| Oracle® Identity Manager Connector Guide for PeopleSoft User Management Release 9.0.3 Part Number B32365-01 |
|
|
View PDF |
| Oracle® Identity Manager Connector Guide for PeopleSoft User Management Release 9.0.3 Part Number B32365-01 |
|
|
View PDF |
Deploying the connector involves the following steps:
If you want to configure the connector for multiple installations of PeopleSoft User Management, then perform the following procedure:
The following table lists the deployment requirements for the connector.
| Item | Requirement |
|---|---|
| Oracle Identity Manager | Oracle Identity Manager release 8.5.3 or later |
| Target systems | The target system can be any one of the following:
You must ensure that the following components are installed and configured:
|
| Target system host platforms | Microsoft Windows |
| Target system user account | PS user
Oracle Identity Manager uses this user account to connect to and exchange data with PeopleSoft User Management. You provide the credentials of this user account while performing the procedure in the "Defining IT Resources" section. |
The connector files to be copied and the directories to which you must copy them are given in the following table.
Note:
The directory paths given in the first column of this table correspond to the location of the connector files in the following directory on the installation media:Enterprise Applications\PeopleSoft Enterprise Applications\PeopleSoft User Management
Refer to the "Files and Directories That Comprise the Connector" section for more information about these files.
Note:
While installing Oracle Identity Manager in a clustered environment, you copy the contents of the installation directory to each node of the cluster. Similarly, you must copy the
connectorResources directory and the JAR files to the corresponding directories on each node of the cluster.After you copy the connector files, copy the following files from the PeopleSoft_home\PT8xx\web\PSJOA directory into the OIM_home\xellerate\ThirdParty directory.
psjoa.jar
This is the PeopleSoft Java object adapter file.
pstools.properties
This file contains the Tuxedo parameter settings used by the PeopleSoft Integration Gateway.
peoplesoft.jar
This JAR file contains APIs for the USER_PROFILE component interface.
The "Creating the APIs for the Component Interface" section for information about the procedure to generate this file for the specific release of PeopleTools, 8.22 or 8.4x, that you are using.
pshttp.jar (PeopleTools 8.4x only)
Create this JAR file using the PeopleSoft class files that are in the pshttp and cache directories on the PeopleSoft server. The location of these directories depends on the PeopleTools release that you are using. For PeopleTools 4.5, the directories are located at the following paths:
pt8.45\class\psft\pt8\pshttp pt8.45\class\psft\pt8\cache
Configuring the Oracle Identity Manager server involves the following procedures:
Note:
In a clustered environment, you must perform this step on each node of the cluster.Changing to the required input locale (language and country setting) involves installing the required fonts and setting the required input locale.
To set the required input locale:
Note:
Depending on the operating system used, you may need to perform this procedure differently.Open Control Panel.
Double-click Regional Options.
On the Input Locales tab of the Regional Options dialog box, add the input locale that you want to use and then switch to the input locale.
Whenever you add a new resource bundle in the OIM_home\xellerate\connectorResources directory or make a change in an existing resource bundle, you must clear content related to connector resource bundles from the server cache.
To clear content related to connector resource bundles from the server cache:
In a command window, change to the OIM_home\xellerate\bin directory.
Enter one of the following commands:
Note:
You must perform Step 1 before you perform this step. If you run the command as follows, then an exception is thrown:OIM_home\xellerate\bin\batch_file_name
On Microsoft Windows:
PurgeCache.bat ConnectorResourceBundle
On UNIX:
PurgeCache.sh ConnectorResourceBundle
In this command, ConnectorResourceBundle is one of the content categories that you can remove from the server cache. Refer to the following file for information about the other content categories:
OIM_home\xellerate\config\xlConfig.xml
Note:
You can ignore the exception that is thrown when you perform Step 2.Configuring the target system involves performing the following procedures:
The procedure to create and publish the message depends on the release of PeopleTools that you are using:
Creating and publishing the message on PeopleTools 8.22 involves the following steps:
To create the message channel:
Click Start, Programs, and Application Designer. The Application Designer window is displayed.
Select New from the File menu. The New Definition dialog box is displayed.
Select Message Channel, and then click OK.
Save the new message channel as USR_MGMT_MSGCH.
Select Object Properties from the File menu. The Message Channel Properties dialog box is displayed.
Select the Run option, and then select Archive Messages.
Click OK, and then save the message.
To create the message:
In the Application Designer, select New from the File menu. The New Definition dialog box is displayed.
Select Message from the list, and then click OK.
Select Object Properties from the File menu. The Message Properties dialog box is displayed.
Click the Use tab.
On the Use tab, select the USR_MGMT_MSGCH message channel and the version of the message that you create.
