Understanding Implementing PeopleSoft Directory Interface

Consider these PeopleSoft Directory Interface implementation guidelines for best results:

Term	Definition
LDAP Searches	Some LDAP searches may generate LDAP referrals to other servers participating in your directory. You must be able to ping by hostname all servers in the directory from the application server. If any server is unreachable by hostname from the application server, you can add a line for the server to the hosts. Your directory information tree must have user entries at the leaf level. This is required when an entry needs to be moved from one branch to another. The entry needs to be at the leaf level so that the system can read user attributes, one of which is the password file on the application server.
Entry Limit	In the directory, configure the entry limit value to be larger than the number of rows that you expect will be returned. The default value is usually not sufficient.
Directory Tree	Your directory information tree must have user entries at the leaf level. This is required when an entry needs to be moved from one branch to another. The entry needs to be at the leaf level so that the system can read user attributes, one of which is the password.
Microsoft Active Directory	The following items apply to implementations that use Microsoft Active Directory: The registry key HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Schema Update Allowed must be present and set to a nonzero DWORD on the Active Directory FSMO Role Owner. When creating structural object classes in Microsoft Active Directory, you need to specify containment. PsftJobs can be children of the following classes of objects only: builtinDomain, organizationalUnit, and domainDNS. You must add the server names in the Directory Setup component as they appear on the DNSHostName attribute on the server entries under the CN=Sites entry.