PeopleTools Security - LDAP Integration

PeopleSoft enables you to integrate your authentication scheme for the PeopleSoft system with your existing infrastructure. You can reuse user profiles and roles that are already defined within an LDAP directory service.

Click Here for the PeopleSoft Security PeopleBook

Understanding the PeopleSoft LDAP Solution

See "Employing LDAP Directory Services" (Chapter 6)

PeopleSoft delivers three technologies that enable you to:

  • Authenticate against an LDAP V3 compliant directory server.
  • Reuse your existing user profiles stored within LDAP.

The three technologies are:

  • Directory Business Interlink, which exposes the LDAP to PeopleCode.
  • The system uses it for all communication with the LDAP server process running on a directory server.
  • User Profile Component Interface, which exposes the User Profiles component to PeopleCode. The system uses it to programmatically manage a local cache of user profiles.
  • Signon PeopleCode, which runs when a user signs on to the system-similar to the login scripting of most network systems. Signon PeopleCode uses the Directory Business Interlink and the User Profile Component Interface to verify directory-based credentials and programmatically create a local User Profiles cache.

The combination of these three technologies provides a flexible way to configure PeopleSoft for integration with your directory server. No set schema is required in the directory. Instead, you can configure and extend the Signon PeopleCode to work with any schema implemented in your directory server.

While LDAP v3 is a standard, different vendors implement it slightly differently, so PeopleSoft delivers configurations for the following LDAP Servers:

  • Oracle Internet Directory (OID)
  • SunONE, iPlanet, Directory
  • Novell eDirectory
  • Microsoft Active Directory, AD LDS (Active Direcory Local Directory Services)

There is also a "Custom" definition. PeopleSoft's LDAP configurations can be customized and the LDAP schema can be extended. The PeopleSoft LDAP configuration has no default LDAP schema, any schema can be supported.

Red Paper (login required)

Oracle 1-800-633-0738