LBI Auditing Part 3c – Overview of Service Now Admin Audit Reports

, ,

In LBI Auditing Part 3b we went over Reporting Service Admin Audit Reports. In this article we will go over the Service Now (SN) portion of reports.

 

SN01.List of Alerts:

This report allows you to view what user(s) and or group(s) have access to what SN alert/report.

Column Name Description
Alert ID Assigned alert ID number.
Alert Name Alert name created by owner.
Owner Owner who published alert.
Creation Date Date in which the alert was created.
Last Modified/Rendered Date when the alert was last modified.
Shared To Alert shared access.
Roles Roles that grant access to the alert.
Security Specify Type of access (public, user, or group).

 

SN02. User/Group Access on SN Alerts:

This is a security report showing user/group access to specific alerts.

Column Name Description
User/Group Name of user or group.
Specify Access type (user or group).
Roles Roles that grant access to the alert.
Alert ID Assigned alert ID number.
Last Modified/Rendered Date when the alert was last modified.
Alert Alert name created by owner.
Last Rendered Date when the alert was last modified.

 

SN03.Top Rendered Alerts and their Top Viewers:

This report shows statistics on your most viewed alerts and top viewers.

Column Name Description
Top Alert Alerts with most views starting at the top
Alert Name Alert name created by owner.
No. of Views Total number of alert views.
Alert ID Assigned alert ID number.
Group Group being notified
Owner Owner who published alert.
Rank Top ranked viewers of the specific alert.
Viewer User viewing report.
Roles Roles that grant access to the alert.
User Views Total number of views per user.

 

For more details on these admin audit reports, check out Part 3a “Overview of Framework Service Admin Audit Reports” and Part 3b “Overview of Reporting Service Admin Audit Reports”.

LBI Auditing Part 3b – Overview of Reporting Service Admin Audit Reports

, ,

In LBI Auditing Part 3a we went over Framework Service Admin Audit Reports. In this article we will go over the Reporting Service (RS) portion of reports.

 

RS01.RS Reports:

This report shows all your reports in LBI along with the below details.

Column Name Description
Report ID Assigned ID when report was created.
Report Name Report Name (may differ from given dashboard name).
Owner Owner who published report.
User User access to the report.
Date Created Report creation date.

 

RS02. User Access on Reports:

This is a security report showing user/group access to specific reports.

Column Name Description
User User with LBI access.
Report ID Assigned ID when report was created.
Report Name Report Name (may differ from given dashboard name).

 

RS03.Top Viewed Reports in RS:

This report shows statistics on your most viewed reports, what users viewing them the most and total views per user.

Column Name Description
Report ID Assigned ID when report was created.
Report Name Report Name (may differ from given dashboard name).
Access Viewer Top Viewer of a specific report
Number of Views Total number of views by a specific user

 

RS04.Top Scheduled/Exported Reports

This report shows statistics on your most scheduled and exported reports.

Column Name Description
Report ID Assigned ID when report was created.
Report Name Report Name (may differ from given dashboard name).
Frequency Total number of time a report has been scheduled/exported.

 

 

For more details on these admin audit reports, check out Part 3c “Overview of Service Now Admin Audit Reports” (coming soon) and/or Part 3a “Overview of Reporting Service Admin Audit Reports”.

 

 

LBI Auditing Part 3a – Overview of Framework Service Admin Audit Reports

, ,

In LBI Auditing Part 2, we went over setting up admin audit reports in LBI. In this article we will go over the Framework Service (FS) portion of reports.

 

FS01.FS Content:

This report may contain a lot of data and can take longer to generate. It displays dashboard, module, and content links. Couple with this type of data, you will be able to see user ownership, security type, shared/view access, create and modified date data.

 

Column Name Description
Dashboard-Module-Links Created content name, shared/not shared.
Item Specify Type of content (Dashboard, Module, Link).
Owner Owner of content
Shared to User or groups that have access, specific sharing rights.
Security Specify Shows whether shared access is public, from a user, or group.
View Access Viewing rights from users or groups (design rights or not).
Modified Date Last logged date the content has been changed/modified.
Creation Date Date in which the content was created.

 

FS02.User/Group Access on FS Content:

This report shows what content a user or group has access to.

Column Name Description
ID The ENPTREEENTRYID where the user belongs to.
User/Group User/Group Name and their access to certain content.
Security Specify Access Type: public, user, or group.
Access Items Content each user has access to.
Item Specify Type of content (Dashboard, Module, Link).
Creation Date Date in which the content was created.

 

FS03.Top Viewed Links in Framework Services:

Links that are captured and logged in the database if the Auditing feature is turned on. (See LBI Auditing Part 1 of how to set this up.)

Column Name Description
Names Names of the FS Links.
Access View User access.
Access Value Access level to a certain user or group (if public at all).
Views Count How many times a link was viewed

 

For more details on these admin audit reports, check out Part 3b “Overview of Reporting Service Admin Audit Reports” and Part 3c “Overview of Service Now Admin Audit Reports” (coming soon).

