Description: Demonstrates how to install and configure PeopleSoft Employee Reconciliation connector. This connector only uses trusted reconciliation (OIM users are created based on data from an authoritative source such as PeopleSoft).
References: https://docs.oracle.com/cd/E22999_01/index.htm
https://docs.oracle.com/cd/E22999_01/doc.111/e25370/toc.htm
Connector Installation
1. Unzip the connector bundle to "$MW_HOME/Oracle_IDM1/server/ConnectorDefaultDirectory" directory (E.g. unzip PSFT_ER-11.1.1.5.0.zip -d $MW_HOME/Oracle_IDM1/server/ConnectorDefaultDirectory/).
2. Run the Connector Installer in Oracle Identity Manager System Administration.
Oracle Identity System Administration |
Provisioning Configuration > Manage Connector |
Click Install |
Specify connector, click load, and then continue |
Connector Installation Progress |
Install Complete |
3. Adjust the PSFT HRMS IT Resource if needed.
Default IT Resource Configuration |
Deploying the PeopleSoft Listener
Incremental reconciliation for this connector is real-time. When data is added or updated on PeopleSoft target system, a PeopleCode event is generated. Then the event generates a message such as PERSON_BASIC_SYNC (for creation of new OIM user) and WORKFORCE_SYNC (for updates on OIM user) to send to the listener. The PeopleSoft listener is responsible for parsing the incoming messages and creating reconciliation events.
1. Set the following environment variables. Adjust variables accordingly.
export ORACLE_COMMON=$MW_HOME/Oracle_IDM1/common
export WLS_HOME=$MW_HOME/wlserver_10.3
export JAVA_HOME=/home/oracle/jdk1.6.0_38
export ORACLE_HOME=$MW_HOME/Oracle_IDM1
export ANT_HOME=$MW_HOME/modules/org.apache.ant_1.7.1
export PATH=$ANT_HOME/bin:$PATH
2. Adjust the deploy.properties file, which is located in "$MW_HOME/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener" directory.
3. Navigate to ""$MW_HOME/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener" directory and run the following command:
ant setup-listener
Buildfile: build.xml Trying to override old definition of datatype wldeploy check-wl-home: check-oracle-common: check-oracle-home: check-env-vars: setup-archive: [mkdir] Created dir: /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive [copy] Copying 4 files to /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive [copy] Copied 5 empty directories to 1 empty directory under /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive [copy] Copying 1 file to /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear/PeopleSoftOIMListener.war/WEB-INF/lib [copy] Copying 1 file to /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear/PeopleSoftOIMListener.war/WEB-INF/lib [copy] Copying 1 file to /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear/PeopleSoftOIMListener.war/WEB-INF/lib [echo] Updating deployment descriptor (web.xml) deploy: [echo] Deploying the listener [passwdreader] Enter weblogic admin password: [wldeploy] weblogic.Deployer -debug -verbose -noexit -name PeopleSoftOIMListener -source /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear -targets oim_server1 -adminurl t3://localhost:7001 -user weblogic -password ******** -deploy [wldeploy] weblogic.Deployer invoked with options: -debug -verbose -noexit -name PeopleSoftOIMListener -source /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear -targets oim_server1 -adminurl t3://localhost:7001 -user weblogic -deploy [wldeploy] [WebLogicDeploymentManagerImpl.<init>():115] : Constructing DeploymentManager for J2EE version V1_4 deployments [wldeploy] [WebLogicDeploymentManagerImpl.getNewConnection():158] : Connecting to admin server at localhost:7001, as user weblogic [wldeploy] [ServerConnectionImpl.getEnvironment():286] : setting environment [wldeploy] [ServerConnectionImpl.getEnvironment():289] : getting context using t3://localhost:7001 [wldeploy] [ServerConnectionImpl.getMBeanServer():237] : Connecting to MBeanServer at service:jmx:t3://localhost:7001/jndi/weblogic.management.mbeanservers.domainruntime [wldeploy] [ServerConnectionImpl.getMBeanServer():237] : Connecting to MBeanServer at service:jmx:t3://localhost:7001/jndi/weblogic.management.mbeanservers.runtime [wldeploy] [DomainManager.resetDomain():36] : Getting new domain [wldeploy] [DomainManager.resetDomain():39] : Using pending domain: true [wldeploy] [MBeanCache.addNotificationListener():96] : Adding notification listener for weblogic.deploy.api.spi.deploy.mbeans.TargetCache@174323d5 [wldeploy] [MBeanCache.addNotificationListener():103] : Added notification listener for weblogic.deploy.api.spi.deploy.mbeans.TargetCache@174323d5 [wldeploy] [MBeanCache.addNotificationListener():96] : Adding notification listener for weblogic.deploy.api.spi.deploy.mbeans.ModuleCache@55c79dfc [wldeploy] [MBeanCache.addNotificationListener():103] : Added notification listener for weblogic.deploy.api.spi.deploy.mbeans.ModuleCache@55c79dfc [wldeploy] [ServerConnectionImpl.initialize():169] : Connected to WLS domain: oim_domain [wldeploy] [ServerConnectionImpl.init():159] : Initializing ServerConnection : weblogic.deploy.api.spi.deploy.internal.ServerConnectionImpl@d2f41a5 [wldeploy] [BasicOperation.dumpTmids():713] : Incoming tmids: [wldeploy] [BasicOperation.dumpTmids():715] : {Target=oim_server1, WebLogicTargetType=server, Name=PeopleSoftOIMListener}, targeted=true [wldeploy] [BasicOperation.deriveAppName():141] : appname established as: PeopleSoftOIMListener [wldeploy] <Aug 26, 2015 8:04:32 AM EDT> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, PeopleSoftOIMListener [archive: /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear], to oim_server1 .> [wldeploy] [BasicOperation.dumpTmids():713] : Incoming tmids: [wldeploy] [BasicOperation.dumpTmids():715] : {Target=oim_server1, WebLogicTargetType=server, Name=PeopleSoftOIMListener}, targeted=true [wldeploy] [BasicOperation.loadGeneralOptions():628] : Delete Files:false [wldeploy] Timeout :3600000 [wldeploy] Targets: [wldeploy] oim_server1 [wldeploy] ModuleTargets={} [wldeploy] SubModuleTargets={} [wldeploy] } [wldeploy] Files: [wldeploy] null [wldeploy] Deployment Plan: null [wldeploy] App root: /tmp/oracle/./config/deployments/PeopleSoftOIMListener [wldeploy] App config: /tmp/oracle/./config/deployments/PeopleSoftOIMListener/plan [wldeploy] Deployment Options: {isRetireGracefully=true,isGracefulProductionToAdmin=false,isGracefulIgnoreSessions=false,rmiGracePeriod=-1,retireTimeoutSecs=-1,undeployAllVersions=false,archiveVersion=null,planVersion=null,isLibrary=false,libSpecVersion=null,libImplVersion=null,stageMode=null,clusterTimeout=3600000,altDD=null,altWlsDD=null,name=PeopleSoftOIMListener,securityModel=null,securityValidationEnabled=false,versionIdentifier=null,isTestMode=false,forceUndeployTimeout=0,defaultSubmoduleTargets=true,timeout=0,deploymentPrincipalName=null,useExpiredLock=false} [wldeploy] [wldeploy] [BasicOperation.execute():445] : Initiating deploy operation for app, PeopleSoftOIMListener, on targets: [wldeploy] [BasicOperation.execute():447] : oim_server1 [wldeploy] Task 0 initiated: [Deployer:149026]deploy application PeopleSoftOIMListener on oim_server1. [wldeploy] Task 0 completed: [Deployer:149026]deploy application PeopleSoftOIMListener on oim_server1. [wldeploy] Target state: deploy completed on Server oim_server1 [wldeploy] [wldeploy] Target Assignments: [wldeploy] + PeopleSoftOIMListener oim_server1 [wldeploy] [ServerConnectionImpl.close():332] : Closing DM connection [wldeploy] [ServerConnectionImpl.close():352] : Unregistered all listeners [wldeploy] [ServerConnectionImpl.closeJMX():372] : Closed JMX connection [wldeploy] [ServerConnectionImpl.closeJMX():384] : Closed Runtime JMX connection [wldeploy] [ServerConnectionImpl.closeJMX():396] : Closed Edit JMX connection grant-keystore-permissions: [echo] Granting keystore access permissions to the listener. [java] Aug 26, 2015 8:04:50 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler main [java] INFO: Connecting to admin server t3://localhost:7001 with user weblogic [java] Aug 26, 2015 8:04:50 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler main [java] INFO: Starting the keystore grant for /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear/PeopleSoftOIMListener.war/WEB-INF/lib/- [java] Aug 26, 2015 8:04:50 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler initDomainRuntimeServerConnection [java] INFO: Connecting to admin server.. [java] Aug 26, 2015 8:04:51 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler initDomainRuntimeServerConnection [java] INFO: Connection initialized [java] Aug 26, 2015 8:04:51 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler main [java] INFO: Granting keystore permissions to PSFT archive libraries.. [java] Aug 26, 2015 8:04:51 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler grantRWPermissionsToJar [java] INFO: URL /home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/listener/deployable-archive/PeopleSoftOIMListener.ear/PeopleSoftOIMListener.war/WEB-INF/lib/- doesn't