This connector supports both identity and Provisioning.
-
The Identity functionalities of this connector enable you as an Identity administrator to configure PeopleSoft Enterprise 8.48, 8.49, and 8.5 as a connected system and then make Identity users part of the PeopleSoft Enterprise system. This enables the user or Identity administrator to reset PeopleSoft Enterprise account passwords.
-
The Provisioning functionalities of this connector enable exporting and importing user accounts on a PeopleSoft Enterprise system.
Functionalities
Identity Integration
Product Feature |
Supported |
---|---|
Authenticate (Test Connection) |
Yes |
Validate User |
Yes |
Enable/Disable User |
No |
Reset Password |
Yes |
Expire Password Immediately |
No |
Expire Password by Date |
No |
Provisioning Integration
Data Format |
Export |
Create |
Modify |
Delete |
Trigger |
---|---|---|---|---|---|
Tables |
Yes |
Yes |
Yes |
Yes |
Yes (Messaging) |
Profiles |
No |
Yes |
Yes |
Yes |
Yes (Messaging) |
Prerequisites
Ensure these prerequisites are satisfied:
- One of these versions of PeopleTools is installed, configured, and running:
- 8.48 (supports Sun Java Development Kit (JDK) 1.4.X).
- 8.49 (supports Sun Java Development Kit (JDK) 1.5.X).
- 8.5 (supports Sun Java Development Kit (JDK) 1.6.X).
- An administrator account that can be used to establish a connection and has authority to manage accounts on the connected system.
- An administrator account to perform account verifications for Provisioning. This account should have privilege to access PeopleTools in PeopleSoft with the following minimum roles and permissions:
- User Roles: PeopleSoft User and PeopleTools
- Permission Lists (for example, HR and Campus Solution):
- Navigator Homepage: HCSPNAVHP.
- Primary: HCPPALL or HCPPUSA or similar.
- Row Security: HCDPALL or HCDPUSA or similar.
- Process Profile: HCSPCMPINT or similar, with execute permission on USER_PROFILE and DELETE_USER_PROFILE CIs.
Installing Files
This section is required for Identity password management and Provisioning functionality. This section is required for all installations, whether Identity is installed on Windows, Solaris, or UNIX System Services (z/OS and OS/390) platforms.
Copy the psjoa.jar File
Note: Stop your Identity and Provisioning Web application servers before proceeding.
- Copy jar from the PeopleSoft client location (<PS_HOME>/class directory) to this location of your Identity Server:
<IDENTITY_HOME>\..\wars\identity\WEB-INF\lib
(e.g., C:\Fischer\IdM\wars\identity\WEB-INF\lib)
Where <IDENTITY_HOME> is the environment variable value referencing the base folder of the Identity installation (e.g., C:\Fischer\IdM\Identity).
Note: If the connector is being run remotely on a GIG, copy psjoa.jar to this folder of your GIG Server:
<GIG_HOME>\wars\idmgig\WEB-INF\lib (e.g., C:\Fischer\gig\wars\idmgig\WEB-INF\lib) Where <GIG_HOME> is the environment variable value referencing the base folder of the GIG installation (e.g., C:\Fischer\gig). - Copy jar from the PeopleSoft client location (<PS_HOME>/class directory) to these folders of your Provisioning Server:
<DATAFORUM_HOME>\..\jars (e.g., C:\Fischer\Provisioning\jars)
<DATAFORUM_HOME>\..\wars\dataforum\WEB_INF\lib
(e.g., C:\Fischer\Provisioning\wars\dataforum\WEB-INF\lib)
Where <DATAFORUM_HOME> is the environment variable value referencing the base folder of the Provisioning installation (e.g., C:\Fischer\Provisioning\dataforum).
Notes:
Follow these same steps for any remote standalone Studio Only installations.
If the connector is being run remotely on a GIG, copy psjoa.jar to this folder of your GIG Server:
<GIG_HOME>\wars\provgig\WEB-INF\lib
(e.g., C:\Fischer\gig\wars\provgig\WEB-INF\lib)
Where <GIG_HOME> is the environment variable value referencing the base folder of the GIG installation (e.g., C:\Fischer\gig).
Create the PSFThttp.jar File
-
Run these commands:
cd <PS_HOME>/webserv/<PeopleSoft site>/applications/peoplesoft/<PORTAL or PSIGW>/ WEB-INF/classes
<Java path>/jar -cvf PSFThttp.jar psft/pt8/pshttp
Where <Java path> is the location where the PeopleTools Java or Web server Java resides.Copy the PSFThttp.jar File
-
Copy jar file from <PS_HOME>/webserv/<PeopleSoft site>/applications/peoplesoft/
<PORTAL or PSIGW>/WEB-INF/classes to this location of your Identity Server:
<IDENTITY_HOME>\..\wars\identity\WEB-INF\lib (e.g., C:\Fischer\IdM\wars\identity\WEB-INF\lib).
Where <IDENTITY_HOME> is the environment variable value referencing the base folder of the Identity installation (e.g., C:\Fischer\IdM\Identity).
Note: If the connector is being run remotely on a GIG, copy PSFThttp.jar to this folder of your GIG Server:
<GIG_HOME>\wars\idmgig\WEB-INF\lib (e.g., C:\Fischer\gig\wars\idmgig\WEB-INF\lib)
Where <GIG_HOME> is the environment variable value referencing the base folder of the GIG installation (e.g., C:\Fischer\gig). - Copy jar file from <PS_HOME>/webserv/<PeopleSoft site>/applications/peoplesoft/
<PORTAL or PSIGW>/WEB-INF/classes to these folders of your Provisioning Server:
<DATAFORUM_HOME>\..\jars (e.g., C:\Fischer\Provisioning\jars)
<DATAFORUM_HOME>\..\wars\dataforum\WEB_INF\lib (e.g., C:\Fischer\Provisioning\wars\dataforum\WEB-INF\lib)
Where <DATAFORUM_HOME> is the environment variable value referencing the base folder of the Provisioning installation (e.g., C:\Fischer\Provisioning\dataforum).
Notes:
Follow these same steps for any remote standalone Studio Only installations.
If the connector is being run remotely on a GIG, copy PSFThttp.jar to this folder of your GIG Server:
<GIG_HOME>\wars\provgig\WEB-INF\lib(e.g., C:\Fischer\gig\wars\provgig\WEB-INF\lib)
Where <GIG_HOME> is the environment variable value referencing the base folder of the GIG installation (e.g., C:\Fischer\gig).
Redeploy the War Files
- Run bat from <IDENTITY_HOME>\..\wars to create a new identity.war file.
- Run bat from <DATAFORUM_HOME>\..\wars to create a new dataforum.war file.
Note: If the connector is being run remotely on a GIG, run idmgig.bat and provgig.bat from <GIG_HOME>\wars to create new idmgig.war and provgig.war files.
- Complete the steps required to install the war files on the application server so they can be deployed. For example, for Apache Tomcat, delete the dataforum and identity folders and the war and identity.war files if they exist. Copy the new identity.war and dataforum.war files to the apache-tomcat webapps subdirectory.
Note: If the connector is being run remotely on a GIG, delete the idmgig and provgig folders and the idmgig.war and provgig.war files. Copy the new idmgig.war and provgig.war files to the apache-tomcat webapps subdirectory. - Restart the application
Creating the Connected System
Admin UI
-
Log in to Identity Administration and click the Systems tab.
-
On the Connected System View page, click the Add button and select the PeopleSoft Enterprise connected system from the Type drop-down list. The Connected System Details page displays the default values:
-
Enter the desired information:
Definition Supported Connectors Displays whether the connected system is Identity only, Provisioning only, or both.
Password Policy Displays the name of the password policy associated with the connected system.
Connected System Group Displays the name of the system group that includes this connected system.
Note: If a password policy is associated with a connected system and then the connected system is placed in a group, the group’s password policy will override the connected system’s password policy. The password policy will be removed from the connected system.
