2 Deploying the Connector

Deploying the connector involves the following steps:

• Step 1: Verifying Deployment Requirements

• Step 2: Copying the Connector Files and External Code

• Step 3: Configuring the Target System

• Step 4: Configuring the PeopleSoft Listener

• Step 5: Importing the Connector Files

• Step 6: Configuring Reconciliation

• Step 7: Compiling Adapters

Step 1: Verifying Deployment Requirements

The following table lists the deployment requirements for the connector.

Item	Requirement
Oracle Identity Manager	Oracle Identity Manager release 8.5.3 or later
Target systems	PSFTBase
Target systems host platforms	Microsoft Windows

Step 2: Copying the Connector Files and External Code

The connector files to be copied and the directories to which you must copy them are given in the following table.

Note:

The directory paths given in the first column of this table correspond to the location of the connector files in the following ZIP file on the installation media:

Enterprise Applications\PeopleSoft Enterprise Applications\ PeopleSoft User Management Rev 1.0.0.zip

Refer to "Files and Directories That Comprise the Connector" for more information about these files.

File in the Installation Media Directory	Destination Directory
xml\PSFTBaseConnector.xml	xellerate_home\xlclient\ You may have to create the xlclient directory in the Oracle Identity Manager installation directory.
xml\PSFTBaseXellerateUser.xml	xellerate_home\xlclient\
lib\JavaTasks\PSFTBaseProvisioning.jar	xellerate_home\xellerate\JavaTasks
lib\ScheduleTask\PSFTBaseReconciliation.jar	xellerate_home\xellerate\ScheduleTask
The following files in the lib\ThirdParty directory: csv.jar peoplesoft.jar pshttp.jar psjoa.jar pstools.properties	xellerate_home\xellerate\ThirdParty
The following files in the base directory: AddEmp.txt CurrencyCode.txt EmailType.txt EmployeeId.txt LanguageCode.txt PermissionList.txt Populate.txt UserRoles.txt UserMgmtCBRecon.txt	xellerate_home\xellerate\scripts\ You may have to create the scripts directory in the Oracle Identity Manager installation directory.
docs\B31131_01.pdf docs\html	xellerate_home\xellerate\docs

Step 3: Configuring the Target System

Configuring the target system involves performing the following procedures:

• Creating the APIs for the Component Interface

• Creating the Java Template for the Component Interface

• Creating the Application Engine Program

Creating and Publishing the Message

Perform the following procedures to create and publish the message:

• Create the Message Channel

• Create the Message

• Publish the Message

Create the Message Channel

To create the message channel, perform the following steps:

1. Click Start, Programs, and Application Designer. The PeopleSoft Application Designer window is displayed.

2. Select New from the File menu. The New Definition dialog box is displayed.

3. Select Message Channel, and then click OK.

4. Save the new message channel as USR_MGMT_MSGCH.

5. Select Definition Properties from the File menu. The Message Channel Properties dialog box is displayed.

6. Select the Run option, and then select Archive Messages.

Create the Message

After creating the message channel, create the message as follows:

1. In the PeopleSoft Application Designer, select New from the File menu. The New Definition dialog box is displayed.

2. Select Message from the list.

3. Select Definition Properties from the File menu. The Message Properties dialog box is displayed.

4. Select the Use tab.

5. On the Use tab, select the USR_MGMT_MSGCH message channel and the version of the message that you just created.

6. Select Active to make the message an active message.

7. Save the message as USR_MGMT_MSG.

8. Right-click VERSION_1 and select the Insert Child Record property. A new window Insert Record will appear, to choose the records to be added to the Message.

9. Enter PSOPRDEFN in the Name field, and click the Insert button. The PSOPRDEFN record will be added to the message.

10. Repeat steps 8 to 9 for PSUSEREMAIL, PSOPRALIAS, and PSROLEUSER_VW records.

11. Clicking on each record will display all the fields pertaining to that record in the adjacent window on the right. Select only those fields which are required in the XML Message. Refer USR_MGMT_MSG.xml to find out the required fields.

12. Save the message again.

Publish the Message

To publish the message, perform the following steps:

1. Select Open from the File menu. The Open Definition dialog box is displayed.

2. Select Component from the Definition list, enter USERMAINT in the Name Selection Criteria field, and then press Enter. All component names starting with the text USERMAINT are displayed.

