1 / 42

LDAP User Management with PeopleSoft Campus Directory Interface

LDAP User Management with PeopleSoft Campus Directory Interface. Session #10562 March 23, 2005 HEUG 2005 Conference Las Vegas, Nevada. Today’s Presenters. Jim Gallamo Director Carol Schaffer Associate Director Suman Rustagi Senior Developer. Overview.

coyne
Download Presentation

LDAP User Management with PeopleSoft Campus Directory Interface

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LDAP User Management with PeopleSoft Campus Directory Interface Session #10562 March 23, 2005 HEUG 2005 Conference Las Vegas, Nevada

  2. Today’s Presenters Jim Gallamo Director Carol Schaffer Associate Director Suman Rustagi Senior Developer

  3. Overview Catholic University is changing their current user account management practices and implementing PeopleSoft’s Campus Directory Interface (CDI) to support this initiative. This presentation highlights our plans and experience with CDI.

  4. Agenda • CUA and PeopleSoft • Account management processes • Desired goals • Campus Directory Interface • Wrap-up

  5. Catholic University of America Located in Washington, DC Founded in 1887 5800 students 1500 faculty and staff 18,000 + user accounts Windows and Solaris systems 5 5

  6. Catholic University and PeopleSoft • Financials v8.4 • Enterprise Performance Management v8.8 • Enterprise Portal v8.8 • Student Administration v8.0 • Human Resource Management Systems v8.0 6

  7. Current Account Management

  8. Future Account Management

  9. Phase I Goals • Replace legacy account management system • Improve account generation turnaround • Facilitate data movement between systems • Introduce OPRIDs as primary identifier • Expand information in Active Directory (AD) 9

  10. Phase I Goals (cont’d) • Minimize manual processes • Create standard account structure • Provide increased audit functionality

  11. Phase II Goals • Automatically populate all AD-based services • Restructure account naming conventions • Introduce real-time synchronization • Add custom graphical user interface to supplement AD 11

  12. PeopleSoft Campus Directory Interface • Sold separately from SA/HRMS system • Cloned from existing HRMS PDI • Integrates PeopleSoft security with AD • Shares SA/HRMS data with AD • Supports MS ADS, Novell eDirectory and iPlanet Directory Server

  13. What is Active Directory? • A distributed hierarchical database • Comprised of the Directory Information Tree (DIT) and the Schema • Each Entry in the DIT is keyed by its Distinguished Name (DN) • A DN is a string of attributes which uniquely identifies an entry in the AD

  14. What is Active Directory? (cont’d) • A Schema is a set of rules that defines DIT attributes • Microsoft provides a Lightweight Directory Access Protocol (LDAP) interface to AD

  15. Active Directory Structure

  16. Campus Directory Interface Set-up

  17. CDI Directory Setup

  18. CDI Directory Setup (cont’d)

  19. CDI Directory Setup (cont’d)

  20. Defining AD within PeopleSoft • Load AD schema to PeopleSoft cache • Active Directory schema enables selection of data elements by CDI • Required for directory map creation

  21. CDI Directory Schema Cache

  22. CDI Mapping Setup

  23. CDI DN Details

  24. CDI Attribute Mapping

  25. CDI Attribute Mapping (cont’d) Transform the value

  26. Transform the Value

  27. Sample Function for Transformation

  28. Criteria for Selecting Students • Based on PERSONAL_DATA, CX_SEC_TBL, and PERS_INST_REL tables • CX_SEC_TBL, custom table, includes OPRIDs for all the students • View selects record where STUDENT_CUR is marked as ‘Y’

  29. Run File Load Process

  30. File Load Process (cont’d) • LDIF File option creates a data file • File gets created in folder PS_HOME\appsrvr\Database Name\Files • File gets loaded into Active Directory • Run Option updates the Active Directory

  31. Resulting Output File dn: cn=Griffintest\, Carter H. GRIF0046,cn=users,dc=cua,dc=edu changetype: add objectClass: top objectClass: user accountExpires: 0 cn: Griffintest, Carter H. GRIF0046 company: CUA displayName: Griffintest, Carter H. GRIF0046 givenName: Carter mail: GRIF0046@cua.edu name: Griffintest, Carter H. GRIF0046 sAMAccountName: GRIF0046 scriptPath: Login.bat sn: Griffintest title: Student

  32. Progress to Date • Set up complete CDI/AD test environment • Generated LDIF with correct data • Loaded file in AD with new accounts

  33. Next Steps • Update Directory in Real-time • Automate AD changes and deletes • Build consensus on new naming conventions • Automatically populate other services (e.g., Exchange)

  34. Directory Search Tools

  35. AD search using CDI

  36. CDI Search Results

  37. AD Search using LDAP Search Utility • LDAP command line executable • ldapsearch.exe • Provided outside of system • Useful in understanding AD structure

  38. LDAP Search Utility Result ldap_open( 192.168.0.1, 389 ) filter pattern: cn=Tucktest, Karlton E. returning: ALL filter is: (cn=Tucktest, Karlton E.) CN=Tucktest\, Karlton E.,CN=Users,DC=cua,DC=edu cn=Tucktest, Karlton E. company=CUA department=Housing & Residential Life description=STAFF displayName=Tucktest, Karlton E. mail=Tucktestk@cua.edu givenName=Karlton distinguishedName=CN=Tucktest\, Karlton E.,CN=Users,DC=cua,DC=edu

  39. Considerations • Separate network environment to test • No additional hardware requirements • Requires coordination between developers and network staff • Create sample directory mappings using delivered script - DIRMAPIN.DMS

  40. Considerations (cont’d) • Limited knowledge in Global Support • Not many end users of product • Learned through trial and error

  41. QUESTIONS?

  42. CONTACTS Jim Gallamogallamo@cua.edu Carol Schafferschaffer@cua.edu Suman Rustagi rustagi@cua.edu

More Related