Type Select the connected system type. Locale Select the preferred language (default: English). Locale specific information such as Display Name and Description can be added only while modifying the connected system.
Name The name for this connected system. Note: The name cannot be modified later. Display Name The display name of the new connected system. Description The description of the connected system. Associated With Select how the connector associated with this system will run:
- Server (default) - Runs locally on the Provisioning/Identity Server.
- Global Identity Gateway - Runs remotely on a Global Identity Gateway cluster member. Note: Only GIG clusters that have at least one registered and enabled member will display in this list.
- See Using the Global Identity Gateway with Connected Systems for additional information.
Password Reset By Enables administrators to configure password management functions normally available to Users and OBO (On Behalf Of) Users: - OBO User Only - Connected system and account association information is displayed only in Self-Service user management (for OBO Users). OBO Users can reset passwords for accounts on this connected system. Administrators can perform all user management functions for this connected system (e.g., enable/disable, validate, associate user, and password reset). End users will not see their accounts on this connected system in Self-Service and Kiosk; therefore, they cannot reset passwords for accounts on this connected system.
- Users and OBO User - Connected system and account association information is displayed in Self-Service password reset, Self-Service - Kiosk, and Self-Service user management. Self-Service users, Kiosk users, and OBO Users can reset passwords for accounts on this connected system. Administrators can perform all user management functions for this connected system (e.g., enable/disable, validate, associate user, and password reset).
- External - Connected system and account association information is not displayed in Self-Service password reset, Self-Service - Kiosk, and Self-Service user management. Self-Service users, Kiosk users, and OBO Users cannot reset passwords for accounts on this connected system.
Note: When user management configuration enables OBO Users to perform password resets, this definition must be set to OBO User Only or Users and OBO User. For connectors that support Provisioning only, there is no password reset capability.
Provisioning Option Select the provisioning option: - Automated (default) - The connected system functions as a normal connected system; there are no restrictions.
- Administrative - The connected system cannot be used as an object in a workflow.
Enable HPAM Support Select to make the connected system HPAM enabled (default: cleared). Note: This can only be set for systems that support Identity. Connection Information Host
The IP address or host name where the PeopleSoft database is running (e.g., 10.102.200.20 or localhost).
App Server The IP address or host name where the PeopleSoft application server is running (e.g., 10.102.240.93 or localhost).
Port The PeopleSoft database port number.
Internal Node Name The name of the internal PeopleSoft node.
db Type The database type (e.g., Oracle, Microsoft SQL, or IBM DB2) App Jolt Port The JOLT port of the PeopleSoft Enterprise system.
App Admin Id The administrative user account for the PeopleSoft application server.
App Admin Password The administrative user account password for the PeopleSoft application server. Note: If the Application Admin Password is changed, you must update this field to reflect the new password.
Service Account Name The PeopleSoft database administrative user account.
Service Account Password The PeopleSoft database administrative user password. Note: If the Service Account Password is changed, you must update this field to reflect the new password.
InitialDB The database to connect.
Maximum Connection Pool Size
Select the maximum number of connections that can be created in the connection pool by the connector. As needed, the connection pool will grow only to this maximum limit. Configuration Details User ID Attribute The attribute that contains the User ID value.
Password Attribute The attribute that contains the password value.
System Owner Add or Remove users assigned as the owners of the system. Displays the Connected System Owner Search page for selecting users. The HPAM column indicates whether the system owner is authorized to use the HPAM feature. The Approvers column indicates whether the system owner is an approver in the approval process.
Add PswdPolicy / Remove PswdPolicy Adds/removes a password policy to/from this connected system. If the connected system is associated with a Connected System Group, the buttons will be unavailable - all password policy assignments are defined at the group level (refer to Admin UI _ Systems _ Groups option).
-
Click the Test Connection button to test the Connection Information:
- If successful, one or both of these messages may display:
Message: Connection from Provisioning to the connected system was established successfully.
Message: Connection from Identity to the connected system was established successfully.- If unsuccessful, one or both of these messages may display:
Error: Failed to establish connection from Provisioning to the connected system.
Error: Failed to establish connection from Identity to the connected system.
Note: If the connection fails, additional messages may display providing more information regarding the failure, and additional information may be posted to the Provisioning and Identity logs. -
(Optional) To select owners of the system, click the System Owner Add button. The Connected System Owner Search page displays:
-
Select the owners and then click the Select button. The system owner displays under the System Owner section:
Note: More than one user can be assigned as an owner.
-
To add additional system owners, click the Add button.
-
- On the Connected System Details page, click the Add button to save the configured connected system. The Object Category Association page displays a list of categories that are already associated and/or can be selected to add additional associations to this connected system:
-
Select one or more available object categories or provide search criteria and click the Search button to find specific categories to select. If there are no available categories to select, proceed to Step 7.
-
Click the Add Association button to associate the selected object categories to the connected system.
-
-
Click the Back button to return to the Connected System View page. The new connected system displays in the list.
See Copying, Modifying, and Deleting Connected Systems for additional information.
Studio
- Log in to the Workflow and Connectivity Studio and click Connectivity ► Add Systems on the menu bar. The Add Connected Systems window displays.
- Select the PeopleSoft Enterprise connected system from the Type drop-down list. The default values display:
-
Enter the desired information:
Definition Type Select the connected system type. Name The name for this connected system. Note: The name cannot be modified later. Display Name The display name of the new connected system. Description The description of the connected system. Supported Connectors Displays whether the connected system is Identity only, Provisioning only, or both. Only connectors that support Provisioning are available here. Associated With Select how the connector associated with this system will run: - Server (default) - Runs locally on the Provisioning/Identity Server.
- Global Identity Gateway - Runs remotely on a Global Identity Gateway cluster member. Note: Only GIG clusters that have at least one registered and enabled member will display in this list.
Password Reset By Enables administrators to configure password management functions normally available to Users and OBO (On Behalf Of) Users: - OBO User Only - Connected system and account association information is displayed only in Self-Service user management (for OBO Users). OBO Users can reset passwords for accounts on this connected system. Administrators can perform all user management functions for this connected system (e.g., enable/disable, validate, associate user, and password reset). End users will not see their accounts on this connected system in Self-Service and Kiosk; therefore, they cannot reset passwords for accounts on this connected system.
- Users and OBO User - Connected system and account association information is displayed in Self-Service password reset, Self-Service - Kiosk, and Self-Service user management. Self-Service users, Kiosk users, and OBO Users can reset passwords for accounts on this connected system. Administrators can perform all user management functions for this connected system (e.g., enable/disable, validate, associate user, and password reset).
- External - Connected system and account association information is not displayed in Self-Service password reset, Self-Service - Kiosk, and Self-Service user management. Self-Service users, Kiosk users, and OBO Users cannot reset passwords for accounts on this connected system.
Note: When user management configuration enables OBO Users to perform password resets, this definition must be set to OBO User Only or Users and OBO User. For connectors that support Provisioning only, there is no password reset capability.
Provisioning Option Select the provisioning option:
- Automated (default) - The connected system functions as a normal connected system; there are no restrictions.
- Administrative - The connected system cannot be used as an object in a workflow.
Enable HPAM Support Select to make the connected system HPAM enabled (default: cleared). Note: This can only be set for systems that support Identity. Connection Information Host
The IP address or host name where the PeopleSoft database is running (e.g., 10.102.200.20 or localhost).
App Server The IP address or host name where the PeopleSoft application server is running (e.g., 10.102.240.93 or localhost).
Port The PeopleSoft database port number.
Internal Node Name The name of the internal PeopleSoft node.
db Type The database type (e.g., Oracle, Microsoft SQL, or IBM DB2) App Jolt Port The JOLT port of the PeopleSoft Enterprise system.
App Admin Id The administrative user account for the PeopleSoft application server.
App Admin Password The administrative user account password for the PeopleSoft application server. Note: If the Application Admin Password is changed, you must update this field to reflect the new password.
Service Account Name The PeopleSoft database administrative user account.
