Configure existing Lawson identities for use with AD FS

Create an identities file to load the lawson user and other Lawson users into Lawson System Foundation.

This procedure changes the identities for the user lawson and other users who already have identities on the SSOP service so that they are in the appropriate format for AD FS. Before this procedure is performed, an identity is stored as, for example, "lawson". After this procedure has been performed, an identity is created in the User Principal Name format.

Example: User Principal Name format

lawson@YourAuthenticatingDomain.com

At the command prompt for your Lawson environment, type the command to start the ssoconfig utility.

ssoconfig -c
Enter the password for the ssoconfig utility.
Type 5 to Manage Lawson Services and press Enter.
Type 6 to Export service and identity info and press Enter.
For Do you want to export all the services, type 2 (NO) and press Enter.
For Enter the services name separate by comma to be exported, type SSOP and press Enter.
For Do you want to export the identities, type ALL and press Enter.
For Enter file name to save export as, type identities.xmland press Enter.
For Choose format that Lawson Software should export credential information as, type 2 (Opaque) and press Enter.
When the export is finished, type 11 to exit.

Using a text editor, open identities.xml. Supply the appropriate values for RDID and USER in the example below.

User Principal Name Example

lawson@YourAuthenticatingDomain.com

Make these changes for all users in the SSOP service.

<?xml version="1.0" encoding="ISO-8859-1"?>
<BATCH_LOAD FORMAT="Opaque" OVERRIDE="true">
    <IDENTITY SERVICENAME="SSOP">
        <RDID>lawson</RDID>
        <USER><![CDATA[lawson@YourAuthenticatingDomain.COM]]></USER>
    </IDENTITY>>

Save the file as newidentities.xml.
At the command prompt for your Lawson environment, type:

ssoconfig -l <password> newidentities.xml

where

l is a lower case L

<password> is the password for the ssoconfig utility.