3. Select USERMAINT from the list, and then click Open. The details of the USERMAINT component are displayed.

4. Click the Structure tab, right-click USERMAINT, and then select View PeopleCode. The PeopleCode for the USERMAINT component is displayed.

5. Select the SavePostChange event from the list in the upper-left corner of the window. The PeopleCode for this event is displayed.

6. Copy the code given from the following file immediately after the import definitions in the PeopleCode for the SavePostChange event:

   xellerate_home\xellerate\Scripts\UserMgmtCBRecon.txt

7. Add the following function call at the end of the PeopleCode for the SavePostChange event:

   If Len(%CompIntfcName) = 0 Then
     Local string &OPID;
        &OPID = PSOPRDEFN.OPRID;
        GENERATEUSR(&OPID);
   End-If;
   
   

8. Select Save from the File menu to save the changes to the USERMAINT component.

Configuring PeopleSoft Enterprise Portal

PeopleSoft Enterprise Portal provides a single gateway to critical information in PeopleSoft User Management Reconciliation and other applications and systems. In order to use the PeopleSoft User Management Reconciliation connector, you must perform the following tasks:

• Configure the Gateway

• Create the USR_MGMT_NODE Remote Node

• Secure the USR_MGMT_MSG_CH Message Channel

Configure the Gateway

To configure the gateway, you have to set up the gateway, local node, remote node in the PORTAL. To do this, perform the following steps:

1. Open a Web browser and enter the URL for PeopleSoft Enterprise Portal. The URL for PeopleSoft Enterprise Portal is in the following format:

   http://servername/psp/Databasename/?cmd=login

   For example:

   http://psftserver.acme.com/TestDB/?cmd=login

2. Expand PeopleTools, Integration Broker, and then Gateways in the list on the portal page. The Gateway component details are displayed.

3. Enter LOCAL in the Integration Gateway ID, and then click Search. The LOCAL gateway is a default gateway that is created when you install PeopleSoft Enterprise Portal.

4. Ensure that the IP Address in the URL of the PeopleSoft listening connector is the IP address of the Web server where PeopleSoft is installed. The URL of the PeopleSoft listening connector is in the following format:

   http://computer_name/PSIGW/PeopleSoftListeningConnector

   For example:

   http://172.19.151.53/PSIGW/PeopleSoftListeningConnector

5. Click Load Gateway Connectors to load all target connectors that are registered with the LOCAL gateway.

6. Click Save.

   Note:

   Local gateway will be already defined when we install the People Soft. You need to provide the url and load the Target connectors.

Create the USR_MGMT_NODE Remote Node

To create the UST_MGMT_NODE remote node, perform the following steps:

1. Click PeopleTools, Integration Broker, Node Definitions on the left hand menu in PeopleSoft Enterprise Portal.

2. Click the Add a New Value tab. On the Add a New Value tab, enter the Node Name as USR_MGMT_NODE and click on Add button. The Node Definition page is displayed.

3. Enter description in the Description field. Make this node a remote node by deselecting the Local Node check box and selecting the Active Node check box.

4. Click the Connectors tab, and enter the following information:

   Gateway ID: LOCAL

   Connector ID: PSFT81TARGET

5. Perform a lookup.

6. In the Properties section, and enter the following information:

   Property ID: PSFT81TARGET

   Property Name: URL

   Required value: Enter the URL of the PeopleSoft servlet that will receive the XML message. This URL is in the following format:

   http://computer_name:port/peopleSoftUserMgmt/do/peopleSoftAction

   For example:

   http://172.21.109.75:8080/peopleSoftUserMgmt/do/peopleSoftAction

7. Click Save.

8. Click the Transactions tab, and then click Add Transaction. The Add Transaction page is displayed.

9. Enter the following details to define the new transaction:

   Transaction Type: Outbound Asynchronous

   Request Message: USR_MGMT_MSG

   Request Message Version: VERSION_1

10. Click Add.

11. To keep the status as active, select Active.

12. Click Save to save the changes.

Secure the USR_MGMT_MSG_CH Message Channel

After finishing the node configuration, you must provide security for the USR_MGMT_MSG_CH message channel. To do this:

1. Navigate to PeopleTools, Security, Permission & Roles, and Permission Lists.

2. Select AEAE1000. The AEAE1000 permission list is displayed.

3. Select the Message Monitor Tab, and then click the '+ ' Button to add a channel name.

4. Enter the channel name as USR_MGMT_MSG_CH.

5. Select Full Access from the list, and Click Save.

6. Navigate to PeopleTools, Integartion Broker, Monitor, Monitor Message, and then Channel Status to check the status of the message channel.

