| Oracle® Identity Manager Connector Guide for PeopleSoft User Management Release 9.0.4 Part Number E10167-02 |
|
|
View PDF |
| Oracle® Identity Manager Connector Guide for PeopleSoft User Management Release 9.0.4 Part Number E10167-02 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for PeopleSoft User Management is used to integrate Oracle Identity Manager with PeopleSoft User Management.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
Reconciliation involves duplicating in Oracle Identity Manager additions of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.
See Also:
The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurationsBased on the type of data reconciled from the target system, reconciliation can be divided into the following types:
The following lookup fields are reconciled:
LanguageCode
EmployeeId
CurrencyCode
PermissionList
EmailTypes
The EmailTypes lookup field is reconciled only in PeopleTools 8.45 through 8.47, because PeopleTools 8.22 does not support multiple e-mail types.
UserRoles
User reconciliation involves reconciling the following fields of PeopleSoft User Management:
The following target system fields are reconciled:
UserId
UserDescription
EmployeeId
PrimaryEmailAddress (PeopleTools 8.45 through 8.47 only)
PrimaryEmailType (PeopleTools 8.45 through 8.47 only)
Email Address (PeopleTools 8.22 only)
MultiLanguageCode
LanguageCD
CurrencyCode
Alias (PeopleTools 8.45 through 8.47 only)
RowSecurityPermission
ProcessProfilePermission
NavigatorHomePagePermission
PrimaryPermission
Secondary EmailAddresses (PeopleTools 8.45 through 8.47 only)
Secondary EmailTypes (PeopleTools 8.45 through 8.47 only)
Role
The following target system fields are reconciled only if trusted source reconciliation is implemented:
User ID
First Name
Last Name
Organization
User Type
Employee Type
The connector supports user data reconciliation in two ways:
Bulk reconciliation (first-time reconciliation)
Bulk reconciliation involves reconciling records of existing users using a flat file. The flat file is generated using an Application Engine program written in PeopleCode. This program is run using PeopleSoft Application Designer.
In change-based reconciliation, data for any newly created or updated user is reconciled instantaneously. This type of reconciliation is performed using PeopleSoft Application Messaging Architecture.
Change-based reconciliation involves the use of:
A PeopleCode trigger that generates an XML message containing updated information
Attribute definitions (usually resource parameters) to be synchronized
A Web service that acts as a passive listener for XML messages from PeopleSoft
An XML file, USR_MGMT_MSG.xml, that defines the schema of the XML message received from PeopleSoft
The synchronization process from PeopleSoft User Management to Oracle Identity Manager involves the following steps:
User information is updated in PeopleSoft User Management. This activates a PeopleCode trigger.
The PeopleCode trigger generates an XML message containing the updated user information and sends it to the listener for the PeopleSoft User Management connector.
The listener forwards the XML message to the PeopleSoft User Management connector using HTTP.
The PeopleSoft User Management connector receives the XML message and sends a reconciliation event to the Oracle Identity Manager.
Provisioning involves creating or modifying a user's account information on the target system through Oracle Identity Manager. You use the Administrative and User Console to perform provisioning operations.
See Also:
The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about provisioningFor this target system, the following fields are provisioned:
UserId
UserDescription
PrimaryPermissionList
RowSecurityPermissionList
ProcessProfilePermissionList
NavigatorHomePermissionList
SymbolicID
LanguageCode
CurrencyCode
PrimaryEmailAddress
PrimaryEmailType (for 8.45 and 8.47 only)
EmpId
RecName
Password
UserIdAlias (for PeopleTools 8.45 and 8.47 only)
MultiLanguageCode
The following table lists the functions that are available with this connector.