Service Account Password The PeopleSoft database administrative user password. Note: If the Service Account Password is changed, you must update this field to reflect the new password.
InitialDB The database to connect.
Maximum Connection Pool Size
Select the maximum number of connections that can be created in the connection pool by the connector. As needed, the connection pool will grow only to this maximum limit. Configuration Details User ID Attribute The attribute that contains the User ID value.
Password Attribute The attribute that contains the password value.
- Click the Connect button to test the Connection Information:
- If successful, this message may display:
Connection from Studio to the connected system was established successfully.
- If unsuccessful, this message may display:
Failed to establish connection from Studio to the connected system.
Note: If the connection fails, additional messages may display providing more information regarding the failure.
-
Click the Apply button to apply changes. The Category Association window displays.
-
Select one or more object categories from the Available Categories list or enter a category name and click the Search button to find a specific category to select. If there are no available categories to select, proceed to Step 6.
-
Click the Add button to associate the selected object categories to the connected system.
-
-
Click OK to accept selected categories.
See Copying, Modifying, and Deleting Connected Systems for additional information.
Using the Connected System for Identity
Perform these procedures to configure the connector:
- Connector Details for Identity
- Identity Password Management
Connector Details for Identity
This table lists values to enter when associating the Identity user with an existing user in the connected system:
Field |
System Attribute |
Example Value |
---|---|---|
Login ID |
OPRID |
BLANE |
Account ID |
OPRID |
BLANE |
Identity Password Management
See User Management for details on password management.
Using the Connected System for Provisioning
Perform these procedures to configure the connector:
- Configuring for Export
- Configuring for Import
- Connector Details for Provisioning
Notes:
- If the number of records to be processed exceeds one thousand, we recommend configuring the workflow to use bulk mode, which lowers the memory consumption of the system by streaming data to files. Because data is streamed for every task, performance of the workflow execution will be decreased due to increased read-write operations. See the Workflow and Connectivity Studio document for details on how to configure bulk mode.
- The connector only supports Tables data format for an export operation, and both Tables and Profiles data format for an import operation.
Configuring for Export
Perform these procedures to configure the connector for data export:
- Configuring the Export Connector
- Configuring the Export Link
From the Workflow and Connectivity Studio, select the PeopleSoft Enterprise UserExport workflow listed under the projects folder.
If a workflow does not already exist, create an export workflow. See the Workflow and Connectivity Studio document for details on creating export workflows.
Configuring the Export Connector
- In the Design pane, double-click the export object (the first workflow object after the Start object). The Configure Data Source window displays:
-
From the Configure Plug-in tab, set these properties as required:
Associated Connected System Select the connected system from the list. The export operation will be done from this connected system. Data Formats Select the type of data format to use: Profiles (default) or ChangeLog. DeltaExportMode
Select the type of attribute to export if a change takes place (this works in conjunction with ExportMode when DeltaExport is selected):
- OnlyChangedAttributes - Performs a partial export of only the changed attributes from the last time the query was run.
- ChangedAndMandatoryAttributes (default) - Performs a partial export of both changed and mandatory attributes from the last time the query was run. Mandatory attributes are exported whether they have been changed or not.
- AllAttributes - Performs a full export of all attributes that contain a value.
DynamicConnectedSystem Select the global variable to use as the dynamic connected system name. This works in conjunction with DynamicConnectedSystemOption when GlobalVariable is selected. DynamicConnectedSystemOption Select how to control Dynamic System Support (DSS): - None - There will not be any Dynamic System Support.
- Transaction-SystemName - The value of the Transaction-SystemName attribute in data will be used as the dynamic connected system. The connected system name must be passed as the value of the attribute Transaction-SystemName; if it is missing in data, the operation will fail.
- GlobalVariable - Select a global variable to use as the dynamic connected system name from the property DynamicConnectedSystem.
ExcludeEmptyFields Select how to process null fields:
- FALSE - Returns null fields with empty
- TRUE - Ignores null
ExportMode Select the type of data to export:
- FullExport - Exports all
- DeltaExport - Exports changed, mandatory, or all attributes, depending on the DeltaExportMode property
MaximumRows The maximum number of rows to be exported (default: 0 [zero, for unlimited]). Note: Hover the pointer over a property to view its description. -
(Optional) Select the Appearance tab to change how the Connected System object displays in the Design pane.
-
Click OK to save any changes and return to the Workflow and Connectivity Studio window.
-
Configuring the Export Link -
In the Design pane, double-click the export link between the export object (the first workflow object after the Start object) and the Data Mapper object. The Configure Link window displays:
Description Database Selection Configuration Source Attributes Select the database source for the selected fields. Select whether the source is Tables or Views.
Tables Lists the schema tables available for export.
Fields Lists the fields available for export. Check Attributes for Delta Export Selected Fields Lists the selected schema table fields for export.
Note: The check boxes are used only for delta export operations. These checked attributes will always be exported whether they were changed or not.
The Format button specifies a desired date/time format to be applied to a selected date type field. Only selected date fields will be able to apply a date/time format to their value.
Advanced Settings Displays the Configure Attributes window for selecting any attributes that need to be encrypted.
SQL Query Displays the SQL query run against the database. The Edit button edits the query.
Where Clause Displays the where clause in the SQL Query. Note: This text area is editable only when the Update Manually option button is selected.
Update Select one of these update option buttons:
- Automatically - The where clause is updated
- Manually - The where clause can be edited manually in the text
Preferred Key(s) Select the field(s) in the Selected Fields list:
- Set Key - Sets the primary
- Get Key - Gets the Preferred Key(s) of the selected table/view.
- From the Datasource tab perform these steps.
- Select a Database from the drop-down list. Select whether the source is Tables or Views. Select the table or view from the Tables/Views Select the fields from the Fields list to export and add them to the Selected Fields list.
- Select the field(s) from the Selected Fields list that require a date and/or time format and click the Format The Format Date window displays.
- Select the Include Time check box to add the timestamp with the date. Select the 24 Hour or 12 Hour option button and then select the required date/time Click OK to save the selected format. The Configure Link window displays.
- Perform one of these procedures:
- Select the field(s) in the Selected Fields list and click the Set Key button to set the primary key.
Or
- Click the Get Key button to get the Preferred Key(s) of the selected table/view.
- Select the field(s) in the Selected Fields list and click the Set Key button to set the primary key.
- The SQL Query list displays the SQL query run against the You can edit the query here or click the Edit button.
- Check the boxes in the Selected Fields list to set mandatory
- Click OK to save any changes and return to the Workflow and Connectivity Studio window.
- Deploy the workflow by selecting Deploy ► New Deployment.
See the Workflow and Connectivity Studio documentation for details of deployment options. - Manage and run the deployed workflow from the Admin UI ► Server tab. See the Identity Suite Administration documentation for details.
Configuring for Import
Perform these procedures to configure the connector for data import:
- Configuring the Import Connector
- Configuring the Import Link
From the Workflow and Connectivity Studio, select the PeopleSoft Enterprise UserAdd, UserModify, or UserDelete workflow listed under the projects folder.
If a workflow does not already exist, create an import workflow. See the Workflow and Connectivity Studio documentation for details on creating import workflows.
Configuring the Import Connector
- In the Design pane, double-click the import object (the last workflow object). The Configure Data Source window displays:
-
From the Configure Plug-in tab, set these properties as required:
Associated Connected System
Select the connected system from the list. The import operation will be done to this connected system.Data Formats
Select the type of data format to use: Profiles (default) or ChangeLog.DynamicConnectedSystem
Select the global variable to use as the dynamic connected system name. This works in conjunction with DynamicConnectedSystemOption when GlobalVariable is selected.DynamicConnectedSystemOption
Select how to control Dynamic System Support (DSS):- None - There will not be any Dynamic System Support.
- Transaction-SystemName - The value of the Transaction-SystemName attribute in data will be used as the dynamic connected system. The connected system name must be passed as the value of the attribute Transaction-SystemName; if it is missing in data, the operation will fail.
- GlobalVariable - Select a global variable to use as the dynamic connected system name from the property DynamicConnectedSystem.
See the Dynamic System Support appendix in the Workflow and Connectivity Studio document for additional information.
Id *
Enter the attribute that contains the value used to uniquely identify the user account user ID on the connected system.loginId *
Enter the attribute that contains the value used to uniquely identify the user account login ID on the connected system.ModifyIfEntryExists Select whether to perform a modify operation if an add operation fails (default: FALSE). Notes: * accountDN, Id, and login id are used by the Provisioning Policy and IdentityHub features to populate the ACCOUNT_DN, ACCOUNT_ID, and ACCOUNT_USERNAME columns of the FISC_USER_ACCOUNT table of the Product database. See the ‘Provisioning Policy’ and ‘Provisioning Using the IdentityHub’ chapters of the Identity Suite Administration Guide for details.
Hover the pointer over a property to view its description. - (Optional) Select the Appearance tab to change how the Connected System object displays in the Design pane.
- Click OK to save any changes and return to the Workflow and Connectivity Studio window.
Configuring the Import Link
- In the Design pane, double-click the import link between the Data Mapper object and the import object (the last workflow object). The Configure Link window displays:
Description Database Selection Configuration Databases Select the database source for the selected fields. Select whether the source is Tables or Views.
Find Searches the Databases and finds the closest match to the search criteria.
Tables Lists the schema tables available for export.
Fields Lists the fields available for export. Check for Attribute Level Auditing
If auditing is enabled and these fields below are checked, Provisioning will log all events for auditing purposes.Selected Fields Lists the selected schema table fields for export.
Note: The check boxes are used only for delta export operations. These checked attributes will always be exported whether they were changed or not.
The Format button specifies a desired date/time format to be applied to a selected date type field. Only selected date fields will be able to apply a date/time format to their value.
SQL Query Displays the SQL query run against the database. The Edit button edits the query.
Import using template format Generates the import query using the given format. The actual query
is generated by substituting the ##attribute name## with the values given to the import task.
Template - Generates the template for the import query in the SQL Query text area.
Where Clause Displays the where clause in the SQL Query. Note: This text area is editable only when the Update Manually option button is selected.
Update Select one of these update option buttons:
- Automatically - The where clause is updated
- Manually - The where clause can be edited manually in the text
Preferred Key(s) Select the field(s) in the Selected Fields list:
- Set Key - Sets the primary
- Get Key - Gets the Preferred Key(s) of the selected table/view.
Audit Key Select the attribute to associate with the Audit Key.
- From the Datasource tab, perform these steps.
- Select a Database from the drop-down list.
- Select the table from the Tables Select the fields from the Fields list.
- Perform one of these steps:
- Select the field(s) in the Selected Fields list and click the Set Key button to set the primary key.
Or - Click the Get Key button to get the Preferred Key(s) of the selected table/view.
- Select the field(s) in the Selected Fields list and click the Set Key button to set the primary key.
- The SQL Query list displays the SQL query run against the database. You can edit the query here or click the Edit button.
- Check the boxes in the Selected Fields list to enable auditing of the attributes.
- Click OK to save any changes and return to the Workflow and Connectivity Studio window.
- Deploy the workflow by selecting Deploy ► New Deployment.
See the Workflow and Connectivity Studio document for details of deployment options. - Manage and run the deployed workflow from the Admin UI ► Server tab.
See the Identity Suite Administration Guide for details.
Profiles Data Format
-
If you have selected Profiles data format in Step 2., this Configure Link window displays:
Description Source Attributes Select the attributes to import.
Check for Attribute Level Auditing
If auditing is enabled and these fields below are checked, Provisioning will log all events for auditing purposes.Selected Attributes Displays default attributes and those attributes that have been selected from the Source Attributes. Check the box of any attribute required for attribute-level auditing.
Advanced Settings Displays the Configure Attributes window for selecting any attributes that need to be encrypted.
Audit Key Select the attribute to associate with the Audit Key. - From the Attribute Selection tab, perform these steps:
- Select the import attributes required to populate data to the PeopleSoft Enterprise. The mandatory attributes are already displayed in the Selected Attributes field.
-
Check the boxes in the Selected Fields list to enable auditing of the attributes.
- Select the import attributes required to populate data to the PeopleSoft Enterprise. The mandatory attributes are already displayed in the Selected Attributes field.
-
Click OK to save any changes and return to the Workflow and Connectivity Studio window.
-
Deploy the workflow by selecting Deploy _ New Deployment.
See the Workflow and Connectivity Studio document for details of deployment options. -
Manage and run the deployed workflow from the Admin UI _ Server tab.
See the Identity Suite Administration Guide for details.
Connector Details for Provisioning
Configuration import properties Id and loginId are used by the Provisioning Policy and IdentityHub features to populate the ACCOUNT_ID and ACCOUNT_USERNAME columns of the FISC_USER_ACCOUNT table of the Product database. See the ‘Provisioning Policy’ and ‘Provisioning Using the IdentityHub’ chapters of the Identity Suite Administration Guide for details.
This table shows the default attributes specified for these properties for the connected system if Profiles is selected when configuring the import connector:
Identity Property |
System Attribute |
---|---|
Id |
userID |
loginId |
userID |
PeopleSoft Attributes
The following PeopleSoft attributes are used by the Provisioning import connector:
Attribute |
Column |
Multi-valued |
Create |
Modify |
Value Type |
Possible Values |
Required |
Description |
Record: PSOPRDEFN |
||||||||
userID |
OPRID |
No |
Yes |
No |
string |
|
Yes |
The userID of the user to be created or modified. This is a unique value. |
IDType |
|
No |
Yes |
Yes |
string |
EMP, NON, VND *** See the values and descriptions below. |
Yes |
Separating user profiles by IDType enables you to have multiple categories of user profiles with ID numbers all within a range of 1 - 1000, for example, and it also enables you to grant data permission by entity (customer, employee, etc.). So when users sign on to your benefits or payroll deductions application, they see only information that applies to them. |
EmplID |
EMPLID |
No |
Yes |
Yes |
string |
|
Yes, if IDTyp e is EMP. |
The employeeID to associate with the user. |
Password |
OPERPS WD |
No |
Yes |
Yes |
string |
|
Yes |
The password of the user. |
userDescri ption |
OPRDEF NDESC |
No |
Yes |
Yes |
string |
|
Option al |
Enables you to help identify the user. |
Encrypted |
ENCRYPT ED* |
No |
Yes |
Yes |
integer |
0, 1 |
Option al |
Specifies whether the password is encrypted or not. |
SymbolicI D |
SYMBOLI CID |
No |
No |
Yes |
string |
sa1 |
