3 Configuring the Target System and Oracle Identity Manager

This chapter discusses the following topics:

• Configuring the Target System

• Configuring Oracle Identity Manager

Note:

This section provides both conceptual and procedural information about configuring the connector. Oracle recommends that you read the conceptual information before you perform the procedures.

3.1 Configuring the Target System

This section discusses the following topics:

• Configuring the Target System for Full Reconciliation

• Configuring the Target System for Incremental Reconciliation

3.1.1 Configuring the Target System for Full Reconciliation

As described in Chapter 1, "About the Connector", full reconciliation is used to reconcile all the data in the target system into Oracle Identity Manager. The PeopleCode that is activated extracts the required employee information through certain components that are applicable, such as PERSONAL_DATA, JOB_DATA, and JOB_DATA_EMP.

Configuring the target system for full reconciliation involves preparing the flat file for full reconciliation by performing the following procedures:

1. Creating the Application Engine Program

   You have to create the Application Engine program only once when you are perform full reconciliation for the first time.

2. Running the Application Engine Program

   You must run the Application Engine program each time you want to perform full reconciliation.

3.1.1.1 Creating the Application Engine Program

The Application Engine program populates the flat file used to perform full reconciliation with employee information that requires reconciliation. To create the Application Engine program:

1. To open Application Designer in 2-tier mode, click Start, Programs, Peoplesoft8.x, and then Application Designer.

2. Select New from the File menu.

3. In the New Definition dialog box, select App Engine Program from the Definition list.

4. On the App Engine Program page, a plus sign (+) is displayed before the MAIN section in the Application Engine program under which there may be multiple steps. In each step, there may be some PeopleCode to be run. Click the plus sign (+). A step titled Step01 is added to MAIN.

5. Rename Step01 to Populate.

6. In the App Engine Program window, select Action from the Insert menu. An action is added to the Populate step.

7. Select PeopleCode from the list for the new action.

8. Click Save from the File menu to save the Application Engine program with the name BLKPRCS_HR.

9. Double-click the PeopleCode action. A new PeopleCode window is displayed.

10. In the PeopleCode window, copy the code from the OIM_HOME/xellerate/Scripts/HRMSBulkRecon.txt file. You must make the following changes in this code:

    • Modify the <ABSOLUTE_PATH_OF_THE_FILE> placeholder with the directory path for the output file. Change the sample directory path to a directory path on the target system server.

    • The code written to fetch the values of BIRTHDATE and HIREDATE is specific to Oracle Database. Therefore, depending on the database that Peoplesoft is running on, you may need to make changes in the code that you copy from the HRMSBulkRecon.txt file. For example:

      If you are running Peoplesoft on Microsoft SQL Server, then

      • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with convert (varchar, BIRTHDATE, 104)

      • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with convert (varchar, HIRE_DT, 104)

      If you are running Peoplesoft on Sybase, then

      • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with convert (char(6), BIRTHDATE, 12)

      • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with convert (char(6), HIRE_DT, 12)

      If you are running Peoplesoft on Informix, then

      • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with TO_CHAR (BIRTHDATE, " | """%d %m %y""" | ")

      • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with TO_CHAR(HIRE_DT, " | """%d %m %y""" | ")

11. If the PeopleSoft server is running on Microsoft SQL Server, then you may need to change the value of the XelServerDate property in the following file:

    OIM_HOME/xellerate/XLIntegrations/PSFTHR/config/configureReconciliation.properties
    

    Set the value of this property to the following:

    dd.mm.yy
    

    If PeopleSoft server is running on Oracle Database, then you need not change the value of the XelServerDate property.

12. Save the Application Engine program and close the window.

3.1.1.2 Running the Application Engine Program

The procedure to run the Application Engine program depends on the release of PeopleTools that you are using:

• Running the Application Engine Program on PeopleTools 8.22

• Running the Application Engine Program on PeopleTools 8.45 Through 8.48

Running the Application Engine Program on PeopleTools 8.22

To run the Application Engine program on PeopleTools 8.22:

1. Log in to PeopleSoft Internet Architecture.

2. Click People Tools, Process Scheduler Manager, Use, and Process Definitions.

3. On the Process Definitions page, click Add a New value.

4. Select Application Engine from the Process Type list.

5. Enter the name of the Application Engine program as the process name, BLKPRCS_HR.

6. Click Add.

7. Select the Application Engine program from the search results that are displayed when you click Add.

8. On the Process Definition Options tab, specify the following values:

   • Run Location: Server

   • Server Name: PSNT

   • Component: PRCSMULTI

   • Process Groups: ALLPANLS

9. Click Save.

10. Return to the home page.

11. Click People Tools, Process Scheduler Manager, Process, and Sample Processes.

12. On the Sample Processes page, click Add a New value.

13. Specify a run control ID, and then click Add.

    Note:

    A run control ID is used as a key for records that contain the parameters required by a process at run time. If the parameters are stored in a table that the process can query using the run control ID and user ID, then the process can run without user intervention.

14. Click Run.

15. On the Process Scheduler Request page, specify the server name.

16. Select the Application Engine program name, and then click OK.

17. Click Process Monitor to verify the status of the process.

    After the process status changes to Success, the comma-separated flat file is created at the location specified in the code that you copy from the HRMSBulkRecon.txt file.

Running the Application Engine Program on PeopleTools 8.45 Through 8.48

Note:

For the Application Engine program to run in 2-tier mode, the database client must be installed on the server used for accessing the application designer. To switch to the 2-tier mode, you select Connection Type as the database on the PeopleSoft sign-on screen.

To run the Application Engine program on PeopleTools 8.45 through 8.48:

1. Click Start, Programs, Peoplesoft8.x, and then Application Designer. The Application Designer window is displayed in 2-tier mode.

2. Specify the connection type, user ID, and password.

3. To open the Application Engine program that you create:

   1. From the File menu, select Open and then select Application Engine Program from the Object Type list.

   2. Select BLKPRCS_HR, and then click Open.

4. Click the RUN PROGRAM control on the toolbar below the menu bar. The comma-separated flat file containing employee records is created at the location specified in the code that you copy from the HRMSBulkRecon.txt file.

3.1.2 Configuring the Target System for Incremental Reconciliation

Configuring the target system for incremental reconciliation involves creating messages and message channels, publishing messages by writing PeopleCode that is used to populate and send messages from PeopleSoft Integration Broker to other systems, and configuring Integration Broker.

Note:

In PeopleTools 8.48 and HCM 9.0, queues replace message channels.

A message is the physical container for the XML data that is sent from PeopleSoft Enterprise Applications. Message definitions provide the physical description of data that is sent from PeopleSoft Enterprise Applications. This data includes fields, field types, and field lengths. A message channel is used to carry messages. It is a mechanism for structuring data into logical groups. Each message can belong to only one message channel.

After messages are created and associated with their respective message channels, you must publish the messages, which involves writing the PeopleCode in the application designer. This is because PeopleSoft Integration Broker and Oracle Identity Manager communicate through the exchange of XML messages and a message can only be started by using specific instructions in the PeopleCode.

Note:

The procedures to create messages, message channels, and publishing messages depend on the version of the target system being used. The procedure to configure PeopleSoft Integration Broker depends on the version of PeopleTools being used.

Setting the PeopleSoft Integration Broker gateway is mandatory when you configure PeopleSoft Integration Broker. To subscribe to XML data, Oracle Identity Manager can accept and process XML messages posted by PeopleSoft by using PeopleSoft connectors located in the PeopleSoft Integration Broker gateway. These connectors are Java programs that are controlled by the PeopleSoft Integration Broker gateway and, in turn, control the location of the XML files.

This gateway is a program that runs on the PeopleSoft Web server. It acts as a physical hub between PeopleSoft and other PeopleSoft applications (or third-party systems, such as Oracle Identity Manager). The gateway manages the receipt and delivery of messages passed among systems through PeopleSoft Integration Broker.

