PeopleSoft Directory Interface for HRMS

prepared for

USM Regional PeopleSoft Conference

June 10, 2005

Hank Kehlbeck, Sr. Product Manager, HCM Strategy

Agenda

• LDAP Overview

• PeopleSoft Directory Interface Overview• Delivered Templates• Configuring Directory Interface• Where to Get More Information• Lessons Learned / Your Feedback

LDAP Overview

What is LDAP?

• Lightweight Directory Access Protocol• Standard protocol for reading from and writing to

directories• Common language that LDAP clients and servers

use to communicate with each other• Accesses directory information usually organized

in a tree-like structure

What are the Benefits?

• Hierarchical and specialized Database• Scalable, Flexible, Extensible• Efficient Means of Organizing/Retrieving Information

• High Query (Read) Performance• Poor Update (Write) Performance

• LDAP should eventually make it possible for any application running on virtually any computer platform to obtain directory information, such as email addresses and public keys.

cn = Joh n W o o k ey

o u = D e ve lo p m e nt

cn = L a rry E llison

o u = M a n ag e m e nt

cn = D a ve H a re

o u =S u pp o rt

d c = O ra c le

LDAP Distinguished Names

Dn: uid=jsmith,ou=Tools,c=US,dc=oracle,dc=com

dc=oracledc=com

c=US c=FRA

ou=HRMSou=HRMSou=Tools

uid=jsmith

Directory Interface: Overview

What is Directory Interface?

PeopleSoftPeopleSoftDatabaseDatabase

PeopleSoftPeopleSoftDatabaseDatabase DirectoryDirectoryDirectoryDirectory

Directory InterfaceDirectory InterfaceDirectory InterfaceDirectory Interface

Features and Benefits

• Flexible• Compliant w/any LDAPv3-Compliant Directory Server• Supports flat and hierarchical schemas• Real-time or batch updates to map data• Effective-dated

• Centralized Information• Eliminate managing data in multiple locations• Enable single sign-on to enterprise applications• Audit data integrity b/w HCM and Directory Server

• Lower Cost, Standards-based Security• Control access to PeopleSoft using LDAP• Reduce security maintenance costs

Directory Interface Components

• Mapping Data and Templates• Optional directory schema extensions • Integration Tools

• Fields, Records, PeopleCode, Application Messages,Business Interlinks

• Audit reports • Signon PeopleCode for Directory Server

Authentication.

Process Flow of an Update

4. App. Msg. Subscription

Process Invoked

<xml>http/html<

xm

l>L

DA

P

5. LDAP Business Interlink writes

data to Directory, using Map Defns.

HRMS to Directory Maps

2. Business Event Triggered

Application Server

1. HR Transaction

New Hire Data

3. App. Msg Published to

Queue (if current)

App. Message Queue

Directory Interface feature• The PDI Features (cont’d):

• A “Massive” Directory Tree Re-organization:

dc=oracledc=com

c=US c=FRA

ou=HRMSou=HRMSou=Tools

uid=jsmith

dc=oracledc=com

c=US c=FRA

ou=HRMSou=HRMS

ou=Tools

uid=jsmith

BEFORE AFTER

Supported LDAP Servers

• LDAPv3-compliant Directory Servers:• Novell NDS eDirectory using any Novell

supported O/S • Sun ONE Directory Server and higher using any

Sun ONE supported O/S• Microsoft Active Directory on Windows 2000

Server

Directory Interface: Delivered Templates

• With 8.9, the goal was to adapt the Directory Interface to the new HCM Person Model and to consolidate HCM and Student Admin specific maps into one generic one.

Delivered Templates (8.9)

Directory Entry Map Name Business Process

CS_ADVISOR_INSTR Create a new Instructor

CS_APPLICANT Create a new Applicant

CS_PERSON Add a new Person ID

CS_STUDENT Create a Student

HR_DEPARTMENT Create a new Department

HR_LOCATION Create a new Location

HR_PERSON Add a new Person

Delivered HR Mappings

dc=oracledc=com

c=US c=FRA

ou=HRMSou=HRMSou=Tools

uid=jsmith

Location Map

Department Map

Person Map

Schema Extensions (8.9)

Type Name

Object Class psftLsStudent

Object Class psftLsCrPerson

Object Class psftLsPerson

Type Name

Attribute Type psftInstitution

Attribute Type psftPurposeCd

Attribute Type psftStaffID

Attribute Type psftCnstType

Attribute Type psftCareer

Attribute Type psftProgram

Attribute Type psftPlan

Attribute Type psftAdmitTerm

Attribute Type psftInstrType

Attribute Type psftProgStatus

Configuring Directory Interface

1. Install Directory Interface

2. Configure the Directory

3. Cache the Schema

4. Create Authentication Maps and User Profile Maps

5. Create Sign-on PeopleCode

• Create Default User• Edit configuration.properties• Write Sign-on PeopleCode

6. Set Up Directory Mappings

7. Define Roles and Memberships

8. Activate Message Channel

9. Define Node

10. Define/Activate Transactions

11. Load PS Data into Directory

12. Audit / Search Directory

Where to Get More Information

PeopleBooks

• Security > Incorporating LDAP Directory Services • PeopleSoft Enterprise Components for PeopleSoft

Enterprise HRMS and Campus Solutions 8.9 PeopleBook > Using PeopleSoft Directory Interface

Lessons Learned / Feedback

AQ&Q U E S T I O N SQ U E S T I O N S

A N S W E R SA N S W E R S

Hank Kehlbeck

Senior Product Manager, HCM Strategy

hank.kehlbeck@oracle.com

240.398.8528