Option al |
Name of the database that the user is associated with. |
Language Code |
LANGUA GE_CD |
No |
Yes |
Yes |
string |
ENG, FRA, GER, etc. |
Option al |
User’s preferred language. |
MultiLangu ageEnable d |
MULTILA NG |
No |
Yes |
Yes |
integer |
0, 1 |
Option al |
Sets whether the user uses one or more languages. |
CurrencyC ode |
CURREN CY_CD |
No |
Yes |
Yes |
string |
USD, INR, JPY, etc. |
Option al |
Code of the currency that the user deals with. |
AccountLo cked |
ACCTLOC K |
No |
Yes |
Yes |
integer |
0, 1 |
Option al |
Locks/unlocks the user account. |
PrimaryPer missionList |
OPRCLAS S |
No |
Yes |
Yes |
string |
HCPPALL HCPPNDP HCPPSGP |
Option al |
Data permission given to the user. |
RowSecuri tyPermissi onList |
ROWSEC CLASS |
No |
Yes |
Yes |
string |
HCDPALL HCDPNDP HCDPSGP |
Option al |
Data permission given to the user. |
ProcessPr ofilePermis sionList |
PRCSPRF LCLS |
No |
Yes |
Yes |
string |
HCSPPRFL HCSPPRCS |
Option al |
Permissions that a user requires for running batch processes through the PeopleSoft Process Scheduler. |
NavigatorH omePermi ssionList |
DEFAULT NAVHP |
No |
Yes |
Yes |
string |
HCSPNAVHP |
Option al |
Permission associated with the PeopleSoft workflow. |
FailedLogi ns |
FAILEDLO GINS |
No |
Yes |
Yes |
integer |
0 |
Option al |
Specifies the number of times the user failed to logon. |
OperType |
OPRTYPE |
No |
Yes |
Yes |
integer |
0, 1 |
Option al |
Distinguishes between LDAP and non-LDAP users. |
userIDAlia s |
USERIDA LIAS |
No |
Yes |
Yes |
string |
|
Option al |
Alias for the userID of a user. It can be the e-mail address of the user. |
AllowSwitc hUser |
PTALLOW SWITCHU SER |
No |
Yes |
Yes |
boolea n |
1, 0 |
Option al |
1 for True and 0 for False. |
Email- BlackBerry Email- Business Email- Home Email- Other Email- Work |
EMAILID - primary email address value |
No |
Yes |
Yes |
string |
Email address value |
Option al |
E-mail address of a user. Required if the user is part of a workflow system that generates e-mail for the users. There are separate e-mail values for each e- mail type. |
PrimaryEmail |
|
No |
Yes |
Yes |
string |
Email- BlackBerry Email- Business Email-Home Email-Other Email-Work |
Yes, if the user has entere d an e-mail addre ss. |
Select one e-mail address as the primary e-mail address. Only one e-mail entry can be the primary address. |
Record: PSOPRALIAS |
||||||||
IDType |
OPRALIA STYPE |
|
|
|
|
EMP or VND |
|
Indicate the alias type. |
EmplID or VendorID |
OPRALIA SVALUE |
No |
Yes |
Yes |
string |
|
|
The EmployeeID or VendorID as determined by the OPRAliasType (EMP or VND). |
Vendor- SetID |
SETID |
No |
Yes |
Yes |
string |
|
Yes, if IDTyp e=VN D. |
The ID created or used for grouping certain vendors. For example, a SetID for France contains all French vendors (each having their own VendorID but all having the same SetID). |
VendorID |
VENDOR_ ID |
No |
Yes |
Yes |
string |
|
Yes, if IDTyp e=VN D. |
Unique ID for the vendor. |
Record: PSROLEUSER |
||||||||
userID |
ROLEUSE R |
Yes |
Yes |
Yes |
string |
OPRID |
Yes |
User being assigned the role. |
Rolename |
ROLENA ME |
Yes |
Yes |
Yes |
string |
PeopleTools, PeopleSoft User, HR Administrator, Employee, Payroll Administrator, Faculty, PeopleSoft Administrator |
Yes |
Name of the role assigned to the user. |
Record: PS_ROLEXLATOPR |
||||||||
ReassignU serID |
|
No |
Yes |
Yes |
string |
userID |
Yes, if Reass ignWo rk is set to Y. |
To reassign any pending work for the role user if positions change or a user is going on a temporary leave. |
Reassign Work |
|
No |
Yes |
Yes |
string |
Y, N |
Option al |
Y for Yes, N for No. |
WorklistUs er |
WORKLIS T_USER_ SW |
No |
Yes |
Yes |
string |
Y, N |
Option al |
Y for Yes, N for No. |
EmailUser |
EMAIL_U SER_SW |
No |
Yes |
Yes |
string |
Y, N |
Option al |
Y for Yes, N for No. |
AlternateU serID |
ROLEUSE R_ALT |
No |
Yes |
Yes |
string |
userID of alternate user |
Option al |
The alternate role user to receive routings sent to the role user who is temporarily out. |
Supervisin gUserID |
ROLEUSE R_SUPR |
No |
Yes |
Yes |
string |
userID of supervisor |
Option al |
userID of the user’s supervisor. |
EffectiveD ateFrom |
|
No |
Yes |
Yes |
string |
NA |
Yes, if Altern ateUs erID is specifi ed. |
Date from which the AlternateUserID needs to be used for a user. |
EffectiveD ateTo |
|
No |
Yes |
Yes |
string |
NA |
Yes, if Altern ateUs erID is specifi ed. |
Date until the AlternateUserID needs to be used for a user. |
Record: PSUSEREMAIL |
||||||||
Email- BlackBerry Email- Business |
EMAILID |
No |
Yes |
Yes |
string |
Email address value |
Option al |
There are separate e-mail address values for each e- mail type. |
Email- Home |
|
|
|
|
|
|
|
|
Email- Other |
|
|
|
|
|
|
|
|
Email- Work |
|
|
|
|
|
|
|
|
PrimaryEm ail |
PRIMARY _EMAIL |
No |
Yes |
Yes |
string |
Email- BlackBerry Email- Business Email-Home |
Yes, if the user has entere d an e-mail addre ss. |
Select one e-mail address as the primary e-mail address. Only one e-mail entry can be the primary address. |
* When the attribute Encrypted (ENCRYPTED) is set to 1 through the API interface, the Password (OPERPSWD) attribute is encrypted. However, the password encryption control is not purely on the APIs. The encryption option in the API may be overridden by the PeopleCode in the table. The following default code is part of the OPERPSWD field in the PSOPRDEFN table as SavePreChange. This encrypts the data before inserting it into the table by any process (e.g., API call, PeopleSoft UI, etc.). Declare Function Password_History PeopleCode FUNCLIB_PTSEC.OPRID FieldFormula; &pswdfield = GetField(PSOPRDEFN.OPERPSWD); If &pswdfield.ischanged Then &OPRID = PSOPRDEFN.OPRID; &OPRPSWD = PSOPRDEFN.OPERPSWD; &pswd = Hash(&OPRPSWD); rem check password history; &pswd_used = Password_History(&OPRID, &pswd); PSOPRDEFN.OPERPSWD = &pswd; End-If; The PeopleSoft installation can be customized by changing/modifying this PeopleCode. Note: Fischer International Identity does not support any customizations. |
*** PeopleSoft delivers the following IDTypes:
IDType |
Description |
CNT |
Customer Contact |
CST |
Customer |
EJA |
External Job Applicant |
*EMP |
Employee |
*NON |
None |
*VND |
Vendor |
The import connector currently supports these IDTypes:
- EMP - You must also provide the EMPLID
- NON - No additional attributes are
- VND - You must also provide the Vendor-SetID and VendorID
Attribute Type |
Modify Type |
Functionality |
Single-valued
|
add |
If the attribute already exists, an error message displays. If the attribute does not exist, the attribute value is added. |
replace |
The existing value is replaced with the new value. |
|
delete |
If the specified value already exists, it is deleted. If the specified value does not exist, an error message displays. |
|
Multi-Valued |
add |
The value is added to the existing value set. |
modify |
The existing value set is replaced by the new values. |
|
delete |
If the specified value already exists, it is deleted. If the specified value does not exist, an error message displays. |
Entitlement Support
This connector supports static entitlements in the form of Roles, Primary Permission, Row Security Permission, Process Profile Permission, Navigator Home Permission. Entitlements are configured from the Admin UI _ Server _ Resources. See the Resource Management chapter in the Identity Suite Administration Guide for details on resources.
To configure entitlements
- On the Resource Detail page, under Entitlement Options, enter a Name and Value, and select the Type, for example:
To view entitlements that have been provisioned for existing users
-
From the Admin UI ► Users ► Search Users to Modify ► User Access View page, all entitlements associated for the user are listed.