To configure the target system for incremental reconciliation, you must perform the following procedures:

Note:

You must use an administrator account to perform the following procedures.

1. Creating the Message Channel

2. Creating the Message

3. Publishing the Message

4. Configuring PeopleSoft Integration Broker

3.1.2.1 Creating the Message Channel

The procedure to create a message channel varies depending on the version of the target system that you are using:

• Creating the Message Channel on PeopleSoft HRMS 8.3 SP1

• Creating the Message Channel on PeopleSoft HRMS 8.9

• Creating the Queue on PeopleSoft HCM 9.0

3.1.2.1.1 Creating the Message Channel on PeopleSoft HRMS 8.3 SP1

To create the message channel on PeopleSoft HRMS 8.3 SP1:

1. Click Start, Programs, and Application Designer. The Application Designer window is displayed in the 2-tier mode.

2. Select New from the File menu.

3. In the New Definition dialog box, select Message Channel, and then click OK.

4. Save the new message channel as PERSON_BASIC.

5. Select Definition Properties from the File menu.

6. In the Message Channel Properties dialog box, select the Run option, and then select Archive Messages.

7. Click OK, and then save the message.

3.1.2.1.2 Creating the Message Channel on PeopleSoft HRMS 8.9

To create the message channel on PeopleSoft HRMS 8.9:

1. Click Start, Programs, and Application Designer. The Application Designer window is displayed in the 2-tier mode.

2. Select New from the File menu.

3. In the New Definition dialog box, select Message Channel, and then click OK.

4. Save the new message channel as PERSON_BASIC.

5. Select Object Properties from the File menu.

6. In the Message Channel Properties dialog box, select the Use tab, select the Run option, and then select Archive Messages check box.

7. Click OK, and then save the message channel.

3.1.2.1.3 Creating the Queue on PeopleSoft HCM 9.0

To create the queue on PeopleSoft HCM 9.0:

1. In the PeopleSoft Internet Architecture window, expand People Tools, Integration Broker, and Integration Setup, and then click Queue.

2. On the Add a New Value tab, enter the queue name, for example, PSFT_HR_QUEUE, and then click Add.

3. On the Queue Definition tab, select the archive check box.

4. Select Run from the Queue Status list.

5. Click Save to save the changes.

3.1.2.2 Creating the Message

The procedure to create a message varies depending on the version of the target system that you are using:

• Creating the Message on PeopleSoft HRMS 8.3 SP1

• Creating the Message on PeopleSoft HRMS 8.9

• Creating the Message on PeopleSoft HCM 9.0

3.1.2.2.1 Creating the Message on PeopleSoft HRMS 8.3 SP1

To create the message on PeopleSoft HRMS 8.3 SP1:

1. Click Start, Programs, and Application Designer. The Application Designer window is displayed.

2. Select New from the File menu.

3. In the New Definition dialog box, select Message from the list, and then click OK.

4. Select Definition Properties from the File menu.

5. In the Message Properties dialog box, click the Use tab.

6. On the Use tab, select the PERSON_BASIC message channel and the version of the message that you create from the Version list. By doing this, you associate the message with the message channel created in the "Creating the Message Channel on PeopleSoft HRMS 8.3 SP1" section.

7. Select Active to make the message an active message, and then click OK.

8. Right-click VERSION_1, and select the Insert Child Record option.

9. In the Insert Record window, enter PERSONAL_DATA in the Name field, click Insert, and then click Close.

10. Click PERSONAL_DATA under VERSION_1. All the fields that constitute the PERSONAL_DATA records are displayed.

    By default, all the fields are selected. Deselect the check boxes for the fields that are not required for the message XML file to be generated. Refer to the OIM_HOME/xellerate/XLIntegrations/PSFTHR/cbrecon/psft_xellerate_msg.xml file for information about the fields in the message XML file.

11. Repeat Steps 8 through 10 for the PS_PERS_NID, EMPLOYMENT, and JOB records.

12. Save the message as PSFT_XELLERATE_MSG.

3.1.2.2.2 Creating the Message on PeopleSoft HRMS 8.9

To create the message on PeopleSoft HRMS 8.9:

1. Click Start, Programs, and Application Designer. The Application Designer window is displayed.

2. Select New from the File menu.

3. In the New Definition dialog box, select Message from the list and then click OK.

4. Select Object Properties from the File menu.

5. In the Message Properties dialog box, click the Use tab.

6. On the Use tab, select the PERSON_BASIC message channel and the version of the message that you create in Step 2 of this procedure. By doing this, you associate the message with the message channel created in the "Creating the Message Channel on PeopleSoft HRMS 8.9" section.

7. Select Active to make the message an active message and then click OK to close the dialog box.

8. Save the message as PSFT_XELLERATE_MSG.

   You can also save this message with a name of your choice. If you do so, then you must make the same change in the code that you copy from the HRMSCBRecon.txt file while performing the procedure described in the "Publishing the Message on PeopleSoft HRMS 8.9 or HCM 9.0" section.

3.1.2.2.3 Creating the Message on PeopleSoft HCM 9.0

To create the message on PeopleSoft HCM 9.0:

1. In the PeopleSoft Internet Architecture window, expand People Tools, Integration Broker, and Integration Setup, and then click Message.

2. On the Add a New Value tab, enter the message name, for example, PSFT_XELLERATE_MSG. In addition, enter the version in the Version field. The valid values for this field are version_1 or v1.

3. Click Add.

4. On the Message Definition tab, select Nonrowset-based as the message type.

5. Click Save to save the changes.

3.1.2.3 Publishing the Message

The procedure to publish the message depends on the target system version that you are using:

• Publishing the Message on PeopleSoft HRMS 8.3 SP1

• Publishing the Message on PeopleSoft HRMS 8.9 or HCM 9.0

3.1.2.3.1 Publishing the Message on PeopleSoft HRMS 8.3 SP1

To publish the message on PeopleSoft HRMS 8.3 SP1:

1. Click Start, Programs, Peoplesoft8.x, and then Application Designer. The Application Designer window is displayed in 2-tier mode.

   Note:

   To run the Application Designer in 2-tier mode, you must have the database client, which is the client of the database that PeopleSoft is using, installed on the server. In addition, you must select the appropriate database type from the Connection Type field (for example, Oracle Database) while providing sign-on information in the PeopleSoft Application Designer Signon window.

2. Select Open from the File menu. The Open Definition dialog box is displayed.

3. Select Component from the Definition list, enter PERSONAL_DATA in the Name Selection Criteria field, and then click Enter. All component names starting with the text PERSONAL_DATA are displayed.

4. Select PERSONAL_DATA from the list, and then click Open. The details of the PERSONAL_DATA component are displayed.

5. Click the Structure tab, right-click PERSONAL_DATA, and then select View PeopleCode. The PeopleCode for the PERSONAL_DATA component is displayed.

6. Select the SavePostChange event from the list in the upper-right corner of the window. The PeopleCode for this event is displayed.

7. Copy the code given in the following file immediately after the import definitions in the PeopleCode for the SavePostChange event:

   For PeopleTools 8.22:

   OIM_HOME/xellerate/Scripts/HRMSCBRecon.txt
   

   For PeopleTools 8.45 through 8.47:

   OIM_HOME/xellerate/Scripts/HRMSCBRecon_8.45-8.47.txt
   

   For PeopleTools 8.48:

   OIM_HOME/xellerate/Scripts/HRMSCBRecon-8.48.txt
   

   Note:

   While creating the message by following the procedure described in the "Creating the Message on PeopleSoft HRMS 8.3 SP1" section, if you change the name of the message to something other than PSFT_XELLERATE_MSG, then you must use the same name in the code that you copy.