Note:
The "PeopleTools Release" column of this table indicates the release of PeopleTools for which the corresponding function is available.| Function | PeopleTools Release | Type | Description |
|---|---|---|---|
| Add User | 8.22 and 8.45 through 8.47 | Provisioning | Creates a user account |
| Password Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the password of a user |
| User Description Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the description of a user |
| Multi Language Code Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the multilanguage code of a user |
| Primary Email Address Updated | 8.22 only | Provisioning | Updates the primary e-mail address of a user |
| Email Address Updated | 8.22 only | Provisioning | Updates the e-mail address of a user |
| Primary Email Type Updated | 8.45 through 8.47 only | Provisioning | Updates the primary e-mail address type of a user |
| Language Code Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the language code of a user |
| Currency Code Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the currency code of a user |
| Employee Id Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the employee ID of a user |
| Primary Permission List Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the Primary Permission list of a user |
| Process Profile Permission List Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the Process Profile Permission list of a user |
| Navigator Home Permission List Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the Navigator Home Permission list of a user |
| Row Security Permission List Updated | 8.22 and 8.45 through 8.47 | Provisioning | Updates the Row Security Permission list of a user |
| User Id Alias Updated | 8.45 through 8.47 only | Provisioning | Updates the user ID alias of a user |
| Add RoleName | 8.22 and 8.45 through 8.47 | Provisioning | Adds a role to a user |
| Delete RoleName | 8.22 and 8.45 through 8.47 | Provisioning | Deletes a role from a user |
| Add EmailAddress | 8.45 through 8.47 only | Provisioning | Adds an e-mail address to a user |
| Delete EmailAddress | 8.45 through 8.47 only | Provisioning | Deletes the e-mail address of a user |
| Enables a User | 8.22 and 8.45 through 8.47 | Provisioning | Enables a user |
| Disables a User | 8.22 and 8.45 through 8.47 | Provisioning | Disables a user |
| Reconcile Lookup Field | 8.22 and 8.45 through 8.47 | Reconciliation | Reconciles lookup fields |
| Reconcile User Data | 8.22 and 8.45 through 8.47 | Reconciliation | Trusted mode: Reconciles user data from PeopleSoft User Management to Oracle Identity Manager. A corresponding user is created in Oracle Identity Manager. If the user already exists in Oracle Identity Manager, then this user is updated.
Nontrusted mode: Reconciles user data from PeopleSoft User Management to Oracle Identity Manager. A user is not created in Oracle Identity Manager. |
See Also:
Appendix A for information about attribute mappings between Oracle Identity Manager and PeopleSoft User Management.The connector supports the following languages:
Chinese Simplified
Chinese Traditional
English
French
German
Italian
Japanese
Korean
Portuguese (Brazilian)
Spanish
See Also:
Oracle Identity Manager Globalization Guide for information about supported special charactersThe files and directories that comprise this connector are compressed in the following ZIP file on the installation media:
Enterprise Applications/PeopleSoft Enterprise Applications/PeopleSoft User Management
These files and directories are listed in the following table.
| File in the Installation Media Directory | Description |
|---|---|
For PeopleTools 8.22:
xml/PT822/PSFTBaseConnector.xml For PeopleTools 8.45 through 8.47: xml/PSFTBaseConnector.xml |
This XML file contains definitions for the following components of the connector:
|
For PeopleTools 8.22:
xml/PT822/PSFTBaseXellerateUser.xml For PeopleTools 8.45 through 8.47: xml/PSFTBaseXellerateUser.xml |
This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector for trusted source reconciliation. |
lib/JavaTasks/PSFTBaseProvisioning.jar |
This JAR file contains the class files that are required for provisioning. |
lib/ScheduleTask/PSFTBaseReconciliation.jar |
This JAR file contains the class files that are required for reconciliation. |
lib/peopleSoftUserMgmt.war |
This WAR file contains all the classes and configuration files required for the PeopleSoft listener Web application to run. |
For PeopleTools 8.22, the following files in the test/cbrecon directory:
pingRequest.xml pingResponse.xml publishRequest.xml publishResponse.xml For PeopleTools 8.45 through 8.47, the following files in the pingRequest.xml pingResponse.xml publishRequest.xml publishResponse.xml |
These XML files are required by the psft-xel-test.vbs file for communicating with the PeopleSoft listener Web service using XML over HTTP. |
lib/ext/csv.jar |
The csv.jar file is a third-party library that is used to read comma-separated files. |
For PeopleTools version 8.22, the following files in the PeopleCode/PT822 directory:
AddEmp.txt CurrencyCode.txt EmployeeId.txt LanguageCode.txt PermissionList.txt UserRoles.txt For PeopleTools version 8.45 through 8.47 the following files in the AddEmp.txt CurrencyCode.txt EmployeeId.txt EmailType.txt LanguageCode.txt PermissionList.txt UserRoles.txt |
These files contain the PeopleCode for the steps that you define for the Application Engine program. Refer to "Creating the Application Engine Program" section for details. |
For PeopleTools 8.22:
PeopleCode/PT822/UserMgmtCBRecon.txt For PeopleTools 8.45 through 8.47: PeopleCode/UserMgmtCBRecon.txt |
This file contains the code that you must add to the PeopleCode for the SavePostChange event while performing the "Publishing the Message" procedure described in the "Creating and Publishing the Message" section. |
For PeopleTools 8.22, the following files in the MsgPublisher directory:
xliMsgPublisher.jar publish.bat |
The JAR file contains the class file that transfers the XML messages generated by the PeopleTools 8.22 file handler on the PeopleSoft Web server to the PeopleSoft connector listener servlet.
