Oracle® Identity Manager Connector Guide for PeopleSoft User Management Release 9.0.1 Part Number B31131-01 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for PeopleSoft User Management is used to integrate Oracle Identity Manager with PeopleSoft User Management.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
The following table describes the functions that are available with this connector.
Functionality | Type | Description |
---|---|---|
Add User | Provisioning | Creates a user account |
Password Updated | Provisioning | Updates the password of a user |
User Description Updated | Provisioning | Updates the description of a user |
Multi Language Code Updated | Provisioning | Updates the multilanguage code of a user |
Primary Email Address Updated | Provisioning | Updates the e-mail address of a user |
Primary Email Type Updated | Provisioning | Updates the e-mail address type of a user |
Language Code Updated | Provisioning | Updates the language code of a user |
Currency Code Updated | Provisioning | Updates the currency code of a user |
Employee Id Updated | Provisioning | Updates the employee ID of a user |
Primary Permission List Updated | Provisioning | Updates the Primary Permission list of a user |
Process Profile Permission List Updated | Provisioning | Updates the Process Profile Permission list of a user |
Navigator Home Permission List Updated | Provisioning | Updates the Navigator Home Permission list of a user |
Row Security Permission List Updated | Provisioning | Updates the Row Security Permission list of a user |
User Id Alias Updated | Provisioning | Updates the user ID alias of a user |
Add RoleName | Provisioning | Adds a role name to a user account |
Delete RoleName | Provisioning | Deletes a role name from a user account |
Add EmailAddress | Provisioning | Adds an e-mail address to a user account |
Delete EmailAddress | Provisioning | Deletes the e-mail address of a user |
Enables a User | Provisioning | Enables a PeopleSoft user |
Disables a User | Provisioning | Disables a PeopleSoft user |
Reconcile Lookup Field | Reconciliation | Reconciles the lookup fields |
Reconcile User Data | Reconciliation | Trusted mode: Reconciles user data from PeopleSoft User Management to Oracle Identity Manager. A corresponding user is created in Oracle Identity Manager. If the user already exists in Oracle Identity Manager, then this user is updated.
Nontrusted mode: Reconciles user data from PeopleSoft User Management to Oracle Identity Manager. A user is not created in Oracle Identity Manager. |
This section describes the elements that the reconciliation module extracts from the target system to construct reconciliation event records.
Reconciliation can be divided into the following topics:
Lookup fields reconciliation involves reconciling the following lookup fields:
LanguageCode
EmployeeId
CurrencyCode
PermissionList
EmailType
UserRoles
User reconciliation involves reconciling the following fields of PeopleSoft User Management:
UserId
UserDescription
EmployeeId
PrimaryEmailId
PrimaryEmailType
MultiLanguageCode
LanguageCD
CurrencyCode
Alias
RowSecurityPermission
ProcessProfilePermission
NavigatorHomePagePermission
PrimaryPermission
EmailAddress
EmailType
Role
The connector supports user data reconciliation in two different ways.
Bulk Reconciliation (First-Time Reconciliation)
This type of reconciliation is performed to reconcile existing users using a flat file. The flat file is generated using an Application Engine program written in PeopleCode. This program is run using PeoplSoft Application Designer.
Change-Based Reconciliation
This type of reconciliation is performed using PeopleSoft Application Messaging Architecture. In change-based reconciliation, data for any newly created or updated user is reconciled at predefined intervals.
The changed-based reconciliation mechanism reconciles user data by using the following components:
A PeopleCode trigger, which generates an XML message containing updated information
Attribute definitions (usually resource parameters) to be synchronized
A Web service that acts as a passive listener for XML feeds from PeopleSoft
An XML file, USR_MGMT_MSG.xml
, that defines the schema of the XML message received from PeopleSoft.
The steps involved in the synchronization process from PeopleSoft to Oracle Identity Manager are as follows:
User information is updated in PeopleSoft, activating a PeopleCode trigger.
The PeopleCode trigger generates an XML message containing the updated user information and sends it to the listener for the PeopleSoft User Management connector.
The listener forwards the XML message to the PeopleSoft User Management connector.
The PeopleSoft User Management connector uses HTTP to send the XML message to Oracle Identity Manager.
Oracle Identity Manager receives the XML message and creates a reconciliation event.
Figure 1-1 illustrates the synchronization process from PeopleSoft User Management Reconciliation to Oracle Identity Manager.
Figure 1-1 Synchronization Process from PeopleSoft User Management Reconciliation to Oracle Identity Manager
The files and directories that comprise this connector are compressed in the following ZIP file on the installation media:
Enterprise Applications\PeopleSoft Enterprise Applications\PeopleSoft User Management Rev 1.0.0.zip
These files and directories are listed in the following table.
File Name with Path | Description |
---|---|
xml\PSFTBaseConnector.xml |
This XML file contains the following components of the connector:
|
xml\PSFTBaseXellerateUser.xml |
This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode. |
lib\JavaTask\PSFTBaseProvisioning.jar |
This JAR file contains the class files that are required for provisioning. |
lib\ScheduleTask\PSFTBaseReconciliation.jar |
This JAR file contains the class files that are required for reconciliation. |
lib\peopleSoftUserMgmt.war |
This WAR file contains the PeopleSoft listener Web application. It contains all the classes and configuration files required for the Web application to run. |
PeopleSoft\test\psft-xel-test.vbs |
This VBScript file is used to test the PeopleSoft listener Web service by creating XML feeds similar to the ones created by PeopleSoft User Management Reconciliation. |
PeopleSoft\test\pingRequest.xml PeopleSoft\test\pingResponse.xml PeopleSoft\test\publishRequest.xml PeopleSoft\test\publishResponse.xml |
These XML files are required by the psft-xel-test.vbs file for communicating with the PeopleSoft listener Web service using XML over HTTP. |
PeopleSoft\test\USR_MGMT_MSG.xml |
This XML file is used by the psft-xel-test.vbs file to define the schema of the XML message that is received from PeopleSoft. |
The following files in the lib\ThirdParty directory:
|
The csv.jar file is the list of utility files, which are used to read Comma Seprated values. The peoplesoft.jar file is the set of class files. |
The following files in the base directory:
|
These files contain the PeopleCode for the steps that you define for the Application Engine program. Refer to "Creating the Application Engine Program" for details. |
The following file in the base directory:
UserMgmtCBRecon.txt |
This file contain the PeopleCode for the SavePostChange event while performing the "Publish the Message" procedure. |
docs\B31131_01.pdf docs\html |
These are PDF and HTML versions of this guide, which provides instructions on deploying the connector. |
The "Step 2: Copying the Connector Files and External Code" section provides instructions to copy these files into the required directories.