   The code written to fetch the values of BIRTHDATE and HIREDATE is specific to Oracle Database. You must modify this code based on the database you are using. For example:

   If you are running Peoplesoft on Microsoft SQL Server, then

   • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with convert (varchar, BIRTHDATE, 104)

   • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with convert (varchar, HIRE_DT, 104)

   If you are running Peoplesoft on Sybase, then

   • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with convert (char(6), BIRTHDATE, 12)

   • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with convert (char(6), HIRE_DT, 12)

   If you are running Peoplesoft on Informix, then

   • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with TO_CHAR (BIRTHDATE, " | """%d %m %y""" | ")

   • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with TO_CHAR(HIRE_DT, " | """%d %m %y""" | ")

8. Select Save from the File menu to save the changes to the PERSONAL_DATA component.

   You must repeat Steps 2 through 8 if you want to publish messages on the following components also:

   • JOB_DATA

   • JOB_DATA_HIRE

3.1.2.3.2 Publishing the Message on PeopleSoft HRMS 8.9 or HCM 9.0

To publish the message on PeopleSoft HRMS 8.9 or HCM 9.0:

1. Click Start, Programs, Peoplesoft8.x, and then Application Designer. The Application Designer window is displayed in 2-tier mode

   Note:

   To run the Application Designer in 2-tier mode, you must have the database client, which is the client of the database that PeopleSoft is using, installed on the server. In addition, you must select the appropriate database type from the Connection Type field (for example, Oracle Database) while providing sign-on information in the PeopleSoft Application Designer Signon window.

2. Select Open from the File menu. The Open Definition dialog box is displayed.

3. Select Component from the Definition list, enter PERSONAL_DATA in the Name Selection Criteria field, and then press Enter. All component names starting with the text PERSONAL_DATA are displayed.

4. Select PERSONAL_DATA from the list, and then click Open. The details of the PERSONAL_DATA component are displayed.

5. Click the Structure tab, right-click PERSONAL_DATA, and then select View PeopleCode. The PeopleCode for the PERSONAL_DATA component is displayed.

6. Select the SavePostChange event from the list in the upper-left corner of the window. The PeopleCode for this event is displayed.

7. Copy the code given in the following file immediately after the import definitions in the PeopleCode for the SavePostChange event:

   OIM_HOME/xellerate/Scripts/HRMSCBRecon.txt
   

   Note:

   While creating the message by following the procedure described in the "Creating the Message on PeopleSoft HRMS 8.9" section, if you change the name of the message to something other than PSFT_XELLERATE_MSG, then you must use the same name in the code that you copy.

   The code written to fetch the values of BIRTHDATE and HIREDATE is specific to Oracle Database. You must modify this code based on the database you are using. For example:

   If you are running Peoplesoft on Microsoft SQL Server, then

   • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with convert (varchar, BIRTHDATE, 104)

   • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with convert (varchar, HIRE_DT, 104)

   If you are running Peoplesoft on Sybase, then

   • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with convert (char(6), BIRTHDATE, 12)

   • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with convert (char(6), HIRE_DT, 12)

   If you are running Peoplesoft on Informix, then

   • Replace TO_CHAR(BIRTHDATE, 'ddmmyy') with TO_CHAR (BIRTHDATE, " | """%d %m %y""" | ")

   • Replace TO_CHAR(HIRE_DT, 'ddmmyy') with TO_CHAR(HIRE_DT, " | """%d %m %y""" | ")

8. Select Save from the File menu to save the changes to the PERSONAL_DATA component.

9. Add the following function call code at the end of the PeopleCode for the SavePostChange event:

   Note:

   Perform this step after you copy the code.

   /**********************************************************************/
   /*  Calling the Generate function to generate the 
   PSFT_XELLERATE_MSG message*/
   /**********************************************************************/
   Local string &emplid;
   &emplid = PERSON.EMPLID;
   GENERATE(&emplid);
   

10. To save the changes to the component that you created in Step 5, select Save from the File menu.

    You must repeat Steps 2 through 10 if you want to publish messages on the following components also:

    • JOB_DATA

    • JOB_DATA_EMP

3.1.2.4 Configuring PeopleSoft Integration Broker

The procedure to configure PeopleSoft Integration Broker depends on the release of PeopleTools that you are using.

Note:

While configuring PeopleSoft Integration Broker, you perform some of the procedures in PeopleSoft Internet Architecture and some in the Application Designer. For example, for PeopleTools 8.22 and PeopleTools 8.45 through 8.47, some of the configuration steps must be performed in PeopleSoft Internet Architecture and some in the Application Designer. For PeopleTools 8.48, all of the configuration steps must be performed in PeopleSoft Internet Architecture.

The following section explains the procedure to configure PeopleSoft Integration Broker on PeopleTools 8.22:

• Configuring PeopleSoft Integration Broker on PeopleTools 8.22

The following sections explain the procedures to configure PeopleSoft Integration Broker on PeopleTools 8.45 through 8.47 and PeopleTools 8.48:

• Configuring PeopleSoft Integration Broker Gateway on PeopleTools 8.45 Through 8.48

• Configuring PeopleSoft Integration Broker on PeopleTools 8.45 Through 8.47

• Configuring PeopleSoft Integration Broker on PeopleTools 8.48

3.1.2.4.1 Configuring PeopleSoft Integration Broker on PeopleTools 8.22

To configure PeopleSoft Integration Broker on PeopleTools 8.22:

Note:

Configuring the PeopleSoft Integration Broker gateway is a part of the procedure to configure the PeopleSoft Integration Broker on PeopleTools 8.22.

1. To create the XL_NODE remote node:

   1. In the Application Designer, select New from the File menu.

   2. In the New Definition dialog box, select Message Node from the list, and then click OK.

   3. Right-click anywhere in the white space, and then select Insert Location. The Location dialog box is displayed.

   4. Enter the URL for the PeopleSoft Integration Broker gateway in the following format:

      http://hostname:port/servlets/gateway
      

      In this URL, hostname is the application server that hosts PeopleSoft and port is the port number at which the application server is listening.

   5. Select Object Properties from the File menu.

   6. In the Message Node Properties dialog box, select the Use tab. Ensure that Local Node is not selected.

   7. Save the remote node as XL_NODE.

2. To configure the PERSON_BASIC message channel:

   1. From the File menu, select Open and then click Message Channel.

   2. To open the PERSON_BASIC message channel, select PERSON_BASIC.

   3. Click the Routing Rules tab.

   4. Right-click anywhere in the white space, and then select Insert Message Node.

   5. In the Insert Message Node dialog box, select the XL_NODE message node, and then click Insert.

   6. Close the dialog box.

   7. Right-click the message node displayed on the Routing Rules tab.

   8. Point to Routing Direction, and then select Publish To.

   9. Save the message channel.

3. To configure the PeopleSoft Integration Broker gateway so that messages can be sent through the gateway to Oracle Identity Manager:

   Note:

   The Simple File Handler mentioned in this procedure is a utility in PeopleTools 8.22 that can receive messages published by a PeopleSoft node and write these messages to a file that can be used by third-party systems.

   1. In a Web browser, use a URL with the following format to open the Handler Directory page (configuration window for the PeopleSoft Integration Broker gateway):

      http://hostname:port/servlets/gateway.administration
      

      For example:

      http://10.121.16.42:8080/peopleSoftApp/do/peopleSoftAction
      

      In this URL, hostname is the application server that hosts PeopleSoft and port is the port number at which the application server is listening.

   2. Click Add Handler.

   3. On the Add Handler page, enter the full name of the Simple File Handler class, psft.pt8.filehandler.SimpleFileHandler.

   4. Click Save.

   5. To load the handler, on the Handler Directory page, click Load.

      After the handler is loaded, the "Loaded successfully" message is displayed in the Status column.

   6. Click Configure.

   7. Click Add a file handler node.

   8. In the Node Name field on the Add File Handler Node page, enter the name of the message node that you create, XL_NODE.