The |
For PeopleTools 8.22:
test/cbrecon/PT822/psft-xel-test.vbs For PeopleTools 8.45 through 8.47: test/cbrecon/psft-xel-test.vbs |
This VBScript file is used to test the PeopleSoft listener Web service by creating XML messages similar to the ones created by PeopleSoft User Management Reconciliation. |
For PeopleTools 8.22, the following files in the test/cbrecon/PT822 directory:
pingRequest.xml pingResponse.xml publishRequest.xml publishResponse.xml For PeopleTools 8.45 through 8.47, the following files in the pingRequest.xml pingResponse.xml publishRequest.xml publishResponse.xml |
These XML files are required by the psft-xel-test.vbs file for communicating with the PeopleSoft listener Web service using XML over HTTP. |
For PeopleTools 8.22:
test/cbrecon/PT822/USR_MGMT_MSG.xml For PeopleTools 8.45 through 8.47: test/cbrecon/USR_MGMT_MSG.xml |
This XML file is used by the psft-xel-test.vbs file to define the schema of the XML message that is received from PeopleSoft. |
test/config/config.properties |
This file is used to specify the parameters and settings required to connect to the target system by using the testing utility. |
test/config/log.properties |
This file is used to specify the log level and the directory in which the log file is to be created when you run the testing utility. |
test/config/attributemapping_prov.properties |
This file contains the parameters required for dynamic provisioning. |
test/config/attributemapping_recon.properties |
This file contains the parameters required for dynamic reconciliation. |
test/scripts/psftBase.bat test/scripts/psftBase.sh |
The BAT file or UNIX shell script calls the testing utility when the Oracle Identity Manager server is running Microsoft Windows or UNIX, respectively. |
For PeopleTools 8.22, the files in the resources/PT822 directory
For PeopleTools 8.45 through 8.47, the files in the |
Each of these files contains locale-specific information that is used by the connector. |
Note:
The files in the
test directory are used only to run tests on the connector.The "Step 2: Copying the Connector Files and External Code Files" section provides instructions to copy these files into the required directories.
You can use any one of the following methods to determine the release number of the connector.
To determine the release number of a connector:
Extract the contents of the PSFTBaseReconciliation.jar file. This file is in the following directory on the installation media:
Enterprise Applications/PeopleSoft Enterprise Applications/PeopleSoft User Management/lib/ScheduleTask
Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the PSFTBaseReconciliation.jar file.
In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.
Note:
If you maintain a copy of thePSFTBaseReconciliation.jar file after deployment, you can use this method to determine the release number of the connector at any stage. After you deploy the connector, it is recommended that you use the "After Deployment" method, which is described in the following section.To determine the release number of a connector that has already been deployed:
See Also:
Oracle Identity Manager Design Console GuideOpen the Oracle Identity Manager Design Console.
In the Form Designer, open the process form. The release number of the connector is the value of the Version field.
