Understanding User Profile Synchronization

For implementations that use multiple PeopleSoft databases, you commonly have the same user in more than one database. Typically in production environments, you want the user profile information of the same user to be synchronized among databases. For example, if a user modifies her password or other user profile information in one database, you prefer that the system automatically synchronize the changes across the enterprise rather than have the user or an administrator manually replicate changes in multiple databases.

User profile synchronization involves setting up each PeopleSoft database in the enterprise to send and receive user profile updates through the Integration Broker. When you enter new profiles or modify and delete existing profiles on any publishing database and save, PeopleCode publishes a user profile service operation—which contains a user profile message—and routes the message to all subscribing nodes according to your specifications. The subscribing databases then update the user profile data with data from the publishing database.

Note: User profiles contain sensitive information. Design and implement user profile synchronization across different nodes with special care. As delivered, user synchronization behavior may not be acceptable in all cases.

Components Used to Update User Profiles

You can use these online components to make changes to user profile data:

  • User Profiles (USERMAINT)

  • Distributed User Profiles (USERMAINT_DIST)

  • My System Profile (USERMAINT_SELF)

  • Change My Password (CHANGE_PASSWORD)

  • Expired Password (EXPIRE_CHANGE_PSWD)

  • Forgot My Password (EMAIL_PSWD)

Administrators use the first two online components. The My System Profile component is a self-service component, which can be used to modify a limited set of data about a user. The Change My Password, Expired Password, and Forgot My Password components are used to change only the user password. Generally, the Forgot My Password component is configured as a public site that is separate from the PeopleSoft application. You can also modify user profile data through batch processes.

Types of User Profile Synchronization

PeopleSoft applications have two types of user profile synchronization:

  • Default user profile synchronization.

  • Configurable user profile synchronization.

The publishing processes for default and configurable user profile synchronization use different PeopleCode programs. PeopleSoft applications are delivered with the PeopleCode programs for both types of user profile synchronization. You select the appropriate PeopleCode by using the Security PeopleCode Options page. This page eliminates the need to access Application Designer to select the PeopleCode for the corresponding type of user profile synchronization.

Note: You should select the user profile synchronization type at the time of your implementation, after which you should restrict access to the Security PeopleCode Options page.

User Profile ID Types

Each user profile features an ID type (and related attributes) that are defined in the ID Types and Values section of the User Profile – ID page (PeopleTools, Security, User Profiles, User Profiles and click the ID tab).

To perform user profile synchronization, the ID type for a user profile must be the same on the source system and target system. That is, the system cannot map user profiles with different ID types.

Important! The system cannot map user profiles with different ID types.

If a different ID type is required for a user profile on one of the systems, after performing user profile synchronization, consider using OnRequest PeopleCode to convert the ID type to the required type.