   9. Specify the output directory in which the published messages are to be stored.

   10. Select Include Header.

   11. Click Save.

4. XML messages are generated by the PeopleTools 8.22 Simple File Handler. To publish these messages to the PeopleSoft connector, create a Microsoft Windows scheduled task as follows. You must create the scheduled task on the computer on which the PeopleSoft Web server is running.

   Note:

   The Microsoft Windows scheduled task calls a Java program that communicates with a servlet deployed on the Oracle Identity Manager server. The servlet parses the message and sends reconciliation events to Oracle Identity Manager.

   The servlet sends a return code based on the status of the reconciliation event. If the reconciliation event is successfully sent, then the message file is deleted or archived. Otherwise, the message file is left unchanged. The next time the scheduled task is run, another attempt is made to send the message.

   1. Copy the xliMsgPublisher.jar and publish.bat files from the OIM_HOME/xellerate/lib/MsgPublisher directory to a directory on the target system server.

   2. Use a text editor to open the publish.bat file, and then make the following changes in the file:

      i. Change the value of the JAVA_HOME variable so that it points to the JDK installation directory on the computer on which the PeopleSoft Web server is running.

      ii. Specify the following values in the Java command given at the end of the file:

      - PeopleSoft_listener_servlet_URL: This is the URL of the servlet that listens for reconciliation events generated using PeopleSoft Application Messaging.

      - Output_directory_for_XML_messages: This is the PeopleSoft Web server directory in which you want published messages to be stored. You have already specified the output directory while performing Step 3.i of this procedure.

      - XML_message_name: This is the message name created while configuring the target. Refer to the "Creating the Message" section for more information.

      - console_log_file_path: This is the full path and the name of the directory in which the log file must be generated.

      The command is in the following format:

      java com.thortech.xl.Integration.msgpublisher.PeopleSoftPublisher "PeopleSoft_listener_servlet_URL" "Output_directory_for_XML_messages" XML_message_name >> console_log_file_path
      

      For example:

      java Com.thortech.xl.Integration.msgpublisher.PeopleSoftPublisher "http://host:port/peopleSoftApp/do/peopleSoftAction" "C:/test/file" PSFT_XELLERATE_MSG >> c:/test/consolelog.log
      

      In the PeopleSoft listener servlet URL specified in this example, hostname is the IP address or host name of the application server on which Oracle Identity Manager is running and port is the HTTP port at which the application server listens for incoming messages.

   3. Save and close the batch file.

   4. On the On the computer on which the PeopleSoft Web server is running, click Start, Settings, and Control Open.

   5. Double-click Scheduled Tasks.

   6. Click Add Schedule Task, and then click Next.

   7. Click Browse, and then select the publish.bat file from the directory in which you save it.

   8. Select Daily, click Next, and then click Next again.

   9. Enter the user ID and password for the scheduled task to run.

   10. Select Open Advance properties.

   11. Click Finish.

   12. On the Schedule tab, click Advanced.

   13. Select Repeat Task.

   14. Select the frequency at which you want the task to run.

   15. Click OK, and then click OK again to close the window.

3.1.2.4.2 Configuring PeopleSoft Integration Broker Gateway on PeopleTools 8.45 Through 8.48

To configure the PeopleSoft Integration Broker gateway on PeopleTools 8.45 through 8.48:

1. Open a Web browser and enter the URL for PeopleSoft Internet Architecture. The URL for PeopleSoft Internet Architecture is in the following format:

   http://servername/psp/ps/Databasename/?cmd=login
   

   For example:

   http://psftserver.acme.com/psp/ps/TestDB/?cmd=login
   

2. Expand PeopleTools, Integration Broker, Configuration, and then Gateways. The Gateway component details are displayed.

3. Enter LOCAL in the Integration Gateway ID field, and then click Search. The LOCAL gateway is a default gateway that is created when you install PIA.

4. Ensure that the IP address specified in the URL of the PeopleSoft listening connector is the IP address of the computer on which the target system is installed. The URL of the PeopleSoft listening connector is in the following format:

   http://computer_name_of_the_PeopleSoft_Web_server/IP address:port/PSIGW/PeopleSoftListeningConnector
   

   For example:

   http://10.121.16.42:80/PSIGW/PeopleSoftListeningConnector
   

5. To load all target connectors that are registered with the LOCAL gateway, click Load Gateway Connectors.

6. Click Save.

7. Click Ping Gateway to check if the gateway component is active.

3.1.2.4.3 Configuring PeopleSoft Integration Broker on PeopleTools 8.45 Through 8.47

To configure PeopleSoft Integration Broker on PeopleTools 8.45 through 8.47:

To create the XL_NODE node to serve as the remote node:

1. In the PIA window, expand PeopleTools, Integration Broker, Integration Setup, and then click Node Definitions.

2. Click the Add a New Value tab.

3. On the Add a New Value tab, enter XL_NODE as the node name and then click Add.

4. On the Node Definition tab, enter a description for the node in the Description field.

5. Make this node a remote node by deselecting the Local Node check box and selecting the Active Node check box.

6. On the Connectors tab, enter the following information and then perform a lookup:

   Gateway ID: LOCAL

   Connector ID: HTTPTARGET

7. On the Properties subpage in the Connectors tab, enter the following information:

   Property ID: HTTPTARGET

   Property Name: URL

   Required value: Enter the URL of the PeopleSoft servlet that is supposed to receive the XML message. This URL must be in the following format:

   http://computer name of the Oracle Identity Manager server/IP address:port/peopleSoftApp/do/peopleSoftAction
   

   For example:

   http://10.121.16.42:8080/peopleSoftApp/do/peopleSoftAction
   

8. Click the Ping Node button to check if a connection is established with the specified IP address.

9. On the Transactions tab, click Add Transaction. The Add Transaction dialog box is displayed.

10. Enter the following details to define a new transaction:

    Transaction Type: Outbound Asynchronous

    Request Message: PSFT_XELLERATE_MSG

    Request Message Version: VERSION_1

11. Click Add.

12. To keep the status as active, select Active.

13. Click Save to save the changes.

To secure the PERSON_BASIC message channel:

1. In PIA, expand PeopleTools, Security, Permission & Roles, and Permission Lists.

2. Select AEAE1000. The AEAE1000 permission list is displayed.

3. Select the Message Monitor tab, and then click the plus sign (+) to add a channel name.

4. Specify PERSON_BASIC as the channel name, and select FULL as the access level.

5. Click Save.

To verify that the PERSON_BASIC message channel is in running mode:

1. Expand PeopleTools, Integration Broker, Monitor Integration, and Monitor Message.

2. Click the Channel Status tab.

3. Verify that the PERSON_BASIC message channel is running. If it is paused, then click Run.

3.1.2.4.4 Configuring PeopleSoft Integration Broker on PeopleTools 8.48

To configure PeopleSoft Integration Broker on PeopleTools 8.48:

1. Create a remote node by performing the following steps:

   1. In PeopleSoft Internet Architecture, expand PeopleTools, Integration Broker, Integration Setup, and then click Nodes.

   2. On the Add a New Value tab, enter the node name, for example, HT_NODE, and then click Add.

   3. On the Node Definition tab, enter a description for the node in the Description field. In addition, enter PS in the Default User ID field.

   4. Make this node a remote node by deselecting the Local Node check box and selecting the Active Node check box.

   5. On the Connectors tab, enter the following information:

      Gateway ID: LOCAL

      Connector ID: HTTPTARGET

   6. Click the Ping Node button to check if a connection is established with the specified IP address.

   7. On the Properties subpage in the Connectors tab, enter the following information:

      Property ID: PRIMARYURL

      Property Name: URL

      Required value: Enter the URL of the PeopleSoft servlet that is supposed to receive the XML message. This URL must be in the following format:

      http://computer name of the Oracle Identity Manager server/IP address:port/peopleSoftApp/do/peopleSoftAction
      

      For example:

      http://10.121.16.42:8080/peopleSoftApp/do/peopleSoftAction
      

   8. Click Save to save the changes.

2. Create a service by performing the following steps:

   1. In PeopleSoft Internet Architecture, expand PeopleTools, Integration Broker, Integration Setup, and then click Service.