LBI Auditing Part 2 – Setting up Admin Audit Reports

, ,

In LBI Auditing Part 1, we went over enabling dashboard auditing. This time we will go over how to set up special Admin Audit Reports to view more information about LBI activity via Framework/Reporting Services and Smart Notifications. These reports are for 10.6.0.0 and later but check with Infor if they are supported for older versions.

 

  1. Login to Infor Support Portal and go to the LBI Product Download page.
  2. Download the BI-Samples.zip file and unzip to a temporary location
  3. Locate Infor-LBI-Admin-Reports-SolutionPack.zip
  4. Login into LBI and go to Tools dashboard
  5. Click the Deployment Utility link and a Deployment Utility window will pop-up
  6. Browse for the solution pack mentioned in Step 3, select it and then click Import
    • NOTE: Framework Services content is delivered in a folder called fs; Reporting Services in a folder called rs; Smart Notification in a folder called sn.
    • No tab will be displayed for a service if the solution package does not contain a solution for that service or if the service is not registered/installed.
  7. When the import is completed, a screen is displayed with a tab for each imported package, click on a tab to view the import and additional details.
  8. If the import fails for any reason, try and correct the issue, verify zip file is not corrupt, re-import.
    • NOTE: Remove any applications directories where the import was successful to avoid duplicate content.

 

Make sure to check out Part 3a – “Overview of Framework Service Admin Audit Reports”  (coming soon) to get more insight into these reports.

LBI Auditing Part 1 – Setting up Dashboard Auditing

, ,

You may not be aware that LBI has many different auditing features. Today I’ll be talking about dashboard auditing specifically.

Dashboard auditing in a nutshell allows you to track what dashboard links and content are being accessed by your user base. This can be helpful for reviewing security permissions, getting rid of unused links, as well as optimizing overly used links/reports.

To enable Dashboard auditing you must have Administrator rights in LBI.

  1. Login into LBI and go to the Tools
  2. Select System Settings and go to the Dashboard Audit Section
  3. Select Yes to Allow Dashboard Audit and Save Changes
  4. Stop and restart the server for the changes to take effect.

Framework Services will now automatically capture and log relevant dashboard info to your LBI database table FS_AUDIT.

 

Make sure to check out the second article in this series, LBI Auditing Part 2 – “Setting up Admin Audit Reports”.

Updating Bouncy Castle after Java Update on Landmark Server

, ,

Similar to LSFCT, when Java is updated on the Landmark server, you will need to place the Bouncy Castle provider in the LAW_JAVA_HOME/jre/lib/ext directory.  To get the latest Bouncy Castle release, navigate to https://www.bouncycastle.org/latest_releases.html.  Select the latest release, or the release that corresponds to your version of Java.  Download the signed JAR file.

Stop all the IBM processes and Lawson.  Also, check your task manager for any running java processes.  Kill any java process.  Place the file at LAW_JAVA_HOME/jre/lib/ext.  Start all the services, or reboot the machine.

 

Updating Bouncy Castle After Websphere Fix Pack

, ,

Similar to Lawson System Foundation, when WebSphere is updated in Landmark, the Bouncy Castle provider might also need to be updated.  If this is the case, you will notice an error message similar to the one below in the SSOCfgInfoServlet page.

Also, there will be messages logged in the ssocfginfoservlet.log and security_authen.log.  One of the biggest indicators of a bouncy castle issue is the error “No provider: BC”.

Ssocfginfoservlet.log, security_authen.log

Tue Dec 22 12:10:05.323 CST 2020 – default–1864609923 – L(2) : tid{DEFAULT} lid{13vdos3oj0u2br08s6qstv1pnv}. Error encountered while processing the request. Additional information: {Error decrypting data.

Stack Trace :

com.lawson.security.authen.SecurityAuthenException: Error decrypting data.

                at com.lawson.security.authen.AuthenDat.getSYMKey(AuthenDat.java:4214)

                at com.lawson.security.authen.AuthenDat.getAuthenDatData(AuthenDat.java:828)

                at com.lawson.security.authen.LawsonAuthentication.getAuthenDatStr(LawsonAuthentication.java:1406)

                at com.lawson.security.authen.LawsonAuthenDataManagerLMImpl.getAuthenDataAsString(LawsonAuthenDataManagerLMImpl.java:53)

                at com.lawson.security.authen.SSOCfgInfoServlet.getConfigXML(SSOCfgInfoServlet.java:177)

                at com.lawson.security.authen.SSOCfgInfoServlet.process(SSOCfgInfoServlet.java:643)

                at com.lawson.security.authen.SSOCfgInfoServlet.doGet(SSOCfgInfoServlet.java:163)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:575)

 

 

To update the Bouncy Castle provider, open a Landmark command window, or open a command line window and set the environment variables.  Navigate to WAS_JAVA_HOME, and run the command

java -jar %LAENVDIR%/java/jar/bcinstall.jar

This will put the correct provider file in your java home location.  Then, bounce the application server or reboot the machine.