Skip to main content

Preparation

Before adding the target system to Bravura Security Fabric :

  1. Configure the Bravura Security Fabric server to interact with the PeopleSoft API

  2. Configure the target system administrator

  3. Configure a system administrator to access the PeopleSoft database backend

Configuring the Bravura Security Fabric server for the PeopleSoft API

Do the following to prepare the Bravura Security Fabric server to work with the API for your PeopleSoft API:

  1. Copy the PeopleTools folder from the PeopleSoft Application Server to the client machine, where the connector will run.

    Note

    Since 8.49+, PeopleTools is bound tightly with the server, and contains connecting information. Bravura Security recommends copying the folder, rather than installing the API on the Bravura Security Fabric server, as this may lead the API to attempt to connect to localhost as its server.

  2. Note the JSL port number, the number of JSL handlers, and the database port number.

  3. Ensure that the necessary ports are open on the PeopleSoft server to allow the PeopleSoft API to connect to the server.

    Ensure all ports in the range starting with the JSL port, and ending with JSLport+<Number of JSL handlers> should be fully open. For example, if the JSL port is 9000, and there are 5 JSL handlers, then ports in the range from 9000 to 9005 should be open.

  4. Add the following paths to the Windows PATH system variable:

    • <PeopleSoft Install Directory>\bin\client\winx86

    • <PeopleSoft Install Directory>\jre\bin

    • <PeopleSoft Install Directory>\jre\bin\client

    For PeopleTools v8.54+, add the following server paths to the Windows PATH system variable:

    • <peoplesoft install directory>\bin\server\winx64

    • <peoplesoft install directory>\jre\bin

    • <peoplesoft install directory>\jre\bin\server

    The first path provides access to the DLLs for API; the last two paths provide lower layer java support for the API.

    Note

    Ensure the client paths are before the server paths in Windows system PATH.

  5. Add the directory that contains the psapiadapter.dll to the Windows PATH system variable.

    <PeopleSoft Install Directory>\bin\client\winx86_extapi

    or

    <PeopleSoft Install Directory>\bin\server\winx86_extapi

    You may need to restart your web service, or reboot the Bravura Security Fabric server (if running IIS), to make the Web server aware of the new path.

  6. If the psjoa.jar file exists, add the following to the Windows system variable CLASSPATH:

    <PeopleSoft Install Directory>\class\psjoa.jar

    This is not included in early versions of PeopleSoft.

  7. Copy the pstools.properties or peopletools.properties file (depends on version) from the PeopleSoft installation to the following Bravura Security Fabric folders. If the file is named peopletools.properties, rename the copies to pstools.properties. The API requires this file.

    • agent

    • \<instance>\cgi-bin\

    • \<instance>\db\

    The file must also be copied to the Windows\system32 directory.

  8. Ensure the ODBC connection to the PeopleSoft database is configured and tested from the Bravura Security Fabric ’s service account, and the credentials are known.

PeopleSoft, Tuxedo and Java

After version 8.49, PeopleSoft changed from 32-bit client binaries to 64bit ones.

In some PeopleSoft instances upgraded in-place, both bitsizes of libraries (.dll) with the same name exist, in different directories (winx86 for 32bit and winx64 for 64 bit), so Bravura Security's connector may report an error like "failed to load API dll" if the wrong bitsize is found in the System PATH before the correct bitsize library.

Most connector operations are always sent through the PeopleSoft client. There is one possible exception, with listing accounts and account attributes.

This is how the [listusers] operation is sent by default:

Bravura Security server (agent > PeopleSoft client > ODBC) > PeopleSoft server (PeopleSoft database)

See also: API errors .

Configuring a target system administrator

Bravura Security Fabric uses a designated account on PeopleSoft Application Server to perform operations. As a PeopleSoft administrator, perform the following steps on the PeopleSoft Application Server:

  1. Create a new user within PeopleSoft that can be used by Bravura Security Fabric .

  2. Assign an administrative role to that user.

  3. Add required permissions for the user.

    Navigate to the user’s permissions lists, and add the following permissions to any of the existing lists (under the Component Interfaces tab):

    • USER_PROFILE <Full Access>

    • DELETE_USER_PROFILE <Full Access>

    • ROLE_MAINT <Full Access>

    • DELETE_ROLE <Full Access>

Configuring a target system administrator for database access

For PeopleSoft Application Server 8.20-8.44/8.49+/8.54+/HR, Bravura Security Fabric requires a second set of administrative credentials to access the database backend directly. This is because the user listing and password expiry operations cannot be performed through the PeopleSoft API and must be performed directly upon the database.

If you cannot grant full administrative privileges to this secondary account, it is still operational with read/write access to only the PSSECOPTIONS and PSOPRDEFN tables. However this reduced access is not recommended.

In addition, the Bravura Security Fabric server will require the appropriate database client, in order to connect to the PeopleSoft database.

See the appropriate chapter in Databases for information on setting up an administrator for your database system.

In this section: