Enabling Signon PeopleCode for LDAP Authentication

Access the Signon PeopleCode page (PeopleTools > Security > Security Objects > Signon PeopleCode).

LDAP Authentication runs as Signon PeopleCode that must be enabled and configured to be carried out with proper permissions.

To enable Signon PeopleCode:

  1. Click the Invoke As option that applies to your configuration.

    Do you want to use a default user ID, or do you want the Signon PeopleCode to be invoked by the user ID of the user who happens to be signing on to the system? Either way, the value for the user ID and password must be a valid PeopleSoft User ID and password.

    For LDAP authentication, you may need to use Invoke As if the value entered on the Signon Page is not also a valid PeopleSoft OPRID. For instance, if someone signs on using an EmailID, Invoke as must be used since the email ID is not a valid PeopleSoft OPRID.

  2. Locate the row for the LDAP_Authentication function on the Record FUNCLIB_LDAP.

  3. Select the Enabled check box (if it is not already selected by default).

  4. Ensure that the Exec Auth Fail check box is selected; if PeopleSoft authorization fails, then Signon PeopleCode is carried out.

    PeopleSoft authorization always fails if you are using LDAP authentication.

  5. Click Save at the bottom of the page.

  6. Reboot any application servers running against the local database.

Note: If you intend to use the User Profile Map, you also need to enable LDAP_PROFILESYNCH. The same options apply.