How to Edit the Infor Initial Portal Log-in Screen

, ,

There are several reasons why one would want to customize the initial Infor portal log-in screen:

Maybe you don’t like the color scheme or would like to replace the logo with your company’s logo. Maybe your users are forgetting their passwords and you would like to include a “Forgot your password?” link on the page. Maybe the log-in box area is too small for your liking.

Whatever the case, you can use HTML to edit this log-in page as needed. The HTML page will be in IBM/Websphere directory. You will be able to locate login.html in the …\sso.war\v4 directory.

Open up login.html in an IDE of your choice and create HTML changes accordingly.

Top Takeaways from “Process Automation – Performance Considerations and Best Practices” Infor Webinar

, ,

This 1 hour, interactive briefing from Infor provides an overview of the best practices for performance tuning your IPA process flows, grid tuning considerations, and tips to leverage the most from your system.

The full webinar can be accessed through a link on this page: (https://technology-blog.infor.com/2015/12/13/recording-now-available-for-ipa-performance-considerations-and-best-practices-webinar/)

Here are some notable takeaways from the video:

  1. IPA Settings Tuning
    Basic tips for improving performance:

    • Ensure you are on the latest release of Landmark Environment.
    • Upgrading your system to a newer release of Java will often result in performance improvements.
    • Core Pool Size: pfi.dispatcher.CorePoolSize setting within Grid determines how many simultaneous workunits can process at a time. Rule of thumb is to start by setting this value to the number of CPU Cores in your Landmark Server. (8 core CPU = 8 max workunits) In order to fully optimize, you can start simultaneous flows equal to your server’s cores and check Task Manager’s Performance tab. For example, if only 50% of your CPU is being used with 8 simultaneous flows in progress, you can probably safetly increase the maximum workunits to 12 or even 16 for improved performance.
    • Max Heap: grid.jvm.maxHeapMB setting within Grid sets the max amount of server RAM a particular Grid Node can use for processing. When setting this value, be aware of how much total RAM is available to use on the server. All the Max Heap sizes for all Grid Nodes, Operating System Memory, and Memory Footprint of other programs needs to be less than the total RAM of the server. The Max Heap should be set as high as possible with these considerations in mind.
    • LmrkDeferred Node: When installing Landmark, some grid deployments create this LmrkDeferred grid gode which combines the functionality of Async and IPA into one node. You should not be running Process Automation with this grid node. Infor recommends that the Async node and IPA node be broken out into their own grid nodes.
    • Configure the system so that there is only one IPA Grid node per Data Area that processes workunits.
  2. Process Tuning
    Basic tips for improving processes/flows:

    • Most important factor is the number of nodes. Try to minimize the number of nodes in your flow as flows take approximately 5-20ms time between nodes and 2-5ms time per variable assignment. An important tip when trying to reduce nodes is to remember that values returned from a query or processing node will automatically be assigned an internal variable name that we can refer to. There is no need for an additional assignment.
    • When using a query to cycle through records and write to a file, using a MsgBuilder versus a FileAccess or Assign node is more efficient as it is keeping the records in memory to write all at once at a later time. FileAccess in between a query is the most inefficient as it requires opening and appending onto a file once for every record encountered.
    • Turning on logging will decrease flow performance so it should only be turned on when troubleshooting flow failure or performance issues. When a flow is failing, turn on Workunit and Activity Logging and turn this off when done troubleshooting. For performance issues, run the flow with Workunit only logging turned on.
    • When creating a large csv file, consider using SysCommand node instead of writing to a file by looping through records.

For more details and the most recently updated KB articles, refer/subscribe to:
KB 1671693 – IPA Support Best Practices

Favorite Filters for Admin Users in ServiceNow

, ,

When first logging into ServiceNow as an admin, it can be a bit overwhelming.

To narrow this down, you can “favorite” a few key filters to focus in on what’s important.

 

Simply go to the All Applications Tab and STAR a filter that works best for you as shown below:

My favorite filters are My Groups Work – Active and Closed, which show all tickets assigned to my group that are either Active and or Closed:

When you have your filters selected, go to your favorites tab and click a filter to see what results it narrows down:

This is one of the most useful features ServiceNow offers. Enjoy!

Resolving “Cannot run this program while GL 190 is running” error when trying to release journal entries in GL40.1

, ,

You may run into this error at some point in GL40.1:

Fortunately, there’s an easy fix to this. First login to Lawson portal and search GLMONITOR:

In GLMONITOR, type “GL190” and select Inquire. If you get results and notice the run time, the process is in fact still running and causing the issue with GL40:

Go to job scheduler by opening LID and typing in jobschd >> F7 + A to select all users >> Then W to go to waiting screen.

Look for any GL190 jobs running and verify the User Name is the same one in GLMONITOR when inquiring on GL190 program. Check the error and if its safe to recover, recover it and let the job complete.

Go back to GLMonitor and inquire on GL190 to verify the job is no longer running:

Go to GL40.1 and release your Journal Entries. This should solve the error. Good luck!

