Creating Unix users for Lawson Scope of this document Every Unix operating system has a built in tool to create basic user accounts. Often savvy Systems Administrators will script their own to add their personal twist on how accounts are created. Different systems default to different shells and the creation/location of home directories becomes a religious issue. We're not here to challenge (or change) any of the above. In the document that follows I hope to enlighten you as to the requirements of the Lawson system and give you options that you can use or ignore in implementing them. Shells Most Unices ship with at least the Bourne Shell - sh, the Korn Shell - ksh and the C Shell - csh. Lawson requires at least the Bourne Shell capabilities, but most clients implement Korn Shell, as it contains all the Bourne Shell functionality and several extensions which make it even more useful. Lawson does not typically recommend the C Shell due to it's more scientific nature and lack of scripting support. Home Directories Lawson doesn't care where you put your home directories, so long as they are defined in /etc/password. I've seen many possible configurations and they've all worked quite satisfactorily. I did see one unique configuration that I highly recommend, particularly to clients who keep their users away from the commandline. Most SysAdmins create a unique home directory for each login ID, giving them a place to maintain personal files, and modify their environment to meet their individual tastes. This creates issues going forward because SysAdmins must clean up all those home directories whenever users leave and keep them trimmed down so the file system does fill. With users locked inside a menu system and away from the commandline, the need for multiple home directories is eliminated . Uses can share a single home directory and a single .profile, especially configured to present the Lawson System. This means that .profile changes only need be made once to affect all users, the SysAdmin doesn't have to chase through multiple directories looking for files to trim/delete and the only cleanup when a user leaves is to delete the account from Unix and Lawson. Of course this idea is only for the standard Lawson Application user. SysAdmins and Developers should have their own home directories. The above idea is only presented for your consideration, to use if and as you see fit. This suggestion will seem like heresy to some SysAdmins and be embraced as elegant by others. The .profile Lawson STRONGLY suggests that end users be locked away from the Unix commandline. We have a saying that goes, "Give a user the command line and throw your security out the window." To do this in it's simplest format requires 4 lines be tacked to the bottom of each user's .profile. Below I'll list them and an explanation of what they mean: # Load the environment specific variables to interact with lawson . /lawdir/sytem/profile # Set the variable that allows me to use the LID GUI screens export LATERM=univwin # Execute the default Lawson menu for a single productline exec lapm productline lamn # If for any reason I leave the Lawson system, immediately log me out # so I can't execute any more commands exit This simple functionality can be extended to allow the user multiple options while still keeping them locked inside the menu environment. It's possible to present a script to allow the user to choose which interface they want (text or GUI), which productline they wish to work in, and even which program they wish to execute. It involves creating a script with the required functions and inserting it behind the 'exec' command: exec /directory/path/to/my.menu Below is an example script that presents a choice of Text or GUI interface (assuming user logs in with LID) but also catches and properly processes the Windows GUI login. It also contains 2 of the lines listed above. It resides in /lawson/scripts and implementing it is as simple as adding 2 lines to the end of .profile: exec /lawson/scripts/login.menu productline exit where productline is the Productline that you want to use. #################################################### # Lawson Login Menu # J. David Schronce, Lawson Software # Mon Jul 21 21:37:25 EDT 2003 #################################################### # source the lawson environment variables . /lawson/lawdev/apps/system/profile PLINE=$1 DEFAULTMENU=lamn SCRIPTDIR=/lawson/scripts # Set up the terminal: if [ "$TERM" = "" ] then export TERM=vt100 else eval ` tset -s -Q ` fi stty erase "^H" kill "^U" intr "^C" eof "^D" stty hupcl ixon ixoff tabs # Set up the search paths: PATH=$PATH:. # Set up the shell environment: set -u trap "clear;echo;echo 'Disconnected from Lawson session';date;echo" 0 # Set up the shell variables: EDITOR=vi export EDITOR clear # Display the menu echo " \n\n\n\n\n\n" echo " `tput smso` Select Lawson Client Run Mode `tput rmso`" echo echo " 1. Lawson Desktop Terminal Client " echo echo " 2. Lawson GUI Client" echo echo " 0. Disconnect Session\n\n" response=BAD while [ "$response" = "BAD" ] do echo " Enter Choice >2<\b\b\c" read response case $response in 1) # Display as text export LATERM=pt80-e lapm $PLINE $DEFAULTMENU exec $SCRIPTDIR/login.menu $PLINE;; 2|"") # Display as GUI export LATERM=univwin lapm $PLINE $DEFAULTMENU exec $SCRIPTDIR/login.menu $PLINE;; 0) # Exit and logout exit ;; # This section handles GUI logins "setenv LATERM univwin") eval $response read response eval $response read response eval $response;; *) response=BAD ;; esac done