Configuring Triggers for PeopleSoft 8.48, 8.49, and 8.5
This section describes the procedures for configuring and deploying triggers and contains these subsections:
- Introduction
- Prerequisites
- Resource Requirements
- Configuring the PeopleTools Environment for 8.48, 8.49, and 8.5
- Configuring the PeopleSoft Application Serverr
- Creating a Trigger for PeopleSoft 8.48, 8.49, and 8.5
- Deploying and Managing the Trigger for PeopleSoft 8.48, 8.49, and 8.5
- Troubleshooting Messages in PeopleSoft 8.48, 8.49, and 8.5
Introduction
These procedures describe how to:
- Configure the Provisioning engine for PeopleSoft 8.48, 8.49, and 8.5 trigger deployment
- Load and build the PeopleSoft Application project
- Configure the PeopleSoft Enterprise environment
- Configure PeopleSoft for the Provisioning trigger deployment
- Deploy, redeploy, and delete the deployment of the PeopleSoft trigger
- Review and manage the Workflow and Connectivity Studio
Prerequisites
Ensure that these prerequisites are satisfied:
- PeopleSoft Enterprise 8.48, 8.49, and 8.5.
- PeopleSoft Application Designer
- PeopleSoft Application Designer Account
- Database user account with privileges
- PeopleSoft Provisioning files (IdM Suite Software folder\Provisioning\Resource\Triggers\PeopleSoft\PT84x\).
- PeopleSoft PUB SUB server booted
- Create a PeopleSoft Enterprise provisioning connector before creating a PeopleSoft Enterprise trigger (see the section Creating the Connected System in the Studio).
- Create and deploy workflows to be run by the PeopleSoft See the ‘Creating Workflows’ and ‘Deploying Workflows’ sections in the Workflow Development chapter in the Workflow and Connectivity Studio document for details.
- Configure the DataHub schema to use PeopleSoft triggered data for the selected Target workflow to be run by the trigger. See the appendix Creating PeopleSoft Trigger DataHub Schema for details.
Resource Requirements
This process can take between 60 and 120 minutes. These resources are needed for this process to be completed:
- Provisioning administrator
- Provisioning Workflow administrator
- PeopleSoft Tools
- PeopleSoft Enterprise administrator
- PeopleSoft Employee administrator
Configuring the PeopleSoft Application Server
Note: Perform the Configuring Java steps only if the application server is installed without Java support, or to use non-default Java; otherwise, proceed to Enabling the Pub/Sub Servers.
Configuring Java
Note: These steps are optional.
- Ensure that Java is installed on the PeopleSoft application server.
- Edit the cfg file located in <PS_HOME>/appserv/<application server>.
- Under the [PSTOOLS] section, find the line ;JavaVM Shared Library=. Uncomment the line and include the following jvm value, based on the operating system where the PeopleSoft application server is running:
- NT - JavaVM Shared Library=<JAVA_HOME>\bin\classic\jvm.dll
- UNIX - JavaVM Shared Library=<JAVA_HOME>/bin/classic/jvm Where <JAVA_HOME> is the actual Java Directory
- NT - JavaVM Shared Library=<JAVA_HOME>\bin\classic\jvm.dll
- Under the [PSTOOLS] section, find the line Add to CLASSPATH=. Include the following statement, based on the operating system where the PeopleSoft application server is running:
- NT - Add to CLASSPATH=<JAVA_HOME>\bin\;jre1.2\bin\classic
- UNIX - Add to CLASSPATH=<JAVA_HOME>/bin/;jre/bin/classic.so Where <JAVA_HOME> is the actual Java Directory.
Enabling the Pub/Sub Servers
- Run the PSADMIN utility and select the option to configure the domain from the PeopleSoft Domain Administration menu.
- A message displays indicating this process will shut down the Enter Y to continue.
- Enable the Pub/Sub Servers option and then select the option to Load config as shown.
- Proceed to Clearing the Application Server Cache.
Clearing the Application Server Cache
- Select the Purge Cache option from the PeopleSoft Domain Administration menu or manually remove the files from the PeopleSoft application server cache: <PS_HOME>/appserv/<application server>/CACHE.
- Select the option from the PeopleSoft Domain Administration menu to boot this domain and then exit from the PSADMIN utility.
Configuring the PeopleTools Environment for 8.48, 8.49, and 8.5
Note: These steps are critical to the Workflow and Connectivity Studio. Perform these procedures to configure the PeopleTools environment:
- Installing the Custom Connector
- Loading Gateway Connector Properties
- Service Configuration Target Location
- Node Integration Setup
- Message Integration Setup
- Queue Integration Setup
- Service Operations Integration Setup
- Routings Integration Setup
- Administer Service Operations Monitor
Installing the Custom Connector
The custom target connector is a class file that needs to be installed in the Web server of the PeopleSoft installation.
- Copy the FISCIdMConnector.class file from the IdM Suite Software folder\Provisioning\Resource\Triggers\PEOPLESOFT\PT84x\PSConnector to this location on the PeopleSoft Web server:
<PS_HOME>\webserv\<PeopleSoft site>\applications\peoplesoft\PSIGW\WEB-INF\classes\com\peoplesoft\pt\integrationgateway\targetconnector - Restart the PeopleSoft PIA Web server.
Loading Gateway Connector Properties
- Log in to the PeopleSoft Web client and browse to People Tools ► Integration Broker ► Configuration ► Gateways.
- Select the Search button to display all current Local Connectors.
Note: If no local connectors are displayed, confirm that the URL specified is correct (e.g., http://<PeopleSoft application server>:<PeopleSoft application server port>/PSIGW/PeopleSoftListeningConnector) and ping the gateway to confirm there is an active connection before proceeding. - Click the Load Gateway Connectors button on the Gateways page. There is a Connector ID named FISCIDMTARGET with a Connector Class Name of FISCIdMConnector.
Notes:- If the FISCIDMTARGET connector properties do not load automatically, view the<PS_HOME>\webserv\<PeopleSoft site>\applications\peoplesoft\PSIGW\ErrorLog.html file for additional information that may indicate possible issues, before proceeding.
- The FISCIDMTARGET connector properties can also be loaded manually by entering the Connector ID, Connector class name, and property information that’s hard-coded in the connector, by performing these sub steps:
a. Add a new row in the Connectors grid of the Gateways page. Enter the ID as FISCIDMTARGET for the new connector. Enter the connector class name as FISCIdMConnector.
b. Click the Load Gateway Connectors button on the Gateways page. The FISCIdMConnector connector and its properties will be loaded.
-
Click the Properties link to edit the connector’s properties. If no values are set by default, enter these values manually:
PropertyID
PropertyName
Required
Value
Default
HEADER
Accept
text/xml
HEADER
Accept-Charset
iso-8859-5
HEADER
Accept-Charset
utf-8, iso_8859-1
HEADER
Accept-Encoding
*
HEADER
Accept-Language
en
HEADER
Allow
GET, POST
HEADER
Content-Type
text/xml
HEADER
SOAPAction
Yes
“”
HEADER
sendUncompressed
Yes
Y
Yes
HTTPPROPERTY
Method
Yes
POST
Yes
NODENAME
Node
Yes
FISC_IDM_NODE
Yes
PRIOURL
URL
Yes
http://<Provisioning host>:<port>/ dataforum/servlet/SOAPServlet/ PeopleSoftTriggerWebService
Yes
SystemName
SystemName
Yes
Must be the name of the connected system for which the trigger is being created.
OrgCode
OrgCode
Yes
Must be the organization code of the above connected system.
- Click OK and then click the Save button.
Service Configuration Target Location
- Select People Tools ► Integration Broker ► Configuration ► Service Configuration.
- Confirm the Service Namespace references “Enterprise/HCM/services” (i.e., http://oracle.com/Enterprise/HCM/services).
- Enter this target location:
http://<PeopleSoft application server>:<PeopleSoft application server port>/PSIGW/ PeopleSoftServiceListeningConnector
Where:
<PeopleSoft application server> is the PeopleSoft Web application server host IP or name.
<PeopleSoft application server port> is the PeopleSoft Web application port value.
Node Integration Setup
- Select People Tools ► Integration Broker ► Integration Setup ► Nodes. Click Add a New Value and enter the same NODENAME value (e.g., FISC_IDM_NODE) as provided for the FISCIDMTARGET connector during configuration of local Gateway connector properties.