   Check if the status of the USR_MGMT_MSG_CH message channel is running. If the status is Pause, then click the Run button to activate it.

Creating the APIs for the Component Interface

To create the APIs for the Component interface:

1. Open the Application Designer by clicking Start and then selecting Programs, Peoplesoft8.9hcm, and Application Designer. The Application Designer window is displayed.

2. In the Application Designer window, select Open from the File menu. The Open Definition dialog box is displayed.

3. In the Open Definition dialog box, select Component Interface from the Definition list.

4. Enter USER_PROFILE in the Name field, and then press Enter.

   All the Component interfaces with names that start with USER_PROFILE are displayed in the Open Definition dialog box.

5. Select the USER_PROFILE entry, and then click Open.

6. Click Yes in the message that is displayed. The properties of the USER_PROFILE Component interface are displayed.

7. In the window for the USER_PROFILE Component interface, select PeopleSoft APIs from the Build menu. The Build PeopleSoft API Bindings dialog box is displayed.

8. In the Java Classes area of the Build PeopleSoft API Bindings dialog box, select the Build check box.

9. In the Target Directory field, specify the path of the directory in which you want the APIs to be created and then click OK.

Creating the Java Template for the Component Interface

To create the Java template:

1. On the right pane of the window for the USER_PROFILE Component interface, right-click USER_PROFILE.

2. Select Generate Java Template from the shortcut menu. A message showing the name and path of the Java template is displayed.

3. Click OK to close the message.

Creating the Application Engine Program

The reconciliation process requires the Application Engine program to be run in 2-Tier mode. You can run the application designer in this mode by selecting Connection Type as the database on the PeopleSoft sign-on screen. In addition, the database client must also be installed on the server used for accessing the application designer.

To create the Application Engine Program, perform the following steps:

1. Click Start, Programs, Peoplesoft8.9hcm, and then Application Designer. The Application Designer window is displayed.

2. Select New from the File menu. The New Definition dialog box is displayed.

3. Select Application Engine from the Definition list. The App Engine Program window is displayed.

4. Select Action from the Insert menu.

5. Add a step named currency.

6. In the App Engine Program window, select Action from the Insert menu.

7. From the list, select PeopleCode.

8. Click Save from the File menu to save the PeopleCode action.

9. Double-click the PeopleCode action.

10. Copy the code from the CurrencyCode.txt file, which is in the xellerate_home\xellerate\scripts directory. The code has a default value for the output reconciliation file where the reconciled data is stored.

11. Change the value to an appropriate location on the PeopleSoft server.

12. Save the PeopleCode action.

13. Repeat Steps 5 through 11 to create the steps listed in the following table.

    Step Name	File Containing the PeopleCode
    currency	CurrencyCode.txt
    language	LanguageCode.txt
    emplid	EmployeeId.txt
    userrole	UserRoles.txt
    permiss	PermissionList.txt
    EmailType	EmailType.txt

    
    

14. Save the Application Engine Program with the name BLKPRCS_USER.

Running the Application Engine Program

To run the Application Engine Program, perform the following steps:

1. Open the application designer in 2-Tier mode.

2. Provide the correct connection type, user ID, and password.

3. Click the File menu, and open the application engine program, which you just created.

4. Click the RUN PROGRAM control that exists on the bar just below the Menu bar, on the extreme right. The code written on the peoplecode action will get executed.

The comma separated files will get created on the specified location mentioned in the code.

Step 4: Configuring the PeopleSoft Listener

This section describes how to configure the listener for the PeopleSoft User Management connector. In the following instructions, xellerate_home refers to the local Oracle Identity Manager Server installation directory.

