If JavaScript is disabled, please continue to the
sitemap
.
Infor Security Services Configuration Guide
Home
Home
Back
Back
Forward
Forward
Search
Help
Copy URL
PDF
Print this page
Help
Help
Copy URL
Copy URL
Topic URL copied to clipboard
PDF
PDF
Print
Hide the Table of Contents
Show the Table of Contents
Infor Security Services Administration: Overview and Prerequisites
About this document
Conventions used in this document
Infor Security Services: Overview
Infor Security System Configuration Prerequisites
Authentication and authorization requirements
Tuning and Logging Options
Global tuning (all systems)
Adjusting the number of threads to improve performance during the synchronization process
Tuning the lase grid node on the Landmark server
System-specific tuning
Tuning recommendations for TDS version 6.2 or 6.3
Updating Infor Security MaxQueryResults
Tuning Nthread in the ibmslapd.conf file
Tuning ULIMITS
Enabling (and disabling) logging
Log files
Enabling / disabling logging for LSF
Refresh logging configuration for LSF
Add MsgMaxSize logging parameter
Federating a System
Pre-Federation Prerequisites and Procedures
Verify access to Infor Security Services
Federating procedures (Infor Landmark and Infor Lawson System Foundation)
Federate a system
Update the lsservice.properties file to indicate key management responsibility
Allowing multiple certificates to be handled by the keystore
Preparing to run the initial sync
Preparing to run the initial data synchronization
The Pre-Sync Data Check Report: Overview
Running the Pre-Sync Data Check for Actor Data using ssoconfig
Running the Pre-Sync Data Check for Identity Data and Fixing Errors
Check the security provisioning log file
Configuring only selected services to be synchronized
Running the initial sync
Performing a Full System Synchronization from ISS
Check the security provisioning log file
Initial synchronization: Meaning of conflicts that might occur
Setting the Primary Authentication Service (PAS)
Set the primary authenticating service
Changing the primary authentication service (after initial setting)
Sync conflicts that can occur when setting the primary service identities
Running subsequent syncs
Manually unlocking a federation process (ssoconfig utility)
Unlocking a Locked Process Using the ISS Administration Console
Synchronization Conflicts: Examples
Identity conflicts
Actor conflicts
Running a list-based synchronization of user data
How list-based sync works
Create the XML input file (default behavior for Actor Roles)
XML input file in which you specify behavior of Actor Roles
Run list-based sync using the ssoconfig command line utility
User maintenance
Adding a user in ISS
Accessing User Provisioning
Add basic information
Add required identities
Search for Users
Maintaining User Environment Information
Disabling a User
Additional server administration from the ISS Admin Console
Roles
Access Role Manager
Search for a role
Adding a role
Editing a role
Delete a Role
Delete a Role from the Add New Role form
Groups
Search for a group
Adding a Group
Editing a Group
Delete a group from the Group Manager page
Delete a group from the Add New Group form
Manage server
Log configuration for security access issues
Audit Configuration
Archiving audit records
Server configuration properties
Services
Monitoring your system
Viewing security server performance data
System Maintenance
Changing the primary authentication service (after initial setting)
Viewing Services Details
Schema Editor
What is ISS Schema Editor?
Schema Editor process
Adding, Updating or Deleting an Object Using ISS Schema Editor
Adding a new object
Editing an existing object
Deleting an object that was created at your site
Adding, Updating or Deleting an Attribute Using ISS Schema Editor
Adding a new object to the attribute library
Assigning an attribute to an object
Updating an existing attribute
Deleting an attribute that was created at your site
Reverting to Saved Schema
Importing Updated Schema Using the ldifgen Utility
Configuring Internet-facing Applications
Internet-facing applications: Overview of setup tasks for LSF
Install patches for LSF, Landmark and ISS
Create and configure a web server in the DMZ
Create a domain, an endpoint group, and an endpoint
Perform smoke tests
Configuring the rule file
Optional: Create a Lawson Portal role
Vulnerability mitigation configuration
Copying the Rule File to the Correct Location for LSF
Managing the Rule File
Adding and activating a rule file
Updating a rule file
Deleting a rule file
Deactivating a rule file
Test the external endpoint
Creating and Assigning a Default PortalRole for External LSF Users (Optional)
Create a role for external LSF users that can be used as their default role in Lawson Portal
Assign the new default role
Test the new role
Working with User Monitoring
Monitoring your system
Viewing security server performance data
Turn user monitoring on / off using the Infor Security Services administrative dashboard
Monitoring current user sessions and viewing session history
View currently active sessions
View session history
View peak usage history
Exporting user monitoring data from the security administration dashboard
Exporting user monitoring session-based data using the ssoconfig utility
Permanently deleting user monitoring data
User monitoring report details
Troubleshooting
Troubleshooting ISS administration login problems
Administrative user is unable to log in
User encounters a blank screen after logging in
Troubleshooting issues with registering of a system
Administrative user cannot successfully register a server
Registering a server fails with "UnknownHostException"
Locked process error while registering
"Server type does not allow method call"
Troubleshooting synchronization errors
Synchronization process cannot run
Sync Analysis errors
Sync Execution errors
Common error messages / Possible Causes / How to resolve
Errors related to not being able to update a resource
Errors related to not being able to create a domain
Actor does not exist
Failed to create service
Lase_server indicates a message is too large
Configuring the Security Database Directory Path in lsservice.properties
Open link in new tab
Open link in new window
Copy link to clipboard