Select Active to make the message an active message, and then click OK.
Right-click VERSION_1, and select the Insert Child Record option. The Insert Record window is displayed.
Enter PSOPRDEFN in the Name field, click Insert, and then click Close.
Note:
PSOPRDEFN is a record defined in the OIM_home\xellerate\test\USR_MGMT_MSG.xml file. Refer to this file for information about the fields that comprise the PSOPRDEFN record.Click PSOPRDEFN under VERSION_1. All the fields comprising the PSOPRDEFN record are displayed.
By default, all the fields appear as selected. Deselect the fields that are not required for the message XML file to be generated.
Repeat Steps g through i for the PSROLEUSER_VW record.
Note:
PSROLEUSER_VW is the second record defined in the OIM_home\xellerate\test\USR_MGMT_MSG.xml file.Save the message as USR_MGMT_MSG.
To publish the message:
Select Open from the File menu. The Open Definition dialog box is displayed.
Select Component from the Definition list, enter USERMAINT in the Name Selection Criteria field, and then click Enter. All component names starting with the text USERMAINT are displayed.
Select USERMAINT from the list, and then click Open. The details of the USERMAINT component are displayed.
Click the Structure tab, right-click USERMAINT, and then select View PeopleCode. The PeopleCode for the USERMAINT component is displayed.
Select the SavePostChange event from the list in the upper-left corner of the window. The PeopleCode for this event is displayed.
Copy the code given in the following file immediately after the import definitions in the PeopleCode for the SavePostChange event:
OIM_home\xellerate\Scripts\UserMgmtCBRecon.txt
Select Save from the File menu to save the changes to the USERMAINT component.
After you complete this procedure, proceed to the "Configuring PeopleSoft Enterprise Portal" section.
Creating and publishing the message on PeopleTools 8.4x involves the following steps:
To create the message channel:
Click Start, Programs, and Application Designer. The Application Designer window is displayed in the 2-tier mode.
Select New from the File menu. The New Definition dialog box is displayed.
Select Message Channel, and then click OK.
Save the new message channel as USR_MGMT_MSGCH.
Select Definition Properties from the File menu. The Message Channel Properties dialog box is displayed.
Select the Run option, and then select Archive Messages.
Click OK and save the message.
In PeopleSoft Application Designer, select New from the File menu. The New Definition dialog box is displayed.
Select Message from the list, and then click OK.
Select Definition Properties from the File menu. The Message Properties dialog box is displayed.
Click the Use tab.
On the Use tab, select the USR_MGMT_MSGCH message channel and the version of the message that you create.
Select Active to make the message an active message.
Save the message as USR_MGMT_MSG.
Select Open from the File menu. The Open Definition dialog box is displayed.
Select Component from the Definition list, enter USERMAINT in the Name Selection Criteria field, and then press Enter. All component names starting with the text USERMAINT are displayed.
Select USERMAINT from the list, and then click Open. The details of the USERMAINT component are displayed.
Click the Structure tab, right-click USERMAINT, and then select View PeopleCode. The PeopleCode for the USERMAINT component is displayed.
Select the SavePostChange event from the list in the upper-left corner of the window. The PeopleCode for this event is displayed.
Copy the code given in the following file immediately after the import definitions in the PeopleCode for the SavePostChange event:
OIM_home\xellerate\Scripts\UserMgmtCBRecon.txt
Add the following function call at the end of the PeopleCode for the SavePostChange event:
Note:
Perform this step only after you copy the code from theUserMgmtCBRecon.txt file./**********************************************************************/
/* Calling the GENERATEUSER function to generate the
USR_MGMT_MSG message*/
/**********************************************************************/
If Len(%CompIntfcName) = 0 Then
Local string &OPID;
&OPID = PSOPRDEFN.OPRID;
GENERATEUSR(&OPID);
End-If;
Select Save from the File menu to save the changes to the USERMAINT component.
Note:
If your PeopleSoft installation does not include PeopleSoft Enterprise Portal, then you cannot perform this procedure. Change-based reconciliation cannot be enabled if you do not use PeopleSoft Enterprise Portal. However, you can perform provisioning and bulk reconciliation.Refer to the "User Reconciliation" section for information about change-based and bulk reconciliation.
PeopleSoft Enterprise Portal provides a single gateway to critical information in PeopleSoft User Management Reconciliation and other PeopleSoft applications.
The procedure to configure PeopleSoft Enterprise Portal depends on the release of PeopleTools that you are using:
Configuring PeopleSoft Enterprise Portal on PeopleTools 8.22
Configuring PeopleSoft Enterprise Portal on PeopleTools 8.4x
Configuring PeopleSoft Enterprise Portal on PeopleTools 8.22 involves the following steps:
To create the USR_MGMT_NODE remote node:
In the Application Designer, select New from the File menu. The New Definition dialog box is displayed.