   2. On the Add a New Value tab, enter the service name, for example, PSFT_HR_SERVICE, and then click Add.

   3. On the Service Definition tab, enter a description for the service in the Description field.

   4. Click Save to save the changes.

3. Create a service operation by performing the following steps:

   1. In the PeopleSoft Internet Architecture window, expand PeopleTools, Integration Broker, Integration Setup, and then click Service Operation.

   2. On the Add a New Value tab, enter the service name for which you are creating the service operation. In addition, enter the service operation name. The name of the service operation must be the same as that of the service that you created in Step 2 of the "Creating the Message on PeopleSoft HCM 9.0" section, for example, PSFT_HR_SERVICE.

   3. From the Operation type list, select Asynchronous-Oneway, and then click Add.

   4. On the General tab of the Service Operation Definition page, enter a description for the Operation type in the Operation Description field. In addition, enter PSFT_XELLERATE_MSG.V1 in the Message.Version field and PSFT_HR_QUEUE in the Queue Name field.

   5. Click Save to save the changes.

   6. On the Routing tab, enter PSFT_HR_ROUTING as the routing name and then click Add.

   7. On the Routing Definition tab, enter PSFT_HR in the Sender Node field and PSFT_HR_NODE in the Receiver Node field.

   8. Click Save to save the changes.

      Before you start sending the XML messages from the target system to Oracle Identity Manager, you must verify if the PeopleSoft node is running. You can do so by clicking the Ping Node button in the Connectors tab. To access the Connectors tab, click PeopleTools, Integration Broker, and then Nodes.

      If the Oracle Identity Manager server is not running when a message is published, then the message is added to a queue. You can check the status of the message in the queue in the Message Instance tab. This tab lists all the published messages in queue. When you check the details of the particular message, you will find the status listed as Timeout or Error.

      To publish a message in the queue to Oracle Identity Manager, resubmit the message when Oracle Identity Manager is running. See "Publishing the Message" for more information.

      If the status of the message is New or Started and it does not change to Timeout or Done, then you must restart the PeopleSoft application server after you restart the Oracle Identity Manager server.

3.2 Configuring Oracle Identity Manager

Configuring Oracle Identity Manager for this connector involves configuring reconciliation only. As mentioned earlier in this guide, reconciliation involves duplicating in Oracle Identity Manager new and modified employee information from the target system.

This section discusses the following topics:

• Configuring Full Reconciliation

• Configuring Incremental Reconciliation

3.2.1 Configuring Full Reconciliation

This section discusses the following topics:

• Configuring the Reconciliation Scheduled Tasks

• Configuring the IndexOfLastReconciledRecord Parameter

• Adding Custom Attributes for Full Reconciliation

• Limited Reconciliation

3.2.1.1 Configuring the Reconciliation Scheduled Tasks

When you perform the procedure described in the "Step 4: Importing the Connector XML Files" section, the scheduled task is automatically created in Oracle Identity Manager. To perform a full reconciliation run, you must configure the scheduled task to reconcile the users in Oracle Identity Manager depending on the values that the user has specified in the scheduled task attributes.

Note:

You can perform a full reconciliation run at any future date or time for the following specified intervals:

• Daily

• Weekly

• Monthly

• Yearly

• Recurring intervals

Alternatively, you can configure a scheduled task attribute to run once on the specified date and time.

To specify values for the attributes of the scheduled task, perform the following:

1. Open the Oracle Identity Manager Design Console.

2. Expand the Administration folder.

3. Select Task Scheduler.

4. Click Find, and look for the scheduled task named PSFTHRTrustedUserRecon in the Task Scheduler table.

5. Enter a number in the Max Retries field. This number represents the number of times Oracle Identity Manager must attempt to complete the task before assigning the FAILED status to the task.

6. Ensure that the Disabled and Stop Execution check boxes are not selected.

7. In the Start region, double-click the Start Time field and select the date and time at which you want the task to run.

8. To set the task to run only once, select the Once option in the Interval region.

9. Provide values for the attributes of the scheduled task. Refer to the "Specifying Values for the Scheduled Task Attributes" section for information about the values to be specified.

10. Click Save. The scheduled task is configured. The INACTIVE status is displayed in the Status field, because the task is not currently running. The task is run only at the date and time that you specify in Step 7.

After you configure the scheduled task, proceed to the "Configuring Incremental Reconciliation" section.

3.2.1.1.1 Specifying Values for the Scheduled Task Attributes

The user reconciliation scheduled task has been defined as two scheduled tasks, one for trusted employee reconciliation and the other for target resource employee reconciliation. However, you must use only the scheduled task for trusted employee reconciliation for the target system.

You must specify values for the attributes of the PSFTHRTrustedUserRecon employee reconciliation scheduled task. The following table describes the attributes of the scheduled task.

Note:

• Default attribute values are predefined in the connector XML file that you import. Specify values only for the attributes that you want to change.

• Values (either default or user-defined) must be assigned to (or specified by default for) all the attributes. If even a single attribute value were left empty, then reconciliation would not be performed.

• Do not make changes in the scheduled task for target resource reconciliation, PSFTHRNonTrustedUserRecon. This scheduled task is not meant to be used with this connector.

Attribute Name	Description	Sample Value
FolderPath	Directory path on the Oracle Identity Manager server where employee reconciliation files generated by the target system are to be stored Note: The folder path must contain only the text file that is generated when you run the application engine. The Task Scheduler searches for text files. Therefore, the specified path must only contain the file to be read by the Task Scheduler. The value of the folder path must end in \.	C:\PSFTHR\UserRecon\
TargetSystem	Name of the resource object	PSFT_HR_RO
IsTrusted	Specifies whether or not reconciliation is to be performed in trusted mode. For this connector, only trusted source reconciliation is configured. Therefore, this attribute value must always be set to Yes.	Yes
XellerateOrganization	Default name for the Oracle Identity Manager organization This value is used to create the Xellerate User in trusted source reconciliation mode. The value that you specify must exist in Oracle Identity Manager. Note: This attribute is specific to the scheduled task for trusted source reconciliation.	Xellerate Users
NoOfRecordsToBeReconciled	Specifies the number of records to be reconciled You must enter any integer value greater than zero. Refer to the "Specifying the Number of Records to Be Reconciled" section for more information about this attribute. Default value: all	Any integer value greater than zero
Lastname	Specifies the Lastname attribute value for which you want to perform reconciliation During reconciliation, only those target system records that contain the Lastname value you specify are reconciled. For more information about how this reconciliation is performed, refer to the "Limited Reconciliation".	Nodata
Postal	Specifies the Postal attribute value for which you want to perform reconciliation During reconciliation, only those target system records that contain the Postal value you specify are reconciled.	Nodata
DeptId	Specifies the DeptId attribute value for which you want to perform reconciliation During reconciliation, only those target system records that contain the DeptId value you specify are reconciled.	Nodata
Operator	Specifies the operator that you want to apply to the target system attributes for which you specify a value other than nodata This operator value can be AND or OR based on which the data is joined accordingly for any combination of the following fields: Lastname, Postal, DeptId. During reconciliation, only those target system records that contain the specified combination of the Lastname, Postal, and DeptId fields are reconciled.	AND
ServerName	Name of the IT resource defined for the PeopleSoft application target system.	PSFT_Employee

After you specify values for these task attributes, go to Step 10 of the procedure to create scheduled tasks.