To configure the PeopleSoft Listener:

1. Copy the peopleSoftUserMgmt.war file from the lib directory into a temporary directory.

2. Enter the following command to extract the WAR file in the temporary directory:

   jar –xvf  peopleSoftUserMgmt.war
   
   

3. Edit the attributemap.properties file in the top-level directory. This file contains the mapping between the PeopleSoft attributes that the XML feed will contain and the corresponding Oracle Identity Manager attribute. You must modify this file on the basis of the local configuration. Apply the following guidelines when you modify this file:

   1. Obtain the XML schema of the PeopleSoft XML feed from the PeopleSoft administrator.

   2. Obtain the xpath of all the PeopleSoft attributes. This is the complete path of the attribute from the root node in the XML file.

   3. Modify the attributemap.properties file by entering name-value pairs. Here, name is the Oracle Identity Manager field name and value is the PeopleSoft attribute xpath from the XML feed.

4. Edit the deployment.properties file in the top-level directory. This file contains the message property, which corresponds to the name of the XML message from the PeopleSoft feed. The default value of this attribute is USR_MGMT_MSG. Obtain the correct value for this attribute from the PeopleSoft administrator.

5. Edit the xlsession.properties file in the top-level directory. This file contains the following Oracle Identity Manager connection parameters.

   • ObjectName: This is the name of the resource object in Oracle Identity Manager against which the reconciliation event is created. The default value is PSFTBase. However, for nontrusted reconciliation, you can change it to any other resource object.

   • Username: This is the user name for logging in to Oracle Identity Manager. The default value is xelsysadm.

   • Password: This is the password for logging in to Oracle Identity Manager. The default value is xelsysadm.

6. Edit the xlclient.properties file in the top-level directory. This file contains the following system properties that enable an API client to communicate with Oracle Identity Manager:

   • xl.homedir: This property identifies the Oracle Identity Manager Client directory. Typically, the Oracle Identity Manager client directory is xellerate_home\xlclient.

   • java.security.policy: This property identifies the path of the security policy file. Typically, this file is located in the xellerate_home\xlclient\config\ directory.

   • java.security.auth.login.config: This property identifies the path of the authentication configuration file. Typically, this file is located in the xellerate_home\xlclient\config\ directory.

     Each application server uses a different authentication configuration file:

     IBM WebSphere Application Server: authws.conf

     BEA WebLogic Application Server: authwl.conf

     JBoss Application Server: auth.conf

   • java.naming.provider.url: This property identifies the JNP URL of the application server. This value is in the <Discovery><CoreServer><java.naming.provider.url> tag of the xellerate_home\xlclient\config\xlconfig.xml file.

7. Edit the following properties in the configureReconciliation.properties file from the top-level directory:

   • reconciliationMode: This property can accept one of two possible values:

     • If reconciliation is to be performed in a trusted mode, then set the reconciliationMode property to trusted.

     • If reconciliation is to be performed in a nontrusted mode, then set the reconciliationMode property to nontrusted.

   • Serverdateformat: This property contains the date format that is used for the PeopleSoft server. You can select one of the following date formats:

     • dd-mmm-yy

     • ddmmyy

     • yyddmm

     • yymmdd

   • xellerateOrganization: This property contains the name of the organization. The default value of this parameter is Xellerate Users. The value that you assign to this property must exist in Oracle Identity Manager.

   • nullDate: This property contains the default value for a date field. The value is 2200/01/01 00:00:00 PST. This value is used if the date field is left empty.

   • PeoplesoftstartingYEAR: The year is specified in two digits. If the number represented by these two digits (xx):

     • Is greater than or equal to 50, then it is assumed that the year is 19xx.

     • Is less than 50, then it is assumed that the year is 20xx.

     This specifies a range of 1950 to 2049 for the year.

8. Copy the following files from the xellerate_home\xellerate\lib directory to the WEB-INF\lib directory:

   • wlXLSecurityProviders.jar

   • xlAPI.jar

   • xlAuthentication.jar

   • xlBackOfficeBeans.jar

   • xlBackofficeClient.jar

   • xlCache.jar

   • xlCrypto.jar

   • xlDataObjectBeans.jar

   • xlDataObjects.jar

   • xlLogger.jar

   • xlUtils.jar

   • xlVO.jar

   Copy the following files from the xellerate_home\xellerate\ext directory to the WEB-INF\lib directory:

   • oscache.jar

   • javagroups-all.jar

9. Delete the peopleSoftUserMgmt.war file from the temporary directory where you extracted it, and then use the following command to re-create the file:

   jar –cvf  peopleSoftUserMgmt.war
   
   

10. You must restart the Oracle Identity Manager server and client before deploying the re-created WAR file. In addition, before you start the Oracle Identity Manager server and client, ensure that the peopleSoftApp.war file does not exist in the application server (JBoss, WebSphere, or WebLogic) deployment directory and in the xellerate_home\xellerate\webapp directory. If it does, then it must be deleted.