Select Message Node from the list, and then click OK.
Right-click anywhere in the white space, and then select Insert Location. The Location dialog box is displayed.
Enter the URL for the PeopleSoft Application Gateway in the following format:
http://hostname:port/servlets/gateway
In this URL, hostname is the application server that hosts PeopleSoft and port is the port number at which the application server is listening.
Select Object Properties from the File menu. The Message Node Properties dialog box is displayed.
Select the Use tab. Ensure that Local Node is not selected.
Save the remote node as USR_MGMT_NODE.
To configure the USR_MGMT_MSGCH message channel:
From the File menu, select Open and then click Message Channel.
To open the USR_MGMT_MSGCH message channel, select USR_MGMT_MSGCH.
Click the Routing Rules tab.
Right-click anywhere in the empty area of the right pane, and then select Insert Message Node. The Insert Message Node dialog box is displayed.
Select the USR_MGMT_NODE message node, and then click Insert.
Click Cancel to close the dialog box.
Right-click the message node displayed on the Routing Rules tab.
Point to Routing Direction, and then select Publish To.
Save the message channel.
To configure the PeopleSoft Enterprise Portal gateway so that messages can be sent through the gateway to third-party systems:
Note:
The Simple File Handler mentioned in the following procedure is a utility in PeopleTools 8.22 that can receive messages published by a PeopleSoft node and write these messages to a file that can be used by third-party systems.In a Web browser, use a URL with the following format to launch the PeopleSoft configuration servlet interface (handler directory):
http://hostname:port/servlets/gateway.administration
In this URL, hostname is the application server that hosts PeopleSoft and port is the port number at which the application server is listening.
Click Add Handler. The Add Handler window is displayed.
Enter the full name of the Simple File Handler class, psft.pt8.filehandler.SimpleFileHandler.
Click Save. The Handler Directory window is displayed.
To load the handler, click Load. After the handler loads, the "Loaded successfully" message is displayed in the Status column.
Click Configure.
Click Add a file handler node. The Add File Handler Node window is displayed.
In the Node Name field, enter the name of the message node that you create, USR_MGMT_NODE.
Specify the output directory in which the published messages are to be stored.
Select Include Header.
Click Save.
Restart the Web server.
XML messages are generated by the Simple File Handler. To publish these messages to the PeopleSoft Connector Listener servlet, you must create a scheduled task as follows:
Note:
The scheduled task calls a Java program that communicates with the servlet deployed on the Oracle Identity Manager server. The servlet parses the message and sends reconciliation events to Oracle Identity Manager.The servlet sends a return code based on the status of the reconciliation event. If the reconciliation event is successfully sent, then the message is deleted or archived. Otherwise, the message file is left unchanged. The next time the scheduled task is run, another attempt is made to send the message.
Copy the publish.bat and xliMsgPublisher.jar files from the OIM_home\xellerate\MsgPublisher directory to any directory on the PeopleSoft User Management server.
Use a text editor to open the publish.bat file, and then make the following changes in the file:
i. Change the value of the JAVA_HOME variable so that it points to the JDK installation directory on the PeopleSoft Web server.
ii. Specify the following values in the Java command given at the end of the file:
PeopleSoft_listener_servlet_URL: This is the URL of the servlet that listens for reconciliation events generated using PeopleSoft Application Messaging.
Output_directory_for_XML_messages: This is the PeopleSoft Web server directory in which you want published messages to be stored. You have already specified the output directory while performing Step 3.i of this procedure.
XML_message_name
console_log_file_path
The command is in the following format:
java Com.thortech.xl.Integration.msgpublisher.PeopleSoftPublisher "PeopleSoft_listener_servlet_URL" "Output_directory_for_XML_messages" XML_message_name >> console_log_file_path
For example:
java Com.thortech.xl.Integration.msgpublisher.PeopleSoftPublisher "http://host:port/peopleSoftUserMgmt/do/peopleSoftAction" "C:/test/file" USR_MGMT_MSG >> c:/test/consolelog.log
In the PeopleSoft listener servlet URL specified in this example, host is the IP address or host name of the application server on which Oracle Identity Manager is running and port is the HTTP port at which the application server listens for incoming messages.
Save and close the batch file.
On the PeopleSoft Web server, click Start, Settings, and Control Open.
Double-click Scheduled Tasks.
Click Add Schedule Task, and then click Next.
Click Browse, and then select the publish.bat file from the directory in which you save it.