jave access to RW keystores. Initiating the grant operation [java] Aug 26, 2015 8:04:51 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler grantRWPermissionsToJar [java] INFO: Permission for OIM Authenticator set in system-jazn-data.xml successfully [java] Aug 26, 2015 8:04:51 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler main [java] INFO: Granting keystore permissions to cached archive.. [java] Aug 26, 2015 8:04:52 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler grantRWPermissionsToJar [java] INFO: URL ${domain.home}/servers/${weblogic.Name}/stage/PeopleSoftOIMListener/PeopleSoftOIMListener.ear/PeopleSoftOIMListener.war/WEB-INF/lib/- doesn't jave access to RW keystores. Initiating the grant operation [java] Aug 26, 2015 8:04:52 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler grantRWPermissionsToJar [java] INFO: Permission for OIM Authenticator set in system-jazn-data.xml successfully [java] Aug 26, 2015 8:04:52 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler main [java] INFO: Grant finished [java] Aug 26, 2015 8:04:52 AM oracle.iam.connectors.psft.common.deploy.PermissionsHandler closeConnection [java] INFO: Connection to admin server closed setup-listener: BUILD SUCCESSFUL Total time: 30 seconds
4. Verify application is deployed on WebLogic. Also, check if proper codebase permissions are granted in WebLogic EM console.
Note: Custom jars for validation and transformation needs to be place in the lib directory. |
Testing Reconciliation
A test script is given in the PeopleSoft Employee Reconciliation connector in order to validate the PeopleSoft listener. A PeopleSoft message XML file (E.g. PERSON_BASIC_SYNC = creation of new OIM user, WORKFORCE_SYNC = updates on OIM user) is required to send information to the PeopleSoft listener which parses the data and then OIM creates a reconciliation event based on the data received. Given below are sample PeopleSoft messages.
1. Navigate to "$MW_HOME/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/test/config" directory and modify the "reconConfig.properties" file. Given below is an example.
#provide the OIM Listener name in format http://<COMPUTER_NAME>:<PORT_NO>/PeopleSoftOIMListener ListenerURL=http://10.0.2.15:14000/PeopleSoftOIMListener #specify absolute xml file path with the file name #The Path should not contain spaces XMLFilePath=/home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/test/config/PERSON_BASIC_SYNC_SAMPLE.xml #XMLFilePath=/home/oracle/Oracle/Middleware/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/test/config/WORKFORCE_SYNC_SAMPLE.xml # specify message type # - 'ping' for ping request - 'none' for normal message MessageType=none # Specify the PeopleSoft IT Resource Name which will handle this request ITResourceName=PSFT HRMS #provide the name of the message to reconcile. For example: PERSON_BASIC_SYNC.VERSION_3 MessageName=PERSON_BASIC_SYNC #MessageName=WORKFORCE_SYNC
PeopleSoft Listener URL WebLogic Console > Deployments > PeopleSoftOIMListener > Testing |
2. If you are using Oracle Identity Manager release 11.1.2.x or later, then include the jrf.jar, jrf-api.jar, and jrf-client.jar files to the classpath. These JAR files are located in the $ORACLE_COMMON/modules/oracle.jrf_11.1.1 directory.
export ORACLE_COMMON=/home/oracle/Oracle/Middleware/oracle_common
export PATH=$ORACLE_COMMON/modules/oracle.jrf_11.1.1:$PATH
3. Navigate to "$MW_HOME/Oracle_IDM1/server/ConnectorDefaultDirectory/PSFT_ER-11.1.1.5.0/test/config" and then execute "InvokeListener.sh" script.
4. Verify that a reconciliation event is created in Oracle Identity Manager.
Reconciliation Event for PERSON_BASIC_SYNC |
Reconciliation Event for WORKFORCE_SYNC This is a defer event. Run the "Run Future Dated Reconciliation" scheduled job when Action Date has passed. |
Hi,
ReplyDeleteThis is Vibhor here.
Thanks for above detailed step by step guide for PSFT connector.
I have one question around future dated event or Defered Event. Lets say at people soft end user job code change and effective from one month from now and people soft send us data in one month advance how Peoplesoft connector will handle same.
Is it going to put that event also as deferred event and after one month when Run Future dated Recon job runs it will update job code of user or Deferred event is only for user termination,hire like those actions.
Thanks for all help in advance.