    If you use JBoss and log4j, then logs are produced and archived on a daily basis in the jboss_server_home_dir/log/server.log directory, where jboss_server_home_dir is the parent directory in which JBoss is installed. For the other application servers, the log file is created and saved in the corresponding log directories.

Step 5: Importing the Connector Files

To import the connector files into Oracle Identity Manager:

1. Open the Oracle Identity Manager Administrative and User Console.

2. Click the Deployment Management link on the left navigation bar.

3. Click the Import link under Deployment Management. The Deployment Manager - Import page is displayed, along with a dialog box for locating files.

4. Locate and open the PSFTBaseConnector.xml file, which is in the xellerate_home\xlclient directory. The Deployment Manager page is displayed.

5. In the Deployment Manager page, click Add File. The File Preview window showing the details of the selected file is displayed.

6. Click Next. The Substitution page is displayed.

7. Click Next. The Confirmation page is displayed.

8. Click Next. The Provide IT Resource Instance Data page for the PSFT Base Server IT resource is displayed.

9. Specify values for the parameters of the PSFT Base Server. Refer to the table in the "Defining IT Resources" section for information about the values to be specified.

10. Click Next. The Provide IT Resource Instance Data page for a new instance of the PSFT Base Server is displayed.

11. Click Skip to specify that you do not want to define another IT resource. The Confirmation page is displayed.

12. Click View Selections.

    The contents of the XML file are displayed in the Deployment Manager - Import page. You may see a cross-shaped icon along with some nodes. You must remove these nodes. To do this, right-click each such node and then select Remove.

13. Click Import. The connector file is imported into Oracle Identity Manager.

14. If you plan to use the connector in trusted source reconciliation mode, then perform the same procedure to import the PSFTBaseXellerateUser.xml file. This file is in the xellerate_home\xlclient\ directory.

    Caution:

    Only one connector can be configured as a trusted source. If you import the PSFTBaseXellerateUser.xml file while you have another trusted source configured, then both connector reconciliations would stop working.

After you import the connector XML file, proceed to the "Step 6: Configuring Reconciliation" section.

Defining IT Resources

You must specify values for the PSFT Base Server IT resource parameters listed in the following table.

IT resource type : PSFTBase

IT resource : PSFT Base Server

Parameter Name	Description
Admin	User Id of PeopleSoft User Management Server Administrator Default value: PS
AdminCredentials	Password of Administrator
ComponentInterfaceName	Component interface used to load user data in PeopleSoft User Management Default value: USER_PROFILE
ServerName	IP address or computer name of the PeopleSoft User Management server Sample Value:172.21.100.197
ServerPort	Port number at which the PeopleSoft User Management Server is listening Default values:9000
IsDebug	Debug feature The value can be YES or NO. The default value is NO.
IsSecure	Specify whether or not SSL feature is enabled The value can be YES or NO. The dafault value is NO.
SymbolicId	SymbolicId is used to find out the AccessId assosiated with the user profile. This AccessId tells whether ther user has sufficient privileges on the PeopleSoft database or not. PS89

After you specify values for these IT resource parameters, go to Step 9 of the procedure to import connector XML files.

Step 6: Configuring Reconciliation

Configuring reconciliation involves creating scheduled tasks for Lookup Fields and User reconciliations. To create the schedule tasks:

1. Open the Oracle Identity Manager Design Console.

2. Expand the Xellerate Administration folder.

3. Select Task Scheduler.

4. Click Find. The details of the predefined scheduled tasks are displayed on two different tabs.

5. Enter a number in the Max Retries field. This number represents the number of times Oracle Identity Manager should attempt to complete the task before assigning the ERROR status to the task.

6. Ensure that the Disabled and Stop Execution check boxes are cleared.

7. In the Start region, double-click the Start Time field. From the date-time editor that is displayed, select the date and time at which you want the task to run.