Select Daily, click Next, and then click Next again.
Enter the user ID and password for the scheduled task to run.
Select Open Advance properties.
Click Finish.
On the Schedule tab, click Advanced.
Select Repeat Task.
Select the frequency at which you want the task to run.
Click OK, and then click OK again to close the window.
Configuring PeopleSoft Enterprise Portal on PeopleTools 8.4x involves the following steps:
To configure the PeopleSoft Enterprise Portal gateway so that messages can be sent through the gateway to the connector:
Open a Web browser and enter the URL for PeopleSoft Enterprise Portal.
This URL is in the following format:
http://servername/psp/Databasename/?cmd=login
Here, psp is the name of the Web application. For example:
http://psftserver.acme.com/psp/TestDB/?cmd=login
Expand PeopleTools, Integration Broker, and then Gateways in the list on the portal page. The Gateway component details are displayed.
Enter LOCAL in the Integration Gateway ID field, and then click Search. The LOCAL gateway is a default gateway that is created when you install PeopleSoft Enterprise Portal.
Ensure that the IP address specified in the URL of the PeopleSoft listening connector is the IP address of the Web server on which PeopleSoft User Management is installed. The PeopleSoft listening connector is a module provided by PeopleSoft. The URL of the PeopleSoft listening connector is in the following format:
http://computer_name/PSIGW/PeopleSoftListeningConnector
For example:
http://172.19.151.53/PSIGW/PeopleSoftListeningConnector
Click Load Gateway Connectors to load all target connectors that are registered with the LOCAL gateway.
Click Save.
To create the USR_MGMT_NODE remote node:
In the PeopleSoft Enterprise Portal window, expand PeopleTools, Integration Broker, and Node Definitions.
Click the Add a New Value tab.
On the Add a New Value tab, enter USR_MGMT_NODE as the node name and then click Add. The Node Definition page is displayed.
Enter a description for the node in the Description field.
Make this node a remote node by deselecting the Local Node check box and selecting the Active Node check box.
On the Connectors tab, enter the following information and then perform a lookup:
Gateway ID: LOCAL
Connector ID: PSFT81TARGET
On the Properties tab, enter the following information:
Property ID: PSFT81TARGET
Property Name: URL
Required value: Enter the URL of the PeopleSoft servlet that is to receive the XML message. This URL is in the following format:
http://computer_name:port/peopleSoftUserMgmt/do/peopleSoftAction
For example:
http://172.21.109.75:8080/peopleSoftUserMgmt/do/peopleSoftAction
Click Save.
Click the Transactions tab, and then click Add Transaction. The Add Transaction page is displayed.
Enter the following details to define the new transaction:
Transaction Type: Outbound Asynchronous
Request Message: USR_MGMT_MSG
Request Message Version: VERSION_1
Click Add.
To keep the status as active, select Active.
Click Save to save the changes.
To secure the USR_MGMT_MSGCH message channel:
Navigate to PeopleTools, Security, Permission & Roles, and Permission Lists.
Select AEAE1000. The AEAE1000 permission list is displayed.
Select the Message Monitor tab, and then click the button with the plus sign (+).
Enter USR_MGMT_MSGCH as the channel name.
Select Full Access from the list, and then click Save.
Click PeopleTools, Integration Broker, Monitor, Monitor Message, and Channel Status to check the status of the message channel.
If the status of the USR_MGMT_MSGCH message channel is Pause, then click the Run button to activate it.
To create the Application Engine program:
Click Start, Programs, PeopleSoft8.x, and then Application Designer. The Application Designer window is displayed.
Select New from the File menu. The New Definition dialog box is displayed.
Select Application Engine from the Definition list. The App Engine Program window is displayed, and the Step01 step is created by default.
In the App Engine Program window, select Step01 and then select Action from the Insert menu.
Rename Step01 to currency.
From the list on the action, select PeopleCode.
Select Save from the File menu, and save the Application Engine program with the name BLKPRCS_USER.
Double-click the PeopleCode action.
Copy the code from the CurrencyCode.txt file, which is in the OIM_home\xellerate\Scripts directory.
The code that you copy has the following default path for the output file in which the currency code data changes are to be stored:
C:\PT822\data\log\currency.txt
In the code, retain the file name (currency.txt) but change the path to any directory location on the PeopleSoft server. For example:
C:\MyDirectory\currency.txt
Save the PeopleCode action and close the window.
In the App Engine Program window, select the MAIN section and then select Step/Action from the Insert menu.