3.2.1.1.2 Specifying the Number of Records to Be Reconciled

During a reconciliation run, all changes in the target system records are reconciled into Oracle Identity Manager. Depending on the number of records to be reconciled, this process may require a large amount of time. In addition, if the connection breaks during reconciliation, then the process would take longer to complete.

To reduce the reconciliation time, you can specify the number of records to be reconciled. To do this, you specify a value for the NoOfRecordsToBeReconciled scheduled task attribute.

You specify a value for the NoOfRecordsToBeReconciled attribute by following the instructions described in the "Specifying Values for the Scheduled Task Attributes" section.

3.2.1.2 Configuring the IndexOfLastReconciledRecord Parameter

You specify a value for the IndexOfLastReconciledRecord IT resource parameter when you want to perform full reconciliation. At the start of the first full reconciliation run, the value of this parameter is -1. At the end of each subsequent full reconciliation run, this parameter stores the index number of the last record reconciled during the previous reconciliation run.

Whenever you want to perform a full reconciliation run, change the value of the IndexOfLastReconciledRecord parameter to -1. To change the value of this parameter:

1. Log in to the Oracle Identity Manager Design Console.

2. Expand Resource Management.

3. Double-click IT Resources.

4. Locate the PSFT_Employee IT resource.

5. Change the value of the IndexOfLastReconciledRecord parameter to -1.

3.2.1.3 Adding Custom Attributes for Full Reconciliation

To add custom attributes for full reconciliation:

Note:

The procedure described in this section is the same for all certified versions of PeopleTools. If you do not want to add custom attributes for full reconciliation, then you can skip this section.

1. In PeopleSoft Application Designer:

   Note:

   Step 1 is mandatory if you are using PeopleTools 8.22.

   1. Select Open from the File menu. The Open Definition dialog box is displayed.

   2. Select Message from the Definition list, enter PSFT_XELLERATE_MSG in the Name Selection Criteria field, and then click Enter. The details of the PSFT_XELLERATE_MSG message are displayed.

   3. Click the record to which you want to add custom attributes.

      For example, suppose you want to add the Salary attribute, SALARY, in the JOB record, then click JOB under VERSION_1.

   4. Select the check box for the required attribute, and then save the message.

      For example, select the SALARY field.

2. Modify the header and the queries written in the application engine code (BLKPRCS_HR). For example, if you want to reconcile a new column with the name SALARY, then you must make the following changes in the application engine code:

   Local string &empid, &lastnm, &firstnm, &sex, &postal, &city, &ssn, &ph, &birthdt, &country, &add1, &state, &hir_dt, &deptid, &jobcd, &salary;
   
   &hdr = "EMPLID,LASTNAME,FIRSTNAME,SEX,POSTAL,CITY,SSN,PHONE,BIRTHDATE,COUNTRY,ADDRESS,STATE,HIRE_DATE,DEPTID,JOBCODE,SALARY";
   

   If the SALARY column exists in the ps_job table, the SQL statement will be:

   SQLExec("select DEPTID, JOBCODE, SALARY from ps_job a where emplid =:1 and effdt=(select max(effdt) from ps_job b where a.emplid=b.emplid and effseq =(select max(effseq) from ps_job c where b.emplid = c.emplid and b.effdt=c.effdt))", &empid, &deptid, &jobcd, &salary);
   

3. Open the process form located in the Development Tools folder of the Oracle Identity Manage Design Console.

   See Also:

   Oracle Identity Manager Design Console for more information about this step and the remaining steps of this procedure

4. Click Create New Version.

5. In the Create a New Version dialog box, specify the version name in the Label field. Save the changes, and then close the dialog box.

6. From the Current Version list, select the newly created version.

7. On the Additional Columns tab, click Add. Add a column corresponding to the new attribute in the User Defined process form, UD_PSFT_HR. For the example described earlier, you can add the UD_PSFT_HR_SALARY column.

8. Add a reconciliation field corresponding to the new attribute in the resource object, PSFT_HR_RO. For the example described earlier, you can add the Users.SALARY reconciliation field.

9. Modify the PSFT_HR process definition to include the mapping between the newly added attribute and the corresponding reconciliation field. For the example described earlier, the mapping is as follows:

   Users.SALARY=UD_PSFT_SALARY
   

   In this example, SALARY is the reconciliation field and also the equivalent target system attribute. As a standard, the prefix "Users." is added at the start of all reconciliation field names.

10. Modify the attributemapping_recon.properties file, which is in the OIM_HOME/xellerate/XLIntegrations/PSFTHR/config directory.

    You can also add new attributes in this file. The format that you must use is as follows:

    TargetAttribute=Users.OimAttributeName
    

    Note:

    You must ensure that the TargetAttribute value that you specify does not contain spaces.

    For example:

    SALARY=Users.SALARY
    

    In this example, SALARY is the reconciliation field and also the equivalent target system attribute. As a standard, the prefix "Users." is added at the start of all reconciliation field names.

3.2.1.4 Limited Reconciliation

By default, all target system records that are added or modified after the previous reconciliation run are reconciled during the current reconciliation run. You can customize the reconciliation process by specifying the subset of newly added or modified records that must be reconciled. You implement this form of limited reconciliation by creating customized queries for reconciliation. You do this by creating filters for the reconciliation module.

Creating a filter involves specifying a value for a target system attribute, which will be used in the SELECT query criteria to retrieve the records to be reconciled. You can specify values for any one or a combination of the following target system attributes:

• Lastname

• DeptId

• Postal

If you want to use multiple target system attributes to filter records, then you must also specify the logical operator (AND or OR) that you want to apply to the combination of target system attributes that you select.

For instructions to specify values for the target system attributes and the logical operator that you want to apply while deploying the connector, refer to the "Specifying Values for the Scheduled Task Attributes" section.

3.2.2 Configuring Incremental Reconciliation

Note:

In this section, the term "attribute" refers to the identity data fields that store user data.

This section discusses the following topics:

• Configuring the PeopleSoft Listener

• Encrypting a New Oracle Identity Manager Password

• Adding a Custom Attribute for Incremental Reconciliation

• Limited Reconciliation

3.2.2.1 Configuring the PeopleSoft Listener

This section describes how to configure the PeopleSoft listener. In the following procedure, OIM_HOME refers to the local Oracle Identity Manager installation directory

To configure the PeopleSoft Listener:

1. Copy the OIM_HOME/cbrecon_webapp/lib/peopleSoftApp.war file into a temporary folder. Enter the following command to extract the contents of the peopleSoftApp.war file.

   jar –xvf peopleSoftApp.war
   

   Note:

   All the files mentioned in the remaining steps of this procedure are extracted from the peopleSoftApp.war file.

2. Edit the deployment.properties file. This file contains the message property that corresponds to the name of the XML message from the PeopleSoft feed. The default value of this attribute is PSFT_XELLERATE_MSG. Obtain the correct actual value for this attribute from the PeopleSoft administrator, and replace the value in this file with the actual value.

3. Edit the xlsession.properties file. This file contains the following Oracle Identity Manager connection parameters:

   • ObjectName: This is the name of the resource object in Oracle Identity Manager against which the reconciliation event is created. The default value is PSFT_HR_RO.

   • Username: This is the user name for logging in to Oracle Identity Manager. The default value is xelsysadm.

   • Password: This is the password for logging in to Oracle Identity Manager. You must enter the encrypted value of the password:

     See Also:

     The "Encrypting a New Oracle Identity Manager Password" section for information about encrypting a plaintext password

4. Edit the xlclient.properties file. This file contains the following system properties that enable an API client to communicate with Oracle Identity Manager:

   • xl.homedir: This property specifies the Oracle Identity Manager client directory. Typically, the Oracle Identity Manager client directory is OIM_HOME/xlclient.

   • java.security.policy: This property specifies the path of the security policy file. Typically, this file is located in the OIM_HOME/xlclient/config directory.

