Adding users and their identities to the Lawson system

There are several ways to add Lawson users and identities to the system. How you choose to do it depends on many factors, especially number of users at your site.

When to do it

When you set up Lawson initially.

You also need to perform it any time you add a new user to the system or need to add an identity for a user to a product that requires an identity.

How to do it on a federated system

Federated systems are two (or more) Lawson systems that share user and other important information. For example, if you use Version 10 applications that are both LSF-and Landmark-based, your system is federated. These instructions describe what needs to be done to add new users to the system.

  • To add a single user who is not currently in the Lawson system:

    You will do this using the Lawson Security Services administrator tool, following steps described in the Lawson Security Services Administration Guide.

  • To auto-load users from an XML file:

    Create an XML input file of user data and then run the command line utility, LoadUsers, to add the data to the LDAP. (Instructions are in this document.)

    If you use this method, you will need to re-run the federation procedure after the users are added to ensure that both systems in the federation are synchronized.

How to do it on an LSF standalone system

  • To add a single user who is not currently in the Lawson system:

    From the Lawson Security Administrator, use the Add User wizard. This will walk you through the screens for adding all required information about the user and will let you set up the user on the identities that the user needs.

    This method is a practical way to add new users, even if you have a significant number of users to add.

  • To auto-load users from an XML file:

    Create an XML input file of user data and then run the command line utility, LoadUsers, to add the data to the LDAP.

  • To auto-populate identities for existing users:

    If you already have resource data in your LDAP and want to add identities for some or all of the users, you can use the ssoconfig utility in combination with an XML file to help you auto-populate the identities.

    You can create an XML file that contains all the users and identities that you want linked to the appropriate services. Any method for populating the XML file, as long as the data is in the format required by ssoconfig, is acceptable.

    You can also let ssoconfig read your LDAP user data and generate the XML file.

    In both situations, you would run ssoconfig against the XML file. The difference is in how you create the XML file.

    If you have an existing LDAP directory that is populated with resources, generating the XML file through ssoconfig would be a good method. If you do not have an existing LDAP directory, you will have to create the XML file through some other method (for example, through exporting or manually editing). Any time an auto-populating method is used either to create an XML file or to import data into the LDAP, you should review both the XML file and the resulting output to make sure it is what you expected.