawson Security (ADM) and one for securing Resource Management (RM).

You use these profiles, which are delivered with Lawson Security, to define access to the Lawson Security Administrator, the Resource Management Administrator, and the Schema Editor. You can have only one administrative profile and one Resource Management profile.

The securable objects and securable types available when you work with the administrative profiles are very different than those available with functional profiles.

ADM profile

The ADM profile includes a security class (AllADMAccess) that grants access to all of Lawson Security. In turn, this class is assigned to the super-administrator role so that any user who has this role will have the access granted in the AllADMAccess class. The security super-administrator role also is assigned to security classes in the profiles delivered for the GEN product line. A security administrator needs access to the RM and GEN securable objects because these objects contain user information and other data needed for security.

RM profile

In the Resource Management profile, you can control access to the Lawson LDAP objects (groups, resources, roles, and structures) and the attributes for the resource objects.