- Click Add. The Node Definitions tab displays:
- Provide this information:
- Description: Fischer Identity External Node.
- Node Type: External.
- Authentication option: None.
- Default User ID: PS (or any other user).
- Enable the node by selecting the Active Node check box.
- Select the Connectors tab:
- Provide this information:
- Gateway ID: Local.
- Lookup the Connector ID and select: FISCIDMTARGET.
- Confirm the PRIOURL value is correct. It should match the value provided for the FISCIDMTARGET connector during configuration of local Gateway connector properties (e.g., http://<Provisioning host>:<port>/dataforum/servlet/SOAPServlet/ PeopleSoftTriggerWebService).
Where:
<Provisioning host> is the IP or Host name of the Provisioning Server.
<port> is your Provisioning web server port.
- Ping the node by clicking the Ping Node button, to confirm there is an active connection before proceeding.
Message Integration Setup
Follow the steps below to set up two messages provided by PeopleSoft: PERSON_BASIC_SYNC (for person information) and WORKFORCE_SYNC (for job information) and configure them to publish to the Provisioning Server.
Any message provided by PeopleSoft or custom created may be used to publish to the Provisioning Server.
- Select People Tools ► Integration Broker ► Integration Setup ► Messages. Search and select PERSON_BASIC_SYNC with the INTERNAL message version. Select the Schema tab and click Build Schema.
- Return to search and select WORKFORCE_SYNC with VERSION_2 message version. Select the Schema tab and click Build Schema.
Note: Repeat step 1 for any additional messages that are needed.
Queue Integration Setup
Follow the steps below to set up PERSON_DATA queue to handle messages from both PERSON_BASIC_SYNC and WORKFORCE_SYNC.
- Select People Tools ► Integration Broker ► Integration Setup ► Queues.
- Search and select the PERSON_DATA queue.The Queue Definitions window displays:
- Set the Queue Status to Run and click Save.
Service Operations Integration Setup
Follow the steps below to set up Service Operations handlers for PERSON_BASIC_SYNC and WORKFORCE_SYNC.
- Select People Tools ► Integration Broker ► Integration Setup ► Service Operations.
- Search on Service for PERSON_BASIC_SYNC and select the PERSON_BASIC_SYNC Service Operation Link. The General tab displays.
- Select the Active check box in the Default Service Operation Version section of the General page.
- Click the Service Operation security link located towards the top of the page.
- In the pop-up menu, ensure that a Permission List has been specified for this Service (e.g., HCSPSERVICE) and that it has Full access.
- Click Save.
- Select the Handlers tab and set the Status to Active for the SCC_NSI_PERSON_SYNC hanlder.
- Click Save and return to search.
-
Search on Service for WORKFORCE_SYNC and select the WORKFORCE_SYNC Service Operation Link.
- Select the Active check box in the Default Service Operation Version section of the General page.
- Click the Service Operation security link located towards the top of the page.
- In the pop-up menu, ensure that a Permission List has been specified for this Service (e.g., HCSPSERVICE) and that it has Full access. Click Save.
- Select the Handlers tab and set the Status to Active for the GPUS_JobSync Click Save.
Routings Integration Setup
- Select People Tools ► Integration Broker ► Integration Setup ► Routings.
PERSON_BASIC_SYNC - Click Add a New Value and enter a name that identifies FISC_IDM node with PERSON_BASIC_SYNC (e.g., FISC_IDM_PERSON_ROUTE).
- Click Add. The Routing Definitions tab displays.
- Provide this information:
- Enter or select the Service Operation: PERSON_BASIC_SYNC.
- Enter or select the Sender Node. This is the node that is set to Local Node = 1 and Default = Y (e.g., PSFT_HR).
- Enter or select the Receiver Node: FISC_IDM_NODE.
- Select the Active check box to enable the definition.
- Select the Connector Properties tab:
- Provide this information:
- Enter or select the Gateway ID: Local.
- Enter or select the Connector ID: FISCIDMTARGET.
- Confirm the PRIOURL value is correct. It should match the value provided for the FISCIDMTARGET connector during configuration of local Gateway connector properties (e.g., http://<Provisioning host>:<port>/dataforum/servlet/SOAPServlet/ PeopleSoftTriggerWebService).
Where:
<Provisioning host> is the IP or Host name of the Provisioning Server.
<port> is your Provisioning web server port.
- Click Save.
WORKFORCE_SYNC
- Click Add a New Value and enter a name that identifies FISC_IDM node with WORKFORCE_SYNC (e.g., FISC_IDM_JOB_ROUTE).
- Click Add. The Routing Definitions tab displays.
- Provide this information:
- Enter or select the Service Operation: WORKFORCE_SYNC.
- Enter or select the Sender Node. This is the node that is set to Local Node = 1 and Default = Y (e.g., PSFT_HR).
- Enter or select the Receiver Node: FISC_IDM_NODE.
- Select the Active check box to enable the definition.
-
Select the Connector Properties tab.
-
Provide this inofrmation:
- Enter or select the Gateway ID: Local.
- Enter or select the Connector ID: FISCIDMTARGET.
- Confirm the PRIOURL value is correct. It should match the value provided for the FISCIDMTARGET connector during configuration of local Gateway connector properties (e.g., http://<Provisioning host>:<port>/dataforum/servlet/SOAPServlet/ PeopleSoftTriggerWebService).
Where:
<Provisioning host> is the IP or Host name of the Provisioning Server.
<port> is your Provisioning Web server port.
- Click Save.
Administer Service Operations Monitor
- Select People Tools ► Integration Broker ► Service Operations Monitor ► Administration ► Domain Status:
-
Click Purge Domain Status and then set the Domain Status to Active and click Update.
Configuring the Provisioning Server for the PeopleSoft 8.48, 8.49, and 8.5 Trigger
- Log in to Identity Administration. Click the Configuration tab, the Configuration Function Menu item, and then select Provisioning Server.
- Ensure that the PeopleSoft configuration property PSValidOldTransactionPeriod is set properly. Set it to the number of days in the past that a PeopleSoft message transaction can still be considered valid for processing and not discarded (default: 10). The maximum setting is 1000 days. Set to 0 if you want to disregard this option and process all PeopleSoft message transactions regardless of their effective date value.
Creating a Trigger for PeopleSoft 8.48, 8.49, and 8.5 - From the Workflow and Connectivity Studio, select File ► New Trigger ► PeopleSoft Trigger.
Note: You can have multiple triggers defined and multiple messages within a trigger, but one particular message cannot be used for more than one trigger.
The Create a New Trigger window displays.
- Enter a trigger name in the Name field.
- Click the Browse button to select a directory other than the default displayed in the Directory field. The directory should be a child of the default location in order to have the trigger listed under the projects folder.
- Select the available PeopleSoft system where this trigger should be created from the system list in the System field.
Note: If there are no connected systems to select, then a PeopleSoft Enterprise provisioning connected system does not exist. This connected system must exist before creating a trigger. - Enter descriptive text in the Description field and then click OK. A new trigger system object and link display in the Design pane.
Note: The trigger must be fully configured before it can be saved and deployed. Proceed to the sections below to complete configuring the trigger.
Configuring a Trigger Agent
Note: To modify an existing trigger, on the menu bar click View ► Triggers, and then select one of the PeopleSoft Enterprise triggers listed under the projects folder.
- In the Design pane, double-click the trigger system. The Configure Data Source window displays:
- From the Associated Connected System drop-down list, select the connected system where the trigger is to be deployed.
- (Optional) Select the Appearance tab to change how the Connected System object displays in the Design pane.
- Click OK save changes and return to the Workflow and Connectivity Studio window.
Note: A trigger cannot be saved until a trigger link has been configured.
Configuring a Trigger Link
Note: To modify an existing trigger, on the menu bar click View ► Triggers, and then select one of the PeopleSoft Enterprise triggers listed under the projects folder. -
In the Design pane, double-click the trigger The Configure Data Source window displays:
- From the Configure Trigger tab, select each message with the corresponding message version that you want configured for the trigger and click the Add >> button.
