innovative solutions
DESCRIPTION
Innovative Solutions. Integrating NetPoint With PeopleSoft. Derek Small, President, Nulli Secundus Inc. Guy Huntington, President, HVL. Background. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/1.jpg)
Nulli Secundus/HVL 2001
Innovative Solutions
Integrating NetPoint With PeopleSoft
Derek Small, President, Nulli Secundus Inc.Guy Huntington, President, HVL
![Page 2: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/2.jpg)
Nulli Secundus/HVL 2001
Background
• Today’s operating environment requires information to be securely and rapidly interchanged between customers, employees, contractors and business partners via tightly integrated systems operating to web standards
• That creates many challenges…
![Page 3: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/3.jpg)
Nulli Secundus/HVL 2001
Challenges
• Most systems weren’t designed with tight integration in mind
• Some of the information to be exchanged is highly sensitive
• There’s a lack of security standards and streamlined security processes between internal and external systems
![Page 4: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/4.jpg)
Nulli Secundus/HVL 2001
Identity Information
• These challenges are especially noticeable in managing information about identities
• Many enterprises have come to the conclusion there needs to be some kind of high level identity coordinating hub within their enterprise and between enterprises
![Page 5: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/5.jpg)
Nulli Secundus/HVL 2001
Examples of Need• Coordinating high level or summarized CRM
customer information with other systems• Personalizing a customer, employee, business
partner or vendor experience with a portal or web site
• Managing and using a company phone directory• Coordinating company e-mail• Finding office locations and floor plans
![Page 6: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/6.jpg)
Nulli Secundus/HVL 2001
• Managing identities in network management• Determining employee positions• Creating organization charts• Managing contractor information• Managing vendor and/or supplier information• Finding general contact numbers/contacts• Managing security identity cards
Examples of Need
![Page 7: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/7.jpg)
Nulli Secundus/HVL 2001
Enter LDAP Directories
• Many enterprises determine that use of Lightweight Directory Access Protocol (LDAP) directories is desirable to act as that coordinating identity hub
• PeopleSoft users often raise a number of questions at this point…
![Page 8: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/8.jpg)
Nulli Secundus/HVL 2001
Key Question
• Instead of a directory, why not use the PeopleSoft HRMS product to store and support all this data?
![Page 9: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/9.jpg)
Nulli Secundus/HVL 2001
Non-HRMS Data
• You could use the PeopleSoft HRMS database since it supports a few of the fields normally found in a directory
• The information required to support phone directories is scattered amongst a variety of tables and would also need to be augmented with additional “people” data not really required by the HRMS application
![Page 10: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/10.jpg)
Nulli Secundus/HVL 2001
Non-HRMS Data
• This means modifying or customizing your PeopleSoft application that probably has too many modifications already!
![Page 11: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/11.jpg)
Nulli Secundus/HVL 2001
Contractors• However, the biggest concern many
people have is the fact that most contractors are not in the PeopleSoft HRMS or Financials systems as users of the applications
• Maintenance of the identity information in the PeopleSoft specific security tables is very costly to perform and better managed by the LDAP directory which now talks to PeopleSoft
![Page 12: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/12.jpg)
Nulli Secundus/HVL 2001
High Speed Access• HRMS applications normally reside in
Oracle, DB2 or other such enterprise databases, which are not geared to high-speed accesses required of phone directories and authentication processes
• Additionally, many applications such as network/application specific security and single sign-on require similar access to this data in a non-proprietary format that is fast to retrieve over IP
![Page 13: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/13.jpg)
Nulli Secundus/HVL 2001
Authoritative Source
• That’s why most enterprises are developing a strategy of using the HRMS as the authoritative source of employee data and then updating or publishing this data to the enterprise LDAP directory or directories for general consumption
![Page 14: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/14.jpg)
Nulli Secundus/HVL 2001
Authoritative Source
• The addition of contractor information and other data related to pass cards and such are then maintained in web-based LDAP applications such as Oblix’s NetPoint
![Page 15: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/15.jpg)
Nulli Secundus/HVL 2001
Portal Security?
• Why not use PeopleSoft security to manage the portal(s)?
![Page 16: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/16.jpg)
Nulli Secundus/HVL 2001
Portal Access Security
• Access to PeopleSoft applications via the portal is very secure
• Accessing the portal via the Internet is not secured via PeopleSoft’s application, as you have to be in the Portal to invoke the security layer
• Also, other non-PeopleSoft applications invoked from the Portal do not fall under the PeopleSoft security layer
![Page 17: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/17.jpg)
Nulli Secundus/HVL 2001
Portal Policy Manager
• Thus the need for a policy manager that securely provides control to and from other applications in the Portal and to the Portal itself
• This is what Oblix’s NetPoint provides
![Page 18: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/18.jpg)
Nulli Secundus/HVL 2001
Oblix NetPoint
• By using the content of the LDAP directory to store policy for authentication and authorization, you provide a centralized control point prior to the user accessing the web-page or back-end non-web application
• NetPoint helps with the synchronization of identity information found in the directory and used by other applications
![Page 19: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/19.jpg)
Nulli Secundus/HVL 2001
PeopleSoft vs. NetPoint?
