The ssoconfig Utility: Overview
What is the ssoconfig utility?
The ssoconfig utility is a command line tool for performing a variety of procedures related to services, agents and identities.
Who can run the ssoconfig utility?
The ssoconfig utility can only be run by a user who has been given access to the utility through Lawson Security.
By default the following users also have access to the utility.
-
On Windows: members of the Windows administrators' group
-
On UNIX: The users lawson or root
-
On IBM i: The user LAWSON
What can you do with the ssoconfig utility?
This section provides an overview of:
-
The reasons you would use the ssoconfig utility
-
ssoconfig procedures and ways to perform them
Procedure | Why and when you would perform it | Ways to perform |
---|---|---|
Create a service or agent |
Some services are required to get Lawson up and running initially and are installed by default. Others might be installed by your installer or you might need to create them. (Your Lawson documentation will always tell you if you need to create an agent or service.) In general, a service or agent must exist and be populated with user identities before users can start working with the product or component for which the service or agent is needed. In addition, you might need to make changes to an existing service or agent, which you could do at any time. |
Run ssoconfig from the command line and respond to prompts. |
Update a service or agent |
If you make a change to your system that affects authentication, you will need to update all SSO services that will be affected. Some examples:
|
Run ssoconfig from the command line and respond to prompts. |
Add identities for users | All services must be populated with the identities of the users who are allowed to access the product for which the service or agent has been created. This is referred to as creating an identity for a service. |
|
Perform administration tasks related to users and passwords |
Perform the following tasks on an as-needed basis:
|
Run commands from the command line. Refer to the appropriate sections of this document. |
Change technical settings for SSO |
The following system configuration (authentication data store settings) can be changed through ssoconfig (although it would not be done often if at all):
|
Run appropriate commands from the command line. |
Configuring endpoints | This means configuring multiple web servers to communicate with a single application server. | Instructions are in the document Lawson Administration: Server Setup and Maintenance. |
ssoconfig utility: general usage tips
You run the ssoconfig utility from the command line. For most operations, a password is required. Make sure that the password is revealed only to authorized administrators. It is a good idea to change the password periodically.
Typically, when you run ssoconfig, many of the prompts will not apply to you. Review the meaning of the prompt in this documentation and, when it doesn't apply to your situation, press Enter to bypass it.
You respond to prompts either by selecting a number that represents an option or by typing a response. In either case, submit your response by pressing the Enter key. For typed responses, take care to avoid typos before pressing Enter. In some cases, typos can have undesired results.
Some prompts offer keys for Back and Exit. "Back" means return to the previous option so you can make a different selection. "Exit" means exit the ssoconfig utility without completing the procedure you were in the process of performing. Any changes you made prior to pressing "Exit" will not be saved.