Post on 29-Dec-2015
PeopleSoft Directory Interface for HRMS
prepared for
USM Regional PeopleSoft Conference
June 10, 2005
Hank Kehlbeck, Sr. Product Manager, HCM Strategy
Agenda
• LDAP Overview
• PeopleSoft Directory Interface Overview• Delivered Templates• Configuring Directory Interface• Where to Get More Information• Lessons Learned / Your Feedback
LDAP Overview
What is LDAP?
• Lightweight Directory Access Protocol• Standard protocol for reading from and writing to
directories• Common language that LDAP clients and servers
use to communicate with each other• Accesses directory information usually organized
in a tree-like structure
What are the Benefits?
• Hierarchical and specialized Database• Scalable, Flexible, Extensible• Efficient Means of Organizing/Retrieving Information
• High Query (Read) Performance• Poor Update (Write) Performance
• LDAP should eventually make it possible for any application running on virtually any computer platform to obtain directory information, such as email addresses and public keys.
cn = Joh n W o o k ey
o u = D e ve lo p m e nt
cn = L a rry E llison
o u = M a n ag e m e nt
cn = D a ve H a re
o u =S u pp o rt
d c = O ra c le
LDAP Distinguished Names
Dn: uid=jsmith,ou=Tools,c=US,dc=oracle,dc=com
dc=oracledc=com
c=US c=FRA
ou=HRMSou=HRMSou=Tools
uid=jsmith
Directory Interface: Overview
What is Directory Interface?
PeopleSoftPeopleSoftDatabaseDatabase
PeopleSoftPeopleSoftDatabaseDatabase DirectoryDirectoryDirectoryDirectory
Directory InterfaceDirectory InterfaceDirectory InterfaceDirectory Interface
Features and Benefits
• Flexible• Compliant w/any LDAPv3-Compliant Directory Server• Supports flat and hierarchical schemas• Real-time or batch updates to map data• Effective-dated
• Centralized Information• Eliminate managing data in multiple locations• Enable single sign-on to enterprise applications• Audit data integrity b/w HCM and Directory Server
• Lower Cost, Standards-based Security• Control access to PeopleSoft using LDAP• Reduce security maintenance costs
Directory Interface Components
• Mapping Data and Templates• Optional directory schema extensions • Integration Tools
• Fields, Records, PeopleCode, Application Messages,Business Interlinks
• Audit reports • Signon PeopleCode for Directory Server
Authentication.
Process Flow of an Update
4. App. Msg. Subscription
Process Invoked
<xml>http/html<
xm
l>L
DA
P
5. LDAP Business Interlink writes
data to Directory, using Map Defns.
HRMS to Directory Maps
2. Business Event Triggered
Application Server
1. HR Transaction
New Hire Data
3. App. Msg Published to
Queue (if current)
App. Message Queue
Directory Interface feature• The PDI Features (cont’d):
• A “Massive” Directory Tree Re-organization:
dc=oracledc=com
c=US c=FRA
ou=HRMSou=HRMSou=Tools
uid=jsmith
dc=oracledc=com
c=US c=FRA
ou=HRMSou=HRMS
ou=Tools
uid=jsmith
BEFORE AFTER
Supported LDAP Servers
• LDAPv3-compliant Directory Servers:• Novell NDS eDirectory using any Novell
supported O/S • Sun ONE Directory Server and higher using any
Sun ONE supported O/S• Microsoft Active Directory on Windows 2000
Server
Directory Interface: Delivered Templates
• With 8.9, the goal was to adapt the Directory Interface to the new HCM Person Model and to consolidate HCM and Student Admin specific maps into one generic one.
Delivered Templates (8.9)
Directory Entry Map Name Business Process
CS_ADVISOR_INSTR Create a new Instructor
CS_APPLICANT Create a new Applicant
CS_PERSON Add a new Person ID
CS_STUDENT Create a Student
HR_DEPARTMENT Create a new Department
HR_LOCATION Create a new Location
HR_PERSON Add a new Person
Delivered HR Mappings
dc=oracledc=com
c=US c=FRA
ou=HRMSou=HRMSou=Tools
uid=jsmith
Location Map
Department Map
Person Map
Schema Extensions (8.9)
Type Name
Object Class psftLsStudent
Object Class psftLsCrPerson
Object Class psftLsPerson
Type Name
Attribute Type psftInstitution
Attribute Type psftPurposeCd
Attribute Type psftStaffID
Attribute Type psftCnstType
Attribute Type psftCareer
Attribute Type psftProgram
Attribute Type psftPlan
Attribute Type psftAdmitTerm
Attribute Type psftInstrType
Attribute Type psftProgStatus
Configuring Directory Interface
1. Install Directory Interface
2. Configure the Directory
3. Cache the Schema
4. Create Authentication Maps and User Profile Maps
5. Create Sign-on PeopleCode
• Create Default User• Edit configuration.properties• Write Sign-on PeopleCode
6. Set Up Directory Mappings
7. Define Roles and Memberships
8. Activate Message Channel
9. Define Node
10. Define/Activate Transactions
11. Load PS Data into Directory
12. Audit / Search Directory
Where to Get More Information
PeopleBooks
• Security > Incorporating LDAP Directory Services • PeopleSoft Enterprise Components for PeopleSoft
Enterprise HRMS and Campus Solutions 8.9 PeopleBook > Using PeopleSoft Directory Interface
Lessons Learned / Feedback
AQ&Q U E S T I O N SQ U E S T I O N S
A N S W E R SA N S W E R S
Hank Kehlbeck
Senior Product Manager, HCM Strategy
hank.kehlbeck@oracle.com
240.398.8528