AUGUST 17, 2015

INTEGRATING SFDC AND AEMHow Lexmark integrated SFDC with Closed User Groups to create customized portals

2

• Background

• The Problem

• The Approach

• Roadblocks

• Solution Architecture

• Replication/User Management

• SAML

• SFDC

• Demonstration

AGENDA

3

• About Lexmark

• 51 Public Sites in 23 languages

• 42 Partner Sites in 18 languages

• 20K+ Partner Accounts, 60K+ User Accounts

• Complicated user/company profile

• New programs added regularly

• SFDC is system of record

• Content visibility driven by enrollments/metadata

in SFDC

“Lexmark sells its products and

services in more than 170

countries, and is a recognized

global leader by many of the

technology industry’s leading

market analyst firms. Lexmark has

also acquired and integrated

several strategic software

companies since 2010, further

expanding the company’s

breadth of offerings to include

innovative software solutions.”

BACKGROUND

4

• Complicated Portal Ecosystem

• Data Maintenance Nightmare

• Volume of records to synchronize

• “Administration” access

• Provisioning lagtime

• Company vs. Location vs. User attributes

THE PROBLEM

“A single source for

partner

information.”

5

Did not work:

• Cache profile real-time from SFDC

• Client Context

• Full sync of user records

Solution:

• Create User Repository in AEM

• AEM Closed User Groups based on SFDC

Enrollments

• Use a login hook in Shibboleth to trigger sync

• Develop admin screens/exception emails for

troubleshooting

THE APPROACH

6

• Replication (Reverse/Pub2Pub)

• Workflows (Master/Slave)

• Latency in group enrollments

• Node corruption

• Queue Management

• Initial Migration

• SFDC record Listener

• ETL to other systems (ie. DealerFinder, Virtual Solution Center)

ROADBLOCKS

7

• User Repository Data Model

• SFDC Endpoint/Security

• Shibboleth for SAML

• SCIM service for LDAP User Creation

• CUG Sync/Creation

• CUG Enrollment Service

• Admin Screens

• Exception Reporting

• Pub2Pub Replication

• Reverse Replication Enhancement

THE SOLUT ION (COMPONENTS)

8

Considerations:

• Stickiness

• Latency of Pub2Pub

• Author-Activate

• Publish-Reverse Replicate

• Admin Access

REPL ICAT ION/USER MANAGEMENT

9

• AEM SAML maturity in an Enterprise

• Single Logout

• Multiple Domains

• Application server SAML vs. Webserver SAML

• Shibboleth planning considerations

• Shared Cache

• Login Hook

• Auto-provision internal users

• Security between webserver and app server

SAML

10

Listeners

Custom End-Point for Users

Standard End-Point for Programs/Offers

Standard End-Point for New Users

LDAP User Creation

Cloud Connector (Encryption Key)

Posting Cases

SFDC

11

SiteMinder/Ping

SFDC

extsignon-partner.lexmark.com(IDM Login Screen)

Redirect to check auth

/bin/lexmark/login/sync

Apache/Shibboleth

partnernet.lexmark.com/dashboard

partner.perceptivesoftware.com

AEM User Repository (synced from SFDC)

sync servlet in aem-lexmark/partnernet

(to update AEM User Db)

SFDC Returns enrollments/metadataReturns user to original URL

Header passes assertion data to AEM

partnernet.lexmark.com

Originating URL appended as query string

Returns user to original URL

partner.perceptivesoftware.com

Originating URL appended as query string

THE SOLUTION (FLOW)

12

SiteMinder/Ping

SFDC

partners.lexmark.com

extsignon-partner.lexmark.com(IDM Login Screen)

Redirect to check auth

/bin/lexmark/login/sync

Apache/Shibboleth

redirect servlet in aem-lexmark/partnernet

(logic for url, user combinations)

partnernet.lexmark.com/dashboard

partner.perceptivesoftware.com lexmark.my.salesforce.com

AEM User Database (synced from SFDC)

sync servlet in aem-lexmark/partnernet

(to update AEM User Db)

SFDC Returns enrollment for Communities Access

Originating URL appended as query string

Header passes assertion data to AEM

partners.lexmark.com/redirect

partnernet.lexmark.com

Originating URL appended as query string

Returns user to original URL

partner.perceptivesoftware.com

Originating URL appended as query string

THE SOLUTION (TODAY)

13

DEMONSTRAT ION

• User Provisioning in SFDC, sync to AEM

• Using Closed User Groups

• Syncing Closed User Groups with SFDC

• Replication

14

DISCUSS ION