Oracle® Identity Manager Connector Guide for PeopleSoft User Management Release 9.0.2 Part Number B32167-01 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for PeopleSoft User Management is used to integrate Oracle Identity Manager with PeopleSoft User Management.
Note: Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle. |
This chapter contains the following sections:
The following table lists the functions that are available with this connector.
Note: The "PeopleTools Release" column of this table indicates the release of PeopleTools for which the corresponding function is available. |
Function | PeopleTools Release | Type | Description |
---|---|---|---|
Add User | 8.22 and 8.4x | Provisioning | Creates a user account |
Password Updated | 8.22 and 8.4x | Provisioning | Updates the password of a user |
User Description Updated | 8.22 and 8.4x | Provisioning | Updates the description of a user |
Multi Language Code Updated | 8.22 and 8.4x | Provisioning | Updates the multilanguage code of a user |
Primary Email Address Updated | 8.4x only | Provisioning | Updates the primary e-mail address of a user |
Email Address Updated | 8.22 only | Provisioning | Updates the e-mail address of a user |
Primary Email Type Updated | 8.4x only | Provisioning | Updates the primary e-mail address type of a user |
Language Code Updated | 8.22 and 8.4x | Provisioning | Updates the language code of a user |
Currency Code Updated | 8.22 and 8.4x | Provisioning | Updates the currency code of a user |
Employee Id Updated | 8.22 and 8.4x | Provisioning | Updates the employee ID of a user |
Primary Permission List Updated | 8.22 and 8.4x | Provisioning | Updates the Primary Permission list of a user |
Process Profile Permission List Updated | 8.22 and 8.4x | Provisioning | Updates the Process Profile Permission list of a user |
Navigator Home Permission List Updated | 8.22 and 8.4x | Provisioning | Updates the Navigator Home Permission list of a user |
Row Security Permission List Updated | 8.22 and 8.4x | Provisioning | Updates the Row Security Permission list of a user |
User Id Alias Updated | 8.4x only | Provisioning | Updates the user ID alias of a user |
Add RoleName | 8.22 and 8.4x | Provisioning | Adds a role name to a user |
Delete RoleName | 8.22 and 8.4x | Provisioning | Deletes a role name from a user |
Add EmailAddress | 8.4x only | Provisioning | Adds an e-mail address to a user |
Delete EmailAddress | 8.4x only | Provisioning | Deletes the e-mail address of a user |
Enables a User | 8.22 and 8.4x | Provisioning | Enables a user |
Disables a User | 8.22 and 8.4x | Provisioning | Disables a user |
Reconcile Lookup Field | 8.22 and 8.4x | Reconciliation | Reconciles the lookup fields |
Reconcile User Data | 8.22 and 8.4x | Reconciliation | Trusted mode: Reconciles user data from PeopleSoft User Management to Oracle Identity Manager. A corresponding user is created in Oracle Identity Manager. If the user already exists in Oracle Identity Manager, then this user is updated.
Nontrusted mode: Reconciles user data from PeopleSoft User Management to Oracle Identity Manager. A user is not created in Oracle Identity Manager. |
See Also: Appendix A for information about attribute mappings between Oracle Identity Manager and PeopleSoft User Management. |
In addition to English, this release of the connector supports the following languages:
French
Japanese
This section discusses the elements that the reconciliation module extracts from the target system to construct reconciliation event records.
Reconciliation can be divided into the following topics:
The following lookup fields are reconciled:
LanguageCode
EmployeeId
CurrencyCode
PermissionList
EmailTypes
The EmailTypes lookup field is reconciled only in PeopleTools 8.4x, because PeopleTools 8.22 does not support multiple e-mail types.
UserRoles
User reconciliation involves reconciling the following fields of PeopleSoft User Management:
UserId
UserDescription
EmployeeId
PrimaryEmailAddress (PeopleTools 8.4x only)
PrimaryEmailType (PeopleTools 8.4x only)
Email Address (PeopleTools 8.22 only)
MultiLanguageCode
LanguageCD
CurrencyCode
Alias (PeopleTools 8.4x only)
RowSecurityPermission
ProcessProfilePermission
NavigatorHomePagePermission
PrimaryPermission
Secondary EmailAddresses (PeopleTools 8.4x only)
Secondary EmailTypes (PeopleTools 8.4x only)
Role
The connector supports user data reconciliation in two ways:
Bulk reconciliation (first-time reconciliation)
This type of reconciliation is performed to reconcile records of existing users using a flat file. The flat file is generated using an Application Engine program written in PeopleCode. This program is run using PeopleSoft Application Designer.
This type of reconciliation is performed using PeopleSoft Application Messaging Architecture. In change-based reconciliation, data for any newly created or updated user is reconciled instantaneously.