   • java.security.auth.login.config: This property specifies the path of the authentication configuration file. Typically, this file is located in the OIM_HOME/xlclient/config directory.

     Each application server uses a different authentication configuration file:

     IBM WebSphere: authws.conf

     BEA WebLogic: authwl.conf

     JBoss Application Server: auth.conf

     Oracle Application Server: auth.conf

   • java.naming.provider.url: This property specifies the JNP URL of the application server. This URL is given in the <Discovery><CoreServer><java.naming.provider.url> tag of the OIM_HOME/xlclient/config/xlconfig.xml file. Each application server uses a different java.naming.provider.url:

     • WebLogic: t3://host:7001

     • JBoss: jnp://host:1099

     • WebSphere: corbaloc:iiop:host:2809

     • Oracle Application Server: ormi://localhost:12401/Xellerate

5. Edit the following properties in the configureReconciliation.properties file:

   • reconciliationMode: You must always set this property to trusted.

   • Serverdateformat: This property specifies the date format that is used by the PeopleSoft server. You can select one of the following date formats:

     • dd-mmm-yy

     • ddmmyy

     • yyddmm

     • yymmdd

     • dd.mm.yy (if the PeopleSoft installation uses Microsoft SQL Server)

     • dd.mm.yyyy (if the PeopleSoft installation uses IBM DB2 UDB)

   • xellerateOrganization: This property specifies the name of the Oracle Identity Manager organization. The default value of this property is Xellerate Users. The value that you assign to this property must exist in Oracle Identity Manager.

   • nullDate: This property specifies the default value for a date field. The value is 2200/01/01 00:00:00 PST. This value is used if the date field is left empty.

   • PeoplesoftstartingYEAR: This property specifies the year in two digits. If the number represented by these two digits (xx):

     • Is greater than or equal to 50, then it is assumed that the year is 19xx.

     • Is less than 50, then it is assumed that the year is 20xx.

     This specifies a range of 1950 to 2049 for the property.

   • XelServerDate: This property contains the date format that is used for the Oracle Identity Manager server.

     Current value of the XelServerDate property: yyyy/MM/dd hh:mm:ss z

     Note:

     You must not change this date format.

   • Filter: This property edits the value for filters, for example, OPRIDLIKE and UserType as required. The default value of this property is NO DATA. These values are used to configure incremental reconciliation.

6. Copy the following files from the OIM_HOME/xellerate/lib directory to the WEB-INF/lib directory:

   Note:

   Delete the following JAR files from the WEB-INF/lib directory before you copy the JAR files from the OIM_HOME/xellerate/lib directory.

   • xlAPI.jar

   • xlAuthentication.jar

   • xlBackOfficeBeans.jar

   • xlBackofficeClient.jar

   • xlCache.jar

   • xlCrypto.jar

   • xlDataObjectBeans.jar (for IBM WebSphere Application Server, copy this file from OIM_CLIENT/xlclient/lib)

   • xlDataObjects.jar

   • xlLogger.jar

   • xlUtils.jar

   • xlVO.jar

   • xlAdapterUtilities.jar

   Copy the following files from the OIM_HOME/xellerate/ext directory to the WEB-INF/lib directory:

   • oscache.jar

   • javagroups-all.jar

   • commons-collections.jar

   • commons-digester.jar

   • commons-logging.jar

   • commons-validator.jar

   • jdbcpool-0.99.jar

   • log4j-1.2.8.jar

   • struts.jar

   • xalan.jar

   • xerces.jar

   • xercesImpl.jar

   • xlRemoteManager.jar

   • xlScheduler.jar

7. Delete the peopleSoftApp.war file from the temporary directory into which you extract it, and then use the following command to re-create the file:

   jar –cvf peopleSoftApp.war
   

8. Ensure that the old version of the peopleSoftApp.war file is removed from the application server (BEA WebLogic, IBM WebSphere, JBoss Application Server, or Oracle Application Server) deployment directory.

9. Copy the newly created peopleSoftApp.war file into the application server deployment directory.

10. Restart the Oracle Identity Manager server and client.

Note:

You can add custom attributes to be reconciled during incremental reconciliation. However, you must complete the deployment procedure before you can add custom attributes.

Refer to the "Configuring Incremental Reconciliation" section for information about the procedure to add custom attributes for reconciliation.

3.2.2.2 Encrypting a New Oracle Identity Manager Password

If the password of the Oracle Identity Manager administrator is different from the default password, then you must encrypt the Oracle Identity Manager password as follows:

Note:

The default administrator user ID is xelsysadm.

1. On the Oracle Identity Manager server, open a command window.

2. In the command window, change to the OIM_HOME/xellerate/ScheduleTask directory.

3. Enter the following command:

   java -classpath xlPSFTHRRecon.jar  \
   com.thortech.xl.integration.peoplesoft.util.tcUtilEncryption -e \
   OIM_plaintext_password
   

   In this command, OIM_plaintext_password is the new Oracle Identity Manager administrator password that you want to encrypt.

   The encrypted password is displayed in the command window.

4. Replace the value of the encrypted password in the xlsession.properties file with the value that you copy from the command window. This file is compressed in the OIM_HOME/xlclient/lib/peopleSoftApp.war file.

5. Delete the peopleSoftApp.war file from the temporary directory in which you extract it, and then use the following command to re-create the file:

   jar –cvf peopleSoftApp.war .
   

6. Ensure that the old version of the peopleSoftApp.war file is removed from the application server (BEA WebLogic, IBM WebSphere, JBoss Application Server, or Oracle Application Server) deployment directory.

7. Copy the newly created peopleSoftApp.war file into the application server (BEA WebLogic, IBM WebSphere, JBoss Application Server, or Oracle Application Server) deployment directory.

8. Restart Oracle Identity Manager and the Design Console.

3.2.2.3 Adding a Custom Attribute for Incremental Reconciliation

Note:

In this section, the term "attribute" refers to the identity data fields that store user data. If you do not want to add custom attributes for incremental reconciliation, then you can skip this section.

Standard incremental reconciliation involves the reconciliation of predefined attributes. If required, you can add custom attributes to the list of attributes that are reconciled.

The procedure to add a custom attribute for reconciliation depends on the release of PeopleTools that you are using:

• Adding a Custom Attribute for Incremental Reconciliation on PeopleTools 8.22

• Adding a Custom Attribute for Incremental Reconciliation on PeopleTools 8.45 Through 8.48

3.2.2.3.1 Adding a Custom Attribute for Incremental Reconciliation on PeopleTools 8.22

To add a custom attribute for reconciliation on PeopleTools 8.22:

1. Change the PeopleCode given in the HRMSBulkRecon.txt file. This file is in the OIM_HOME/xellerate/scripts directory. The required changes are as follows:

   1. Modify the following line in the file:

      &hdr = "EMPLID,LASTNAME,FIRSTNAME,SEX,POSTAL,CITY,SSN,PHONE,BIRTHDATE,COUNTRY,ADDRESS,STATE,HIRE_DATE,DEPTID,JOBCODE";
      

      For example, to add the LOCATION column, add LOCATION at the end of the list of the list of column names as follows:

      &hdr = "EMPLID,LASTNAME,FIRSTNAME,SEX,POSTAL,CITY,SSN,PHONE,BIRTHDATE,COUNTRY,ADDRESS,STATE,HIRE_DATE,DEPTID,JOBCODE,LOCATION";
      

   2. Modify the SQL statement in the file to retrieve and store the value for the new attribute added in a local variable.

      For example, to add the job location attribute, LOCATION, to the list of attributes that are reconciled, modify the SQL statement as follows:

      SQLExec("select DEPTID, JOBCODE, LOCATION from ps_job a where emplid =:1 and effdt=(select max(effdt) from ps_job b where a.emplid=b.emplid and effseq =(select max(effseq) from ps_job c where b.emplid = c.emplid and b.effdt=c.effdt))", &empid, &deptid, &jobcd, &location); 
      

   3. After modifying the header and SQL statement, add the required data to the XML message. For example, to add the LOCATION data in the XML message to the JOB tag, add the line highlighted in bold in the following code sample:

      /* FOR JOB RECORD */
      &MSG_ROWSET.GetRow(1).JOB.JOBCODE.Value = &jobcd;
      &MSG_ROWSET.GetRow(1).JOB.DEPTID.Value = &deptid;
      &MSG_ROWSET.GetRow(1).JOB.LOCATION.Value = &location;
      

2. Modify the peopleSoftApp.war file based on the custom attribute added. Extract the contents of the peopleSoftApp.war file into a temporary directory by using the following command:

   jar –xvf peopleSoftApp.war
   

   Copies of this file are in the application server deployment directory.