IFS Security Role Mass Assignment

, ,

To mass assign security roles to users in IFS, first go to Manage > Master Data. Select “Security Role” and click “Details”. Choose the Security Role for which you want to assign multiple users. On the right side of the screen, click the “Add” button. A list of all users will be displayed. Select the users who should be in that role and click Apply and/or Ok. Click Save at the top.

Upload Users to IFS

, ,

After your AD FS configuration, you will need to load users into IFS from LDAP. There is an option to search for each user and add them manually, but if you have a large group of Lawson users this can be time consuming. IFS also offers a mass upload using a CSV file. The CSV file needs to have a header, and the only value required is the samAccountName.

Create your CSV file, then go into Manage > Users in IFS. Click “Upload” and browse to your CSV file. Click Open and the users will be added into IFS.

Using IPA to Update SSOP Identity after AD FS Configuration

, ,

Once your AD FS configuration is done, you’ll need to update the SSOP identity with userPrincipalName for all of your users in Lawson Security.  IPA is a great tool for this task.

Some nodes that you’ll need include:

  • System Command – get AD users
    • Run a powershell command to get the samAccountName and userPrincipalName from Active Directory
    • powershell “Get-ADUser -Filter * -SearchBase ‘<OU Path (i.e. OU=Users,DC=company,DC=org)>’ | Select-object SamAccountName,UserPrincipalName | ConvertTo-Csv -NoTypeInformation”
  • Data Iterator to iterate through the results from the AD query
  • Resource Query
    • Get User by querying on SSOP value
    • <?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?><TRANSACTION user=”user@company.org” method=”getRMQuery”><SERVICE><![CDATA[SSOP]]></SERVICE><SERVICEATTRS><SERVICEATTR><NAME><![CDATA[USER]]></NAME><VALUE><![CDATA[<!samAccountName>]]></VALUE></SERVICEATTR></SERVICEATTRS><OBJECT><![CDATA[People]]></OBJECT><ATTRIBUTES><ATTRIBUTE><![CDATA[ID]]></ATTRIBUTE></ATTRIBUTES><OUTPUTSERVICEATTRS/></TRANSACTION>
  • Resource Update
    • Using the ID from your Resource Query, Update the SSOP service

How to Maximize Filezilla FTP Transfer Speed

, ,
  1. First, ensure that the Transfer mode is set to Passive in FileSite Manager Transfer Settings


    Passive mode is the recommended mode for client computers behind NAT or proxy. In active mode, the client must accept connection from the FTP server. In passive mode, the client always initiates the connection.
  2. Change Maximum Simultaneous Transfers to 10 in EditSettings Transfers

    As the name suggests, this increases the number of concurrent transfers that can occur to 10.

    If these tips do not improve your Filezilla transfer speed, it is probably due to some limit on your ISP or on the server you are connecting to. Some hosts place tight restrictions on FTP speeds so it may be worth contacting your ISP.

Troubleshoot NoClassDefFoundError (bouncycastle.x509)

, ,

After configuring LSF for AD FS, we encountered a 500 error after a login smoke test. The error was begin logged in SystemOut.log for our AppServer. The error message was:

[4/30/19 14:31:41:287 PDT] 000000e9 ServletWrappe E com.ibm.ws.webcontainer.servlet.ServletWrapper service Uncaught service() exception thrown by servlet SSOServlet: java.lang.NoClassDefFoundError: org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure

To troubleshoot this, we first regenerated and reloaded the ADFS Certificate to the LSF IdP Certificate in ssoconfig. This did not resolve the issue, so then we checked the java policy files. It turns out that the policy files were out-of-date. You need to update the policy files in JAVA_HOME and WebSphere. First, download the latest policy files from Oracle and IBM, and the BouncyCastle policy file from the BouncyCastle website.

To determine the directories which need the replacement files, first open a command line as administrator and type “where java”. This will show you where your main install of java is located. Go to this directory, then jre/lib/security and replace local_policy.jar and US_export_policy.jar. The BouncyCastle jar file will be located at jre/lib/ext. Matching files must also be stored in your WebSphere java home. To figure out where this directory structure will be, open SystemOut.log and scan for the last time the AppServer was started.  “Java Home” will be displayed there. The directory structure will be the same as your main java install.

Remember to backup/rename your old policy files and copy the new ones to these directories. You’ll have to stop your WebSphere services and kill all java processes before you can do this.

Modifying VMWare to use Microsoft Remote Desktop Protocol so you can Transfer Files Easier

, ,

First, you’ll need to connect to your installed VMWare Client:

Now before connecting to the virtual server, right click the connection and select Microsoft Remote Desktop:

Once this is selected, you’ll be able to connect to the host Virtual machine and use VMWare as if it was Microsoft Native Remote Desktop Protocol.

One of the biggest advantages of this is being able to copy and paste files to and from the VMWare client using CTRL + C and CTRL + V.

The other Protocol settings can be used as well.

VMWare Blast is optimized for mobile cloud and consumes less CPU in case you’re trying to save battery life.

PCoIP may be better optimized for use when a poor internet connection but results will likely be equal to the other options.