Repeat Steps 5 through 12 to create the remaining steps, which are listed in the following table.
| Step Name | File Containing the Required PeopleCode |
|---|---|
language |
LanguageCode.txt |
emplid |
EmployeeId.txt |
userrole |
UserRoles.txt |
permiss |
PermissionList.txt |
EmailType (PeopleTools 8.4x only) |
EmailType.txt |
addemp |
AddEmp.txt |
Save the Application Engine program.
The procedure to run the Application Engine program depends on the release of PeopleTools that you are using:
To run the Application Engine program on PeopleTools 8.22:
Log in to the PeopleSoft Enterprise Portal.
Click People Tools, Process Scheduler Manager, Use, and Process Definitions. The Process Definitions page is displayed.
Click Add a New value.
Select Application Engine from the Process Type list.
Enter the name of the Application Engine program as the process name, for example, BLKPRCS_USER.
Click Add.
Select the Application Engine Program from the search results that are displayed.
On the Process Definition Options tab, specify the following values:
Run Location: Server
Server Name: PSNT
Component: PRCSMULTI
Process Groups: ALLPANLS
Click Save.
Return to the home page.
Click People Tools, Process Scheduler Manager, Process, and Sample Processes. The Sample Processes page is displayed.
Click Add a New value.
Specify a run control ID, and then click Add.
Note:
A run control ID is used as a key for records that contain the parameters required by a process at run time. If the parameters are stored in a table that the process can query using the run control ID and user ID, then the process can run without user intervention.Click Run. The Process Scheduler Request page is displayed
Specify the server name.
Select the Application Engine program name, and then click OK.
Click Process Monitor to verify the status of the process.
After the process status changes to Success, the comma-separated file is created at the location specified in the code that you copy from the AddEmp.txt file.
To run the Application Engine program on PeopleTools 8.4x:
Note:
For the Application Engine program to run in 2-tier mode, the database client must be installed on the server used for accessing the application designer. To switch to the 2-tier mode, you selectConnection Type as the database on the PeopleSoft sign-on screen.Open the application designer in 2-tier mode.
Specify the connection type, user ID, and password.
To open the Application Engine program that you create:
From the File menu, select Open and then select Application Engine Program from the Object Type list.
Select BLKPRCS_USER, and then click Open.
Click the RUN PROGRAM control on the toolbar below the menu bar. The code for the PeopleCode action is run. The comma-separated file containing user records is created at the location specified in the code.
This section describes how to configure the listener for the connector. In the following procedure, OIM_home refers to the local Oracle Identity Manager installation directory.
To configure the PeopleSoft Listener Web service:
Enter the following command to extract the contents of the peopleSoftUserMgmt.war file. This file is in the OIM_home\xlclient\lib directory.
jar –xvf peopleSoftUserMgmt.war
Note:
All the files mentioned in the remaining steps of this procedure are extracted from thepeopleSoftUserMgmt.war file.Edit the deployment.properties file. This file contains the message property that corresponds to the name of the XML message from the PeopleSoft feed. The default value of this attribute is USR_MGMT_MSG. Obtain the correct value for this attribute from the PeopleSoft administrator.
If you are using PeopleTools 8.22, then you must modify the PSFTBase.Roles property in the attributemap.properties file as follows:
Search for the following line:
PSFTBase.Roles=//Transaction/PSROLEUSER_VW/ROLES
Replace it with the following line:
PSFTBase.Roles=//Transaction/PSROLEUSER_VW/ROLENAME
Edit the xlsession.properties file. This file contains the following Oracle Identity Manager connection parameters:
ObjectName: This is the name of the resource object in Oracle Identity Manager against which the reconciliation event is created. The default value is PSFTBase. For nontrusted reconciliation, you can change it to any other resource object.
Username: This is the user name for logging in to Oracle Identity Manager. The default value is xelsysadm.
Password: This is the password for logging in to Oracle Identity Manager. You must enter the encrypted value for the default password:
Kk3821YZhIoG36lvDH2YTw==
Note:
If the password for Oracle Identity Manager is different from the default password, then refer to Appendix B for information about encrypting a plaintext password.Edit the xlclient.properties file. This file contains the following system properties that enable an API client to communicate with Oracle Identity Manager:
xl.homedir: This property specifies the Oracle Identity Manager client directory. Typically, the Oracle Identity Manager client directory is OIM_home\xlclient.
java.security.policy: This property specifies the path of the security policy file. Typically, this file is located in the OIM_home\xlclient\config directory.
java.security.auth.login.config: This property specifies the path of the authentication configuration file. Typically, this file is located in the OIM_home\xlclient\config directory.
