Skip to Main Content
Return to Navigation

Configuring the LDAP Directory

This section provides an overview of LDAP directory configuration and discusses how to:

Understanding LDAP Directory Configuration

The Configure Directory component (PSDSSETUP) contains four pages that you use for specifying connection information and testing directory server connections.

To enable your PeopleSoft system to successfully connect to your directory server, you must enter the appropriate connection information. This information includes the server name (DNS or IP address) and the listening port number. You also must enter the user distinguished name (User DN) and associated password.

The PeopleSoft application server uses the User DN and password to connect to the LDAP server to retrieve user profile information about the specific user signing in to the system. The User DN must reflect a user with the appropriate LDAP browse rights.

Specifying Network Information for LDAP

Access the Configure Directory - Directory Setup page (select select PeopleTools, then select Security, then select Directory, then select Configure Directory and click the Directory Setup tab).

Image: Configure Directory - Directory Setup page

This example illustrates the fields and controls on the Configure Directory - Directory Setup page.

Configure Directory - Directory Setup page
Directory ID

Displays the directory connection that you are creating. The directory ID that you enter can identify a specific LDAP server or a collection of LDAP servers, depending on how many servers you add in the Server Name section.

Description

Enter a description of the directory connection.

Directory Product

Select your directory product from the list of options.

Default Connect DN (default connect distinguished name)DNsconnecting to LDAP servers

Displays the default connect DN associated with the directory ID that you entered or selected on the initial search page. The connect DN is the ID that you can use to connect to the directory server. You can enter an alternative connect DN.

Password

Enter the password associated with the directory-based account that appears in the Default Connect DN field.

Note: The password is stored in encrypted form in the database; not even individuals with administration access to the database can view the password.

Server Name

Add LDAP directory servers to a connection list. You can add multiple servers for failover purposes using the plus button. All servers you add must participate in the same directory service.

LDAP Server

Identify a specific LDAP server. You can use the DNS name or you can use IP address dotted notation. For example, either of the following formats is acceptable: ldap12.yourcompany.com or 192.201.185.90.

Port

Enter the port number on which the LDAP server is configured to receive search requests. The standard LDAP port is 389. If you do not specify the correct port, PeopleSoft Directory Interface cannot exchange data with your LDAP server.

SSL Port

If you are implementing SSL, enter the SSL port on the LDAP server.

Specifying Additional Connect DNs

Access the Additional Connect DN’s page (select select PeopleTools, then select Security, then select Directory, then select Configure Directory and click the Additional Connect DN's tab).

Image: Configure Directory - Additional Connect DN's page

This example illustrates the fields and controls on the Configure Directory - Additional Connect DN's page.

Configure Directory - Additional Connect DN's page

The PeopleSoft application server uses the user DN and password specified on this page to connect to the LDAP server to retrieve user profile information about the specific user signing in to the system. The user DN must reflect a user with the appropriate LDAP browse rights.

Note: You will not see any available schema extensions unless you have installed the PeopleSoft Directory Interface.

User DN

Add any DNs that you need in addition to the default connect DN that you entered on the Directory Setup page. The default user ID is most likely an administrative ID. This value enables you to set up a more secure user ID for the scope of the mapping.

Password

For each additional DN that you enter, add the corresponding password.

Installing Selected PeopleSoft-Specific Schema Extensions

Access the Schema Management page (select select PeopleTools, then select Security, then select Directory, then select Configure Directory and click the Schema Management tab).

Image: Configure Directory - Schema Management page

This example illustrates the fields and controls on the Configure Directory - Schema Management page.

Configure Directory - Schema Management page

Note: Unless you have installed the PeopleSoft Directory Interface product, you might not have any PeopleSoft schema extensions available to you.

Note: The Schema Management page enables you to add PeopleSoft-delivered object classes and attribute types to your directory. If you add attributes and object classes using the Schema Management page, you must also delete them using this page.

Apply

Select this check box to apply the selected schema extension type to your directory.

Type

Displays the type of schema extension, either Object Class or Attribute Type.

Name

Displays the schema extension name.

Object Identifier

Displays the schema extension object identifier. The sequence 1.3.6.1.4.1.2810.20 identifies the object as a PeopleSoft object. The second to last number is either a 1 or a 2. A 1 indicates an object class type and a 2 indicates an attribute type. The last number indicates the sequence in which the extension was created.

Revision

Displays the number of times the schema extension was revised.

Details

Click to display details about the selected schema extension in the Details region at the bottom of the page.

Select All

Click to select all the schema extensions to apply to your directory.

Deselect All

Click to deselect every schema extension.

Apply

Click to apply the selected schema extensions to your directory.

Details

When you click a schema extension Details button, the system displays the details of that extension. In addition to the object identifier and name, you may also be interested in the Superiors detail, which indicates which extensions, if any, are above this one in the hierarchy. Also of interest is the Type detail, which indicates whether the schema extension is a mandatory, optional, or auxiliary extension.

Schema Cache Information

For convenience, you can use the Schema Cache Process link to transfer you to the Schema Cache page so that you can invoke the Schema Cache process. Last Update Date/Time and Last Update User ID enable you to monitor the frequency of updates as well as the last administrator to run the process.

Testing Connectivity

Access the Test Connectivity page (select select PeopleTools, then select Security, then select Directory, then select Configure Directory and click the Test Connectivity tab).

Image: Configure Directory - Test Connectivity page

This example illustrates the fields and controls on the Configure Directory - Test Connectivity page.

Configure Directory - Test Connectivity page

The page displays the results (SUCCESS or FAIL) of the connectivity test. If connectivity fails, modify the connect information on the Directory Setup and Additional Connect DN’s pages.