PeopleSoft Signon Process - using LDAP

So what is LDAP? 

LDAP stands for “Lightweight Directory Access Protocol”. It is an application protocol for accessing and maintaining distributed directory information services over internet.

In Peoplesoft LDAP authentication signon process, signon peoplecode access LDAP authentication directory to validate and authenticate a user.

Let me explain the entire process with the help of a simple flowchart:

Now, the question in front of us is: what are signon peoplecode, business interlinks and USER_PROFILE component interface?

Signon PeopleCode is the peoplecode that execute during the signon process. Any peoplecode program can be executed at signon time. PeopleSoft delivers LDAP Authentication Signon PeopleCode PeopleTools 8 onwards.

Business Interlinks are tools that expose external systems to peoplecode programs.

The LDAP_SEARCH and LDAP_BIND Business Interlinks are called by Signon Peoplecode for LDAP authentication providing an API to access LDAP compliant directories.

USER_PROFILE Component Interface provides a peoplecode API for the USER_PROFILE Component. This API can be used in peoplecode programs to manage user profiles. Business Interlinks provide the external access out of PeopleSoft. Component Interfaces provide the internal access into Peolesoft.

PeopleSoft Signon Process

Greetings all,

In last few weeks, I came across various articles and publishing that describes the inside of Peoplesoft signon process. Few of these were really good documents but each one was elaborate enough to motivate me to present a concise and summarized view, of course up to best of my knowledge, of peoplesoft signon process.

Here I’ll start with 2-tier signon and then move ahead to explain 3-tier and finally n-tier signon process.

PeopleSoft Signon Process – 2 tier connectivity

Peoplsoft 2 tier connectivity can be accomplished through Datamover and Application designer. Taking datamover first, and then we will talk about application designer.

1. Datamover

Peoplesoft Datamover is a peopletool used for initial load of database and import/export of data from one database to another. While logging on to Datamover, you will always log on in 2 tier. This is the only mode supported by Datamover.

Datamover signon in Bootstrap Mode:

A most basic and frequent question that arises in mind as soon as anyone talks about bootstrap mode is – What is Bootstrap mode?

When you login to peoplesoft datamover using the owner id specified in PSDBOWNER table for that particular database, the login mode is known as “Bootstrap mode”. This owner-id should be a valid oracle user id with create session privilege. Sometimes it is also referred to as an Oracle schema or Oracle logical database.

Each PeopleSoft database needs its own owner. We refer to this as the PeopleSoft owner ID, which is also the PeopleSoft access ID.

There is a single row in the PS.PSDBOWNER for each PeopleSoft DB and its owner-id contained in the SID.

Basic flow of sequences that occur while logging in bootstrap mode can be given as:

Datamover Signon in Bootstrap mode

Datamover signon using application user:

To connect datamover using an application user, we need connect id configured in configuration manager.

For those who are new to peoplesoft, let me give a brief description of connect id:

Connect id an actual database id used to establish the intial connection to the database. It has read only access to PSDBOWNER, PSSTATUS, PSOPRDEFN, PSACCESSPRFL to validate and fetch user id, pwd, tools version, dbname, symbolic id, etc. Most common example of connect id is ‘people’.

We need to have connect id configured in configuration manager for logging in using application user; otherwise it will try to connect directly to database using the id provided in signon dialog box. As this id is not an oracle user having create session privilege in database, it will error out.

Basic flow of sequences that occur while logging in bootstrap mode can be given as:

Datamover signon using application user In further posts, i'll go ahead with people signon process for application designer and PIA. Also feel free to ask any question or post comment regarding this post. Will get back as soon as I can . :) Thanks