Each application server uses a different authentication configuration file:
IBM WebSphere: authws.conf
BEA WebLogic: authwl.conf
JBoss Application Server: auth.conf
java.naming.provider.url: This property specifies the JNP URL of the application server. This URL is given in the <Discovery><CoreServer><java.naming.provider.url> tag of the OIM_home\xlclient\config\xlconfig.xml file.
Edit the following properties in the configureReconciliation.properties file:
reconciliationMode: This property can accept one of two possible values:
If you want to perform reconciliation in trusted mode, then set this property to trusted.
If you want to perform reconciliation in nontrusted mode, then set this property to nontrusted.
Serverdateformat: This property specifies the date format that is used by the PeopleSoft User Management server. You can select one of the following date formats:
dd-mmm-yy
ddmmyy
yyddmm
yymmdd
xellerateOrganization: This property specifies the name of the Oracle Identity Manager organization. The default value of this parameter is Xellerate Users. The value that you assign to this property must exist in Oracle Identity Manager.
nullDate: This property specifies the default value for a date field. The value is 2200/01/01 00:00:00 PST. This value is used if the date field is left empty.
PeoplesoftstartingYEAR: This property specifies the year in two digits. If the number represented by these two digits (xx):
Is greater than or equal to 50, then it is assumed that the year is 19xx.
Is less than 50, then it is assumed that the year is 20xx.
This specifies a range of 1950 to 2049 for the property.
XelServerDate: This property contains the date format that is used for the Oracle Identity Manager server.
Sample value: yyyy/MM/dd hh:mm:ss z
Copy the following files from the OIM_home\xellerate\lib directory to the WEB-INF\lib directory:
wlXLSecurityProviders.jar
xlAPI.jar
xlAuthentication.jar
xlBackOfficeBeans.jar
xlBackofficeClient.jar
xlCache.jar
xlCrypto.jar
xlDataObjectBeans.jar
xlDataObjects.jar
xlLogger.jar
xlUtils.jar
xlVO.jar
Copy the following files from the OIM_home\xellerate\ext directory to the WEB-INF\lib directory:
oscache.jar
javagroups-all.jar
Delete the peopleSoftUserMgmt.war file from the temporary directory into which you extract it, and then use the following command to re-create the file:
jar –cvf peopleSoftUserMgmt.war
Ensure that the old version of the peopleSoftUserMgmt.war file is removed from the application server (JBoss Application Server, IBM WebSphere, BEA WebLogic, or OC4J) deployment directory and the OIM_home\xellerate\webapp directory.
Copy the newly created peopleSoftUserMgmt.war file into the application server deployment directory and the OIM_home\xellerate\webapp directory.
Restart the Oracle Identity Manager server and client.
Note:
You can add custom attributes to be reconciled during change-based reconciliation. However, you must complete the deployment procedure before you can add custom attributes.Refer to Appendix C for information about the procedure to add custom attributes for reconciliation.
To import the connector files into Oracle Identity Manager:
Open the Oracle Identity Manager Administrative and User Console.
Click the Deployment Management link on the left navigation bar.
Click the Import link under Deployment Management. A dialog box for locating files is displayed.
Locate and open the PSFTBaseConnector.xml file, which is in the OIM_home\xlclient directory. Details of the XML file are shown on the File Review page.
Click Add File. The Substitutions page is displayed.
Click Next. The Confirmation page is displayed.
Click Next. The Provide IT Resource Instance Data page for the PSFT Base Server IT resource is displayed.
Specify values for the parameters of the PSFT Base Server IT resource. Refer to the "Defining IT Resources" section for information about the values to be specified.
Click Next. The Provide IT Resource Instance Data page for a new instance of the PSFTBase IT resource type is displayed.
Click Skip to specify that you do not want to define another IT resource. The Confirmation page is displayed.
See Also:
If you want to define another IT resource, then refer to Oracle Identity Manager Tools Reference Guide for instructions.Click View Selections.
The contents of the XML file are displayed on the Import page. You may see a cross-shaped icon along with some nodes. Remove these nodes by right-clicking each node and then selecting Remove.
Click Import. The connector file is imported into Oracle Identity Manager.
After you import the connector XML file, proceed to the "Step 7: Configuring Reconciliation" section.
You must specify values for the PSFT Base Server IT resource parameters listed in the following table.
| Parameter | Description |
|---|---|
Admin |
User ID of the PeopleSoft User Management administrator
Default value: |
AdminCredentials |
Password of the PeopleSoft User Management administrator |
ComponentInterfaceName |
Component interface used to load user data in PeopleSoft User Management
Default value: |
ServerName |
IP address or computer name of the PeopleSoft User Management server |
ServerPort |
Port at which the PeopleSoft User Management server is listening
Default value: |
IsDebug |
Debug feature
The value can be |
IsSecure |
Specify whether or not the SSL feature is enabled
The value can be Note: It is recommended that you enable SSL to secure communication with the target system. |
SymbolicId |
Specifies the AccessId associated with the user profile
The AccessId specifies whether or not the user has sufficient privileges on the PeopleSoft User Management database. Sample value: |
RecordName |
Used to validate the employee ID during user provisioning in PeopleSoft User Management
Default value: |
After you specify values for these IT resource parameters, go to Step 9 of the procedure to import connector XML files.
Configuring reconciliation involves the following steps:
Note:
Perform this step of the procedure only if you want to configure trusted source reconciliation. Only one connector can be configured for trusted source reconciliation. If you import thePSFTBaseXellerateUser.xml file while you have another trusted source configured, then both connector reconciliations would stop working.
Refer to Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurations.
You start configuring trusted source reconciliation when you perform Steps 4 and 6 of the procedure described in the "Step 5: Configuring the PeopleSoft Listener Web Service for Change-Based Reconciliation" section.
You must then import the XML file for trusted source reconciliation as follows:
Open the Oracle Identity Manager Administrative and User Console.
Click the Deployment Management link on the left navigation bar.
Click the Import link under Deployment Management. A dialog box for locating files is displayed.
Locate and open the PSFTBaseXellerateUser.xml file, which is in the OIM_home\xlclient directory. Details of this XML file are shown on the File Preview page.
Click Add File. The Substitutions page is displayed.
Click Next. The Confirmation page is displayed.
Click Import.
In the message that is displayed, click Import to confirm that you want to import the XML file and then click OK.
Then, set the value of the IsTrusted reconciliation scheduled task attribute to Yes while performing the procedure described in the following section.
To create the scheduled tasks for lookup fields and user reconciliations:
Open the Oracle Identity Manager Design Console.
Expand the Xellerate Administration folder.
Select Task Scheduler.
Click Find. The details of the predefined scheduled tasks are displayed on two different tabs.
Enter a number in the Max Retries field. This number represents the number of times Oracle Identity Manager must attempt to complete the task before assigning the ERROR status to the task.
Ensure that the Disabled and Stop Execution check boxes are not selected.
In the Start region, double-click the Start Time field. From the date-time editor that is displayed, select the date and time at which you want the task to run.
To set the task to run only once, select the Once option in the Interval region.
Provide values for the attributes of the scheduled task. Refer to the "Specifying Values for the Scheduled Task Attributes" section for information about the values to be specified.
Click Save. The scheduled task is created. The INACTIVE status is displayed in the Status field, because the task is not currently running. The task is run at the date and time that you set in Step 7.
Repeat Steps 5 through 10 to create the second scheduled task.
After you create both scheduled tasks, proceed to the "Step 8: Compiling Adapters" section.
This section provides information about the values to be specified for the following scheduled tasks:
You must specify values for the following attributes of the lookup fields reconciliation scheduled task.
Note:
Attribute values are predefined in the connector XML file that you import. Specify values only for those attributes that you want to change.| Attribute | Description |
|---|---|
ServerName |
Name of the IT resource
Default value: |
LookupType |
The type of data that is being looked up in the target system.
The value can be any one of the following:
|
FilePath |
Directory path on the Oracle Identity Manager server where the reconciliation lookup .txt file is stored
Sample value: |
LookupName |
Name of the lookup definition configured in Oracle Identity Manager
The value can be any one of the following:
|
TargetSystem |
Name of the resource object
Default value: |
After you specify values for these task attributes, go to Step 10 of the procedure to create scheduled tasks.
You must specify values for the following attributes of the user reconciliation scheduled task.
Note:
Attribute values are predefined in the connector XML file that you import. Specify values only for those attributes that you want to change.| Attribute | Description |
|---|---|
MultiValueSeperator |
## is the multivalue separator in the flat file that is used for bulk reconciliation |
ServerName |
Name of the IT resource instance
Default value: |
IsTrusted |
Specifies whether or not reconciliation is to be carried out in trusted mode
The value can be |
XellerateOrganization |
Default name of the Oracle Identity Manager organization
This value is used to create the Xellerate User in trusted mode. |
FolderPath |
Directory path on the Oracle Identity Manager server where the reconciliation lookup .txt file is stored |
TargetSystem |
Name of the resource object
Default value: |
After you specify values for these task attributes, go to Step 10 of the procedure to create scheduled tasks.
The following adapters are imported into Oracle Identity Manager when you import the connector XML file:
adpPSFTCREATEUSER
adpPSFTUPDATEUSER
adpPSFTRESETPASSWORD
adpPSFTUNLOCKUSER
adpPSFTLOCKUSER
adpPSFTUPDATEUSEREMPID
adpPSFTADDORDELETEROLE
adpPSFTADDORDELETEEMAIL (PeopleTools 8.4x only)
You must compile these adapters before you can use them to provision accounts on the target system.