Change-based reconciliation involves the use of:
A PeopleCode trigger, which generates an XML message containing updated information
Attribute definitions (usually resource parameters) to be synchronized
A Web service that acts as a passive listener for XML messages from PeopleSoft
An XML file, USR_MGMT_MSG.xml
, that defines the schema of the XML message received from PeopleSoft
The synchronization process from PeopleSoft User Management to Oracle Identity Manager involves the following steps:
User information is updated in PeopleSoft User Management. This activates a PeopleCode trigger.
The PeopleCode trigger generates an XML message containing the updated user information and sends it to the listener for the PeopleSoft User Management connector.
The listener forwards the XML message to the PeopleSoft User Management connector using HTTP.
The PeopleSoft User Management connector receives the XML message and sends a reconciliation event to the Oracle Identity Manager.
Figure 1-1 illustrates the synchronization process from PeopleSoft User Management to Oracle Identity Manager.
Figure 1-1 Synchronization Process from PeopleSoft User Management to Oracle Identity Manager
The files and directories that comprise this connector are compressed in the following ZIP file on the installation media:
Enterprise Applications\PeopleSoft Enterprise Applications\PeopleSoft User Management Rev 1.1.0.zip
These files and directories are listed in the following table.
File in the Installation Media Directory | Description |
---|---|
For PeopleTools 8.22:
xml\PT822\PSFTBaseConnector.xml For PeopleTools 8.4x: xml\PSFTBaseConnector.xml |
This XML file contains definitions for the following components of the connector:
|
For PeopleTools 8.22:
xml\PT822\PSFTBaseXellerateUser.xml For PeopleTools 8.4x: xml\PSFTBaseXellerateUser.xml |
This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector for trusted source reconciliation. |
lib\JavaTasks\PSFTBaseProvisioning.jar |
This JAR file contains the class files that are required for provisioning. |
lib\ScheduleTask\PSFTBaseReconciliation.jar |
This JAR file contains the class files that are required for reconciliation. |
lib\peopleSoftUserMgmt.war |
This WAR file contains all the classes and configuration files required for the PeopleSoft listener Web application to run. |
For PeopleTools 8.22:
test\PT822\psft-xel-test.vbs For PeopleTools 8.4x: test\psft-xel-test.vbs |
This VBScript file is used to test the PeopleSoft listener Web service by creating XML messages similar to the ones created by PeopleSoft User Management Reconciliation. |
For PeopleTools 8.22:
test\PT822\pingRequest.xml test\PT822\pingResponse.xml test\PT822\publishRequest.xml test\PT822\publishResponse.xml For PeopleTools 8.4x: test\pingRequest.xml test\pingResponse.xml test\publishRequest.xml test\publishResponse.xml |
These XML files are required by the psft-xel-test.vbs file for communicating with the PeopleSoft listener Web service using XML over HTTP. |
For PeopleTools 8.22:
test\PT822\USR_MGMT_MSG.xml For PeopleTools 8.4x: test\USR_MGMT_MSG.xml |
This XML file is used by the psft-xel-test.vbs file to define the schema of the XML message that is received from PeopleSoft. |
lib\ThirdParty\csv.jar |
The csv.jar file is a third-party library that is used to read comma-separated files. |
For PeopleTools version 8.22, the following files in the PeopleCode\PT822 directory:
AddEmp.txt CurrencyCode.txt EmployeeId.txt LanguageCode.txt PermissionList.txt UserRoles.txt For PeopleTools version 8.4x, the following files in the AddEmp.txt CurrencyCode.txt EmployeeId.txt EmailType.txt LanguageCode.txt PermissionList.txt UserRoles.txt |
These files contain the PeopleCode for the steps that you define for the Application Engine program. Refer to "Creating the Application Engine Program" for details. |
For PeopleTools 8.22:
PeopleCode\PT822\UserMgmtCBRecon.txt For PeopleTools 8.4x: PeopleCode\UserMgmtCBRecon.txt |
This file contains the code that you must add to the PeopleCode for the SavePostChange event while performing the "Publishing the Message" procedure described in the "Creating and Publishing the Message" section. |
For PeopleTools 8.22, the following files in the MsgPublisher directory:
xliMsgPublisher.jar publish.bat |
The JAR file contains the class file that transfers the XML messages generated by the PeopleTools 8.22 file handler on the PeopleSoft Web server to the PeopleSoft connector listener servlet.
The |
For PeopleTools 8.22, the files in the resources\PT822 directory
For PeopleTools 8.4x, the files in the |
Each of these files contains locale-specific information that is used by the connector.
Note: For PeopleTools 8.22, the |
docs\B32167_01.pdf |
This guide, which provides instructions to deploy the connector. |
Note: The files in thetest directory are used only to run tests on the connector. |
The "Step 2: Copying the Connector Files and External Code" section provides instructions to copy these files into the required directories.
To determine the release number of the connector:
Extract the contents of the PSFTBaseReconciliation.jar
file. This file is in the lib\ScheduleTask
directory inside the installation media directory.
Open the manifest.mf
file in a text editor, which is one of the files bundled inside the PSFTBaseReconciliation.jar
file.
In the manifest.mf
file, the release number of the connector is displayed as the value of the Version
property.