3. In the attributemap.properties file, add the XPath (key-value entry) of the custom attribute. For example, you can add the following XPath for the LOCATION attribute:

   Users.LOCATION=//Transaction/DEPT_TBL/LOCATION
   

   Note:

   In the attributemap.properties file, the key part of each line is the text to the left of the equal (=) sign. You must ensure that the key part of the lines does not contain spaces. For example, Users . LOCATION, Users. LOCATION, Users.CURRENT LOCATION are all invalid key values because they contain spaces.

4. Delete the old version of the peopleSoftApp.war file from the temporary directory into which you had extracted it, and then enter the following command to re-create the file that contains the custom attribute added:

   jar –cvf peopleSoftApp.war .
   

5. Delete the old version of the peopleSoftApp.war file from the application server deployment directory.

6. Copy the newly created peopleSoftApp.war file into the application server deployment directory.

7. In the Oracle Identity Manager Design Console, make the required changes as follows:

   See:

   Oracle Identity Manager Design Console for detailed instructions on performing the following steps

   1. Add a column corresponding to the new attribute in the User Defined process form, UD_PSFT_HR. For the example described earlier, you can add the UD_PSFT_HR_LOCATION column for the new attribute added.

   2. Add a reconciliation field corresponding to the new attribute in the resource object, PSFT_HR_RO. For the example described earlier, you can add the Users.LOCATION reconciliation field.

   3. Modify the PSFT_HR Process process definition to include the mapping between the newly added attribute and the corresponding reconciliation field. For the example described earlier, the mapping is as follows:

      Users.LOCATION = UD_PSFT_HR_LOCATION
      

      In this example, LOCATION is the reconciliation field and also the equivalent target system attribute. As a standard, the prefix "Users." is added at the start of all reconciliation field names.

8. Restart the Oracle Identity Manager server and client.

3.2.2.3.2 Adding a Custom Attribute for Incremental Reconciliation on PeopleTools 8.45 Through 8.48

To add a custom attribute for reconciliation on PeopleTools 8.45 through 8.48:

1. Make the required changes in the PeopleCode given in the HRMSCBRecon.txt file. This file is in the OIM_HOME/xellerate/scripts directory. The required changes are as follows:

   1. At the end of the SQL statements section, add a SQL statement to retrieve and store the column values for the new attribute in a local variable.

      For example, suppose you want to add the department location attribute, LOCATION, to the list of attributes that are reconciled. Add the following SQL statement to retrieve the values of the LOCATION column from the PS_DEPT_TBL table:

      SQLExec("SELECT DESCR, LOCATION FROM PS_DEPT_TBL WHERE DEPTID=:1", &deptid, &deptname, &location);
      

   2. Add the data fields you retrieved to the XML message. For example, to add the LOCATION column to the DEPT_TBL tag, add the lines highlighted in bold in the following code sample:

      &recnode = &fieldtypenode.AddElement("DEPT_TBL");
      &recnode.AddAttribute("class", "R");
      &fields = &recnode.AddElement("DEPTNAME");
      &fields.AddAttribute("type", "CHAR");
      &fields = &recnode.AddElement("LOCATION");
      &fields.AddAttribute("type", "CHAR");
      

   3. Add the data text you retrieved to the XML message. For example, to add the LOCATION column to the DEPT_TBL tag, add the lines highlighted in bold in the following code sample:

      &datarecnode = &transnode.AddElement("DEPT_TBL");
      &datarecnode.AddAttribute("class", "R");
      &datafldnode = &datarecnode.AddElement("DEPTNAME");
      &textnode = &datafldnode.AddText(&deptname);
      &datafldnode = &datarecnode.AddElement("LOCATION");
      &textnode = &datafldnode.AddText(&location);
      

2. In PeopleSoft Application Designer, copy the contents of the HRMSCBRecon.txt file into the savePostChange event for the PERSONAL_DATA component.

3. Extract the contents of the peopleSoftApp.war file into a temporary directory by using the following command:

   jar –xvf peopleSoftApp.war
   

   Copies of this file are in the application server deployment directory.

4. In the attributemap.properties file, add the XPath (key-value entry) of the custom attribute. For example, add the following XPath for the LOCATION attribute:

   Users.LOCATION=//Transaction/DEPT_TBL/LOCATION
   

   Note:

   In the attributemap.properties file, the key part of each line is the text to the left of the equal (=) sign. You must ensure that the key part of the lines does not contain spaces. For example, Users . LOCATION, Users. LOCATION, Users.CURRENT LOCATION are all invalid key values because they contain spaces.

5. Delete the old version of the peopleSoftApp.war file from the temporary directory into which you had extracted it, and then use the following command to re-create the file that contains the new attribute:

   jar –cvf peopleSoftApp.war .
   

6. Delete the old version of the peopleSoftApp.war file from the application server deployment directory.

7. Copy the newly created peopleSoftApp.war file into the application server deployment directory.

8. In the Oracle Identity Manager Design Console, make the required changes as follows:

   See:

   Oracle Identity Manager Design Console for detailed instructions on performing the following steps

   1. Open the process form located in the Development Tools folder of the Oracle Identity Manage Design Console.

   2. Click Create New Version.

   3. In the Create a New Version dialog box, specify the version name in the Label field. Save the changes, and then close the dialog box.

   4. From the Current Version list, select the newly created version.

   5. On the Additional Columns tab, click Add. Add a column corresponding to the new attribute in the User Defined process form, UD_PSFT_HR. For the example described earlier, you can add the UD_PSFT_HR_LOCATION column.

   6. Add a reconciliation field corresponding to the new attribute in the resource object, PSFT_HR_RO. For the example described earlier, you can add the Users.LOCATION reconciliation field.

   7. Modify the PSFT_HR Process process definition to include the mapping between the newly added attribute and the corresponding reconciliation field. For the example described earlier, the mapping is as follows:

      Users.LOCATION = UD_PSFT_HR_LOCATION
      

      In this example, LOCATION is the reconciliation field and also the equivalent target system attribute. As a standard, the prefix "Users." is added at the start of all reconciliation field names.

9. Restart the Oracle Identity Manager server and client.

3.2.2.4 Limited Reconciliation

By default, all target system records that are added or modified after the previous reconciliation run are reconciled during the current reconciliation run. You can customize the reconciliation process by specifying the subset of newly added or modified records that must be reconciled. You implement this form of limited reconciliation by creating customized queries for reconciliation. You do this by creating filters for the reconciliation module.

Creating a filter involves specifying a value for a target system attribute, which will be used in the SELECT query criteria to retrieve the records to be reconciled. This can be done by editing the configureReconciliation.properties file, which contains the OPRIDLIKE and UserType parameters.

You can specify values for any one or a combination of the following target system attributes:

• Lastname

• DeptId

• Postal

If you want to use multiple target system attributes to filter records, then you must also specify the logical operator (AND or OR) that you want to apply to the combination of target system attributes that you select.

For instructions to specify values for the target system attributes and the logical operator that you want to apply while deploying the connector, refer to the "Specifying Values for the Scheduled Task Attributes" section.