To compile adapters by using the Adapter Manager form:
Open the Adapter Manager form.
To compile all the adapters that you import into the current database, select the Compile All option.
To compile multiple (but not all) adapters, select the adapters you want to compile. Then, select the Compile Selected option.
Click Start. Oracle Identity Manager compiles the selected adapters.
If Oracle Identity Manager is installed in a clustered environment, then copy the compiled adapters from the OIM_home\xellerate\Adapter directory to the same directory on each of the other nodes of the cluster. If required, overwrite the adapter files on the other nodes.
To view detailed information about an adapter:
Highlight the adapter in the Adapter Manager form.
Double-click the row header of the adapter, or right-click the adapter.
Select Launch Adapter from the shortcut menu that is displayed. Details of the adapter are displayed.
Note:
Perform this procedure only if you want to configure the connector for multiple installations of PeopleSoft User Management. Refer to Oracle Identity Manager Design Console Guide for detailed instructions on performing each step of this procedure.To configure the connector for multiple installations of the target system:
Create and configure one resource object for each target system installation.
The Resource Objects form is in the Resource Management folder. The PSFTBase resource object is created when you import the connector XML file. You can use this resource object as the template for creating the remaining resource objects.
Create and configure one IT resource for each resource object.
The IT Resources form is in the Resource Management folder. The PSFT Base Server IT resource is created when you import the connector XML file. You can use this IT resource as the template for creating the remaining IT resources, of the same resource type.
Design one process form for each resource object.
The Form Designer form is in the Development Tools folder. The following process forms are created when you import the connector XML file:
UD_PSFT_BAS (main form)
UD_PSROLES and UD_PS_EMAIL (child forms for PeopleTools 8.4x only)
You can use these process forms as templates for creating the remaining process forms.
Create and configure one process definition for each resource object.
The Process Definition form is in the Process Management folder. The PSFTBase process definition is created when you import the connector XML file. You can use this process definition as the template for creating the remaining process definitions.
While creating process definitions for each target system installation, the following steps that you must perform are specific to the creation of each process definition:
From the Object Name lookup field, select the resource object that you create in Step 1.
From the Table Name lookup field, select the process form that you create in Step 3.
While mapping the adapter variables for the IT Resource data type, ensure that you select the IT resource that you create in Step 2 from the Qualifier list.
Configure reconciliation for each target system installation. Refer to the "Step 7: Configuring Reconciliation" section for instructions. Note that only the values of the following attributes are to be changed for each reconciliation scheduled task:
TargetSystem
ServerName
IsTrusted
Set the IsTrusted attribute to Yes for the PeopleSoft User Management installation that you want to designate as a trusted source. You can designate either a single or multiple installations of PeopleSoft User Management as the trusted source. For the remaining PeopleSoft User Management installations, set this attribute to No.
If required, modify the fields to be reconciled for the Xellerate User resource object.
Additional Steps for Configuring Change-Based Reconciliation
For change-based reconciliation, you must perform the procedure described in the following sections:
The following are actions that you must perform differently from the procedure described in these sections:
In Step 4.b of the "Configuring PeopleSoft Enterprise Portal on PeopleTools 8.22" section:
Note:
Perform this step only if you use PeopleTools 8.22.Change the Java command in the publish.bat file as shown in the following example:
java Com.thortech.xl.Integration.msgpublisher.PeopleSoftPublisher "http://host:port/peopleSoftUserMgmt1/do/peopleSoftAction" "C:/test/file" USR_MGMT_MSG >> c:/test/consolelog.log
Similarly, change the name of the Web application for each WAR file that you create.
In Step 7 of the procedure to create the XL_NODE node, given in the "Configuring PeopleSoft Enterprise Portal on PeopleTools 8.4x" section:
Note:
Perform this step only if you use PeopleTools 8.4x.Change the name of the application in the URL as shown in the following example:
http://computer_name:port/peopleSoftUserMgmt1/do/peopleSoftAction
Similarly, change the name of the Web application in the URL for each WAR file that you create.
In the "Step 5: Configuring the PeopleSoft Listener Web Service for Change-Based Reconciliation" section:
In Step 3, the value that you specify for the ObjectName parameter in the xlsession.properties file must be the name of the resource object that you create.
In Step 7, specify a different file name in the command that you use to re-create the WAR file. For example:
jar –cvf peopleSoftUserMgmt1.war
Similarly, change the name of the WAR file for each target system installation
