Who is the author of an M3 mod?

Today I needed to find who is the developer of an M3 customer modification. There is a bug in the MForms Bookmark of program M3 Customer. Connect Addresses – OIS002 which the developer modified for our customer’s needs, and I needed to report the bug to that developer. But I do not have the MAK training nor tool, so I cannot easily see the list of modifications and their authors. My colleague Shashank remind me of the following answer in M3 Server View.

  1. Go to M3 Server View (from the Grid Management Pages, or from LifeCycle Manager):
    0
  2. Find the interactive subsystem that is running the program (in my case OIS002), and select Tools:
    1
  3. Select Find Class:
    2
  4. Search for the M3 program (in my case OIS002):
    3
  5. The line with the customer class will give the file path, version, author, date, and unique ID (in my case I found the author, Rajesh):
  6. Note: Up to here, we can access this page anonymously, without being an authenticated user nor an administrator (security vulnerability anyone?)
  7. Now, if we have access to the M3 Business Engine file system, we can open the file itself and see the full list of developers; in my case the file is at:
    D:\Infor\M3BE\env\M3BE_15.1_TST\Fix\CUS\VFix\src\mvx\app\pgm\customer\OIS002.java:
    5

That’s it.

Let me know in the comments below if you have other tips. Click Like. Share this post with your colleagues. Click Follow to subscribe. And come write the next blog post with us. This is a volunteer-based community, and your participation keeps this blog going. And send some love to the other M3 blogs too. Thank you.

Published by

thibaudatwork

M3 Technical Consultant

9 thoughts on “Who is the author of an M3 mod?”

  1. Note: Up to here, we can access this page anonymously, without being an authenticated user nor an administrator (security vulnerability anyone?)

    Already logged a case for that, you can actually do a lot more without logging in with some applications. The biggest issue was MEC, but that’s solved. Infor noted that a firewall should handle the access to the admin pages, but they are accessable through the default router..

    Remco.

    Like

  2. We have the same concern. The Management page can be launched by any users. Is there a way to disable the web page, such as to remove the app from the server?

    Like

    1. Yes, the general Infor Grid Management Page /grid/info.html is public on its network, revealing hostnames, port numbers and more, and I don’t think you can remove it. It’s OK if you trust your internal network and your users, which is not always safe. Surely don’t put your Infor Grid on the Internet as that would definitely be unsafe. As for the individual Grid application pages (e.g. M3BE, MWS, MEC, Mango, etc.), they are restricted by role and require authentication. I’m not a Grid administrator so you should double check with the Grid admin guide.

      Like

      1. Dear Thibaud,

        Thanks for your reply. You are right that it is difficult to remove it, as LSO and the web page is sharing the same protocol and the port. However, I just figure out a solution based on packet analysis, which would identify the web page visit and have the remote IP address blocked by using IPSec. It works quite well by identifying and blocking three IP addresses from our UK division.

        I would like to share the solution at your website. Do you think it is possible? I have learned a lot from your posts and would like to make some contributions.

        Best Regards,
        Warren

        warren.hou@fennerseals.com

        Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s