- Only the message description for selected messages, as defined within PeopleSoft is displayed. Modifications to the message description must be made from within PeopleSoft.
- Highlight a Selected Message. A list of records (by XMLAlias name) that corresponds with the selected message displays within the records list. Select the desired record(s) to include in trigger configuration and click Add >> to move them to the Selected Records list. Repeat this procedure for each selected message.
- Select the record(s) that the trigger is to be implemented on and click the Add >> button to add the records.
- Select the Check For MessageData Change check box to prevent sending unchanged data. For example, when the city is changed from Chicago to Chicago and saved, PeopleSoft Enterprise triggers a message even though there is no change in the data.
- From the Configure Trigger tab, select each message with the corresponding message version that you want configured for the trigger and click the Add >> button.
-
Click the Configure Selected Records button. The Configure Selected Records window displays:
Description Selected Records Select the desired record to include in trigger configuration.
Optional Select to make the configuration of the record optional. Only records with changed data will be included in trigger configuration.
Unique Key Displays the attribute(s) that make the entry in the selected schema table unique.
Fields Lists the fields available for export.
Selected Fields Lists the selected schema table fields for export.
Note: The check boxes are used only for delta export operations. These checked attributes will always be exported whether they were changed or not.
Advanced Settings Displays the Configure Attributes window for selecting any attributes that need to be encrypted.
Set Unique Key Sets which attribute from the Selected Fields will make the entry unique.
Get Unique Key Retrieves a unique key from the selected schema table.
Clear Unique Key Removes the current unique key attribute selection. No unique key attribute is defined after selecting this option.
Effective Date Select these effective date options:
- Set - Sets an attribute from the selected attributes to apply an effective date offset to control when the triggered data is run. A condition can be provided that determines when or if an effective date offset should be applied. Set a condition and effective date offset from the Effective Date tab.
- Clear - Removes the selected attribute from being defined for effective date processing.
- Format - Specifies a desired date/time format to be applied to the selected effective date field. Any field type can be selected to apply a date/time format to the effective date value.
- Select the Optional check box next to the selected record only if the configuration of that record is optional. If there is no change on this record, it will not process. If Optional is not enabled, any change causes the selected record to process, even if the data in that record has not changed. This is used for records that have key fields in them needed for workflow processing (such as Name, Job, etc.).
- Select required fields from the Fields list and add them to the Selected Fields list.For the trigger to work properly you must have at least one field selected.
- Select the primary key from the Selected Fields list and click the Set Primary Key button or you can obtain the Primary Key by selecting the Get Unique Key button.
- If you want the trigger to run based on an effective date calculation, highlight a date field from the Selected Fields list and click the Set button within the Effective Date section. To remove an effective date setting, click the Clear button. To select a specific date format for the Effective Date attribute, click the Format button.
- Repeat step a through c for all selected records.
- Click OK when finished to return to the Configure Link window.
- Click the Effective Date tab and then click the Add The Set Trigger Data Condition window displays.
- Set an Effective Date Offset value and specify a condition when it will be used:
- For triggers - All conditions specified here will be evaluated for each incoming data entry. The offset corresponding to the first condition that is satisfied will be applied to the date contained in the effective date attribute. An offset can be mapped to a condition that is specified as default. If none of the conditions in the list are satisfied, the offset corresponding to the default condition will be applied to the effective date.
- For Chained workflows - From the Chained workflow Configure Data Source window, specify the attribute that should have an effective date condition and offset value applied. From the preceding Data Mapper, provide conditions and offset values to calculate the target effective date value and save this value to the effective date attribute as the target attribute.
- For triggers - All conditions specified here will be evaluated for each incoming data entry. The offset corresponding to the first condition that is satisfied will be applied to the date contained in the effective date attribute. An offset can be mapped to a condition that is specified as default. If none of the conditions in the list are satisfied, the offset corresponding to the default condition will be applied to the effective date.
- Click OK when finished.
- Set an Effective Date Offset value and specify a condition when it will be used:
- From the Target Workflow Selection tab, select the deployed workflow(s) to run when the trigger occurs, and then click the Add > button.
To remove a selected workflow from being run, highlight it under Selected Workflows and click the < Remove button. - Highlight a workflow from the Selected Workflows list and click the Set Condition button to set a condition before running Target Workflows. The Set Lookup Condition window displays.
- Set the lookup condition if you want a particular workflow to run for a particular data value. For example, if the action type from PeopleSoft is ‘HIR’ you may want to run a particular workflow different than if the action type was ‘T’.
- Set a check condition before running workflows by building a complex condition with logical AND/OR.
- Click OK when finished to return to the Configure Link window.
- Set the lookup condition if you want a particular workflow to run for a particular data value. For example, if the action type from PeopleSoft is ‘HIR’ you may want to run a particular workflow different than if the action type was ‘T’.
- Click OK to save any changes and return to the Workflow and Connectivity Studio window.
Deploying and Managing the Trigger for PeopleSoft 8.48, 8.49, and 8.5
Note: You can have multiple triggers defined and multiple messages within a trigger, but one particular message cannot be used for more than one trigger.
New Deployment
- From the Workflow and Connectivity Studio, open the PeopleSoft trigger. Select Deploy ► New Deployment. Click Deploy New. Click OK to deploy the trigger.
- From the Identity Admin UI, select the Server tab, select Triggers, select the deployed PeopleSoft trigger, and then click the Enable button.
Note: A PeopleSoft trigger cannot be enabled with a message that is already configured for another enabled PeopleSoft trigger. A message similar to this will display:
A trigger containing the message is already enabled. Message name: PERSON_BASIC_SYNC.
ReDeployment
- From the Workflow and Connectivity Studio, open the PeopleSoft trigger and make the desired changes to your PeopleSoft trigger.
-
Click OK to save any changes and return to the Workflow and Connectivity Studio window.
-
Select Deploy ► Manage Deployment. Select the trigger to redeploy and click Redeploy.
Deleting Deployment
- From the Workflow and Connectivity Studio, open the PeopleSoft trigger.
- Select Deploy ► Manage Deployment. Select the trigger to delete and then click Undeploy.
- To create a new trigger after deleting previous trigger deployment, follow the steps for New Deployment.
Troubleshooting Messages in PeopleSoft 8.48, 8.49, and 8.5
When data is changed in the PeopleSoft records that you have configured, messages are created. Here are some ways to troubleshoot and ensure that a message is sent or published by PeopleSoft and received by the Provisioning Server properly.
Monitoring Messages in PeopleSoft 8.48, 8.49, and 8.5
- Log in to the PeopleSoft Web application as an administrator with PeopleTools privileges.
- Select People Tools ► Integration Broker ► Service Operations Monitor ► Monitoring.
- Select Asynchronous Services and click the Publication Contracts tab.
-
Clear all the search fields except the Queue Name field. Search and select the PERSON_DATA Queue Name and click the Refresh button. All published transactions for the PERSON_DATA Queue display.
-
Click the Sub Queue Link. A list of Sub Queue Publication Contracts display.
- Click the Send ID column to sort the list by transactions sent (the latest one displays in bold).
- Click the Details link next to any message to view XML message data content or IB Information for message.
Ensuring that the Message is Received
Access the Provisioning Server machine to verify these steps.
To ensure that the message was received, navigate to the Provisioning Server installation folder Fischer\Provisioning\share\trigger-runtime\PSTriggerData\. A file called pstdata###.xml should contain the message content published by PeopleSoft. A separate pstdata###.xml file should exist for each message published or sent by PeopleSoft.
Also, check the Provisioning Server workflows-instance folder (Fischer\Provisioning\share\workflows-instance\<workflow>) for additional data (.dat) files created during runtime of workflows selected for execution due to triggered data or message content received from PeopleSoft.
If the PeopleSoft trigger is disabled, a message will still be published by PeopleSoft when data is changed in PeopleSoft, and a trigger data file will be created but selected Target workflows will not be launched unless the trigger is enabled.