8. In the Interval region, set the following schedule parameters:

   • To set the task to run on a recurring basis, select the Daily, Weekly, Recurring Intervals, Monthly, or Yearly option.

     If you select the Recurring Intervals option, then you must also specify the time interval at which you want the task to run on a recurring basis.

   • To set the task to run only once, select the Once option.

9. Provide values for the attributes of the scheduled task. Refer to the appropriate table in the "Specifying Values for the Scheduled Task Attributes" section for information about the values to be specified.

10. Click Save. The scheduled task is created. The INACTIVE status is displayed in the Status field, because the task is not currently running. The task is run at the date and time that you set in Step 7.

11. Repeat Step 5 through 10 to create the second scheduled task.

Specifying Values for the Scheduled Task Attributes

This section provides information about the values to be specified for the following Scheduled Task.

• User Reconciliation Scheduled Task

• Lookup Fields Reconciliation Scheduled Task

User Reconciliation Scheduled Task

You must specify values for the following attributes of the user reconciliation scheduled task.

Note:

Attribute values are predefined in the connector XML file that you import. Specify values only for those attributes that you want to change.

Attribute Name	Attribute Value
MultiValueSeperator	## is the multivalue seperator in the flat file(Reconciliation file)
ServerName	Name of the IT resource instance Default Value: PSFTBase
IsTrusted	Specifies the mode of reconciliation, trusted or nontrusted The value can be Yes or No. The default value is No.
XellerateOrganization	Default value for the Oracle Identity Manager Organization name This value is used to create the Xellerate User in trusted mode.
FolderPath	Folder path of the flat file(.txt file) from where reconciliation will take place. The Scheduled task will reconcile all the files present in this folder.
TargetSystem	Name of the resource object. Default Value: PSFTBase

After you specify values for these task attributes, go to Step 10 of the procedure to create scheduled tasks.

Lookup Fields Reconciliation Scheduled Task

You must specify values for the following attributes of the Lookup Fields reconciliation scheduled task.

Attribute Name	Attribute Value
ServerName	Name of the IT resource instance Default Value: PSFTBase Server
LookupType	The type of data that is being looked up in the target system. The value can be one of the following: EmployeeId LanguageCode EmailType CurrencyCode PermissionList UserRoles
FilePath	File Path is the Path where the Reconcilation lookup txt file will reside. It will reside on the OIM Server. The Administrator can give any path here. Sample Value: C:\PSFTBase\LookupRecon\EmployeeIds.txt
LookupName	The name of the lookup definition configured in OIM. The value can be one of the following: Lookup.PSFTBase.EmployeeId Lookup.PSFTBase.LanguageCode Lookup.PSFTBase.EmailType Lookup.PSFTBase.CurrencyCode Lookup.PSFTBase.PermissionList Lookup.PSFTBase.Roles
TargetSystem	Name of the resource object Default Value: PSFTBase

Step 7: Compiling Adapters

The following adapters are imported into Oracle Identity Manager when you import the connector XML file. You must compile these adapters before you can use them to provision accounts on the target system.

• adpPSFTCREATEUSER

• adpPSFTUPDATEUSER

• adpPSFTRESETPASSWORD

• adpPSFTUNLOCKUSER

• adpPSFTLOCKUSER

• adpPSFTUPDATEUSEREMPID

• adpPSFTADDORDELETEROLE

• adpPSFTADDORDELETEEMAIL

To compile adapters by using the Adapter Manager form:

1. Open the Adapter Manager form.

2. To compile all the adapters that you import into the current database, select the Compile All option.

   To compile multiple (but not all) adapters, select the adapters you want to compile. Then, select the Compile Selected option.

3. Click Start. Oracle Identity Manager compiles the adapters that you specify.

To view detailed information about an adapter:

1. Highlight the adapter in the Adapter Manager form.

2. Double-click the row header of the adapter, or right-click the adapter.

3. Select Launch Adapter from the shortcut menu that is displayed. Details of the adapter are displayed.

Note:

To compile multiple adapters simultaneously, use the Adapter Manager form. To compile one adapter at a time, use the Adapter Factory form. Refer to Oracle Identity Manager Tools Reference Guide for information about how to use these forms.