PeopleSoft Single Sign On Solutions – LDAP, AD & Custom

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes)

This post is about integrating PeopleSoft security with a standard Network or Web Security. Having implemented Single Sign on solution within our company, I had to go and sift through massive amounts of documentation, I would like to save you some time and post a links and explanations.

PeopleSoft natively supports LDAP v1 ,2 and Active Directory Protocols. It also supports Profiles Synchronization.Please see diagram below that I have borrowed from the document hosted in ITToolBox, that gives an essential overview of PeopleSoft & environment security layers.

 

image

 

In case you are looking to do LDAP implementation and it can be fitted in to diagram below and company allows your PS server to access LDAP or AD (Active Directory) repository – you are in luck – the setup should be a snap.

image

 

Here is Oracle Red Paper LDAP Authentication with PeopleTools, that has lots of detail about setting LDAP authentication within PeopleSoft. This document has better and more condensed information than that in PeopleBooks. This document contains screenshots of configurations, how to test and more.

Here is the presentation I have found on the Cal Poly WebSite , created by good folks – Darren Kraker and Ken Sperow. It gives a good overview of Oracle Collaboration Suite and PeopleSoft security principles

Integrating PeopleSoft and Oracle Collaboration Suite into uPortal

Very Important Note about custom security implementation, e.g. Tivoli , Reverse Proxy Servers etc.

  • Please remember that authentication would also need to be changed in the client software that accesses application in 3-tier mode (using app server ) – App Designer, nVision. You would still be able to access your application using 2-tier mode. In case you do have to change authentication for nVision, App Designer – lookup customizing psuser.dll in PeopleBooks. This is what client tools use for authentication.
  • You might want to consider configuring 2nd webserver point of entry, that would utilize built in security for some of the system ids.
  • Journal Spreadsheet Upload – in case users are utilizing this simple, yet very convenient tool – you might need to customize VBA Macros to properly authenticate
  • Pay special attention to accessing reports through report manager and process Monitor, you might need to change a few lines of code there too.

I really want to know what you think