• How do PeopleSoft and Oblix NetPoint differ?
![Page 20: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/20.jpg)
Nulli Secundus/HVL 2001
PeopleSoft vs. NetPoint
• Beyond the obvious of one being an HRMS and one being a LDAP based provisioning and web-security application, they differ a lot
• In common, they both have data about employees, with the HRMS being the authoritative source for this data
• But beyond that, NetPoint is a better repository of data about groups of employees and non-employees together
![Page 21: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/21.jpg)
Nulli Secundus/HVL 2001
Coordinating Hub
• The key here is that you can maintain all “people” data and object data such as offices and floor plans associated with people in NetPoint for general consumption by the enterprise,
• NetPoint can support authentication schemes that provide differing methods of knowing who a person is in a variety of roles or circumstances e.g. certificates, username/password, smartcards, tokens, biometrics, etc.
![Page 22: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/22.jpg)
Nulli Secundus/HVL 2001
Single Sign On?
• Our enterprise wants to move to a single sign on solution for most applications. How do PeopleSoft and NetPoint fit into this?
![Page 23: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/23.jpg)
Nulli Secundus/HVL 2001
Easy to Configure!
• NetPoint is easily configurable for single sign on out of the box
• This includes setting it up for use in multiple domains, different types of encryption and, as mentioned before, for different types of authentication
![Page 24: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/24.jpg)
Nulli Secundus/HVL 2001
Post Authentication
• After central authentication, PeopleSoft will accept the authentication from NetPoint and proceed with it’s own authorization
• With NetPoint, it’s also easy to configure it to send enough information after authentication to other applications such that the user doesn’t have to sign on again
![Page 25: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/25.jpg)
Nulli Secundus/HVL 2001
Reduce Costs
• NetPoint can provide easy and current view of all “people” data without having to maintain costly security profiles for PeopleSoft
• Information is available over the IP network, thus you can use the Internet for use in controlling access to your web-based applications as well as your non-web-based applications through NetPoint
![Page 26: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/26.jpg)
Nulli Secundus/HVL 2001
Non-PeopleSoft Authorization?
• PeopleSoft will handle it’s own authorization for single sign on to PeopleSoft applications. However, a lot of my other non-PeopleSoft applications are older and have poor or little authorization. Also, I want network and e-mail ids established or expired as employees come and go. Can NetPoint help?
![Page 27: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/27.jpg)
Nulli Secundus/HVL 2001
Yes!
• Authorization rules can be easily built and applied to other applications and/or web resources using NetPoint
• It’s not uncommon to leverage the use of roles and positions from the PeopleSoft HRMS to do this
![Page 28: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/28.jpg)
Nulli Secundus/HVL 2001
Leveraging PeopleSoft
• The HR module becomes the authoritative source for the employee’s position or role which is then replicated out to the directory
• NetPoint then uses this information to see if the employee’s role or position meets the authorization requirements for a non-PeopleSoft application or resource
![Page 29: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/29.jpg)
Nulli Secundus/HVL 2001
Identity Lookups?
• Finding people, their contact information and position in an org chart is expensive to manage, time consuming, often out of date and frustrating
• How do I use PeopleSoft and NetPoint to do identity lookups of employees, contractors, business partners’ employees, etc?
![Page 30: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/30.jpg)
Nulli Secundus/HVL 2001
Solution!
• NetPoint uses easy to configure and install drop down search boxes that can be easily integrated into your intranet or extranets
• The search boxes take the information, query the directory and then display it in the intranet or extranet browser
![Page 31: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/31.jpg)
Nulli Secundus/HVL 2001
Solution!
• The information being displayed from the directory is filtered by NetPoint as to who the administrators determine can view it
• PeopleSoft is usually the authoritative source for the employee information displayed
• Other applications may be the directory’s authoritative source for contractor, business partners’ employees or customers’ information
![Page 32: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/32.jpg)
Nulli Secundus/HVL 2001
Solution!
• NetPoint can provide dynamic online org charts drawn from the PeopleSoft information such as name, title/position, direct and indirect reports
![Page 33: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/33.jpg)
Nulli Secundus/HVL 2001
Position Management?
• Is using PeopleSoft Position Management key to using both PeopleSoft and NetPoint?
![Page 34: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/34.jpg)
Nulli Secundus/HVL 2001
Position Management
• No, it’s not really the key to success of such a combination
• In many cases you can employee differing approaches to derive reporting relationships, roles, routings and access rights based on a number of different data sources other then position
• Obviously using Position IDs and descriptions makes life considerably simpler, but it isn’t a requirement of successfully implementing the integration
![Page 35: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/35.jpg)
Nulli Secundus/HVL 2001
Important Note!• Having no reporting or structural information in
PeopleSoft is very cumbersome for PeopleSoft and really limits how well you can employ a enterprise directory
• We can help you with evaluating this type of assessment
• So far we have only found one client in our years of experience that didn’t maintain any reporting structures in PeopleSoft. They eventually changed this when they started their upgrade to version 8.
![Page 36: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/36.jpg)
Nulli Secundus/HVL 2001
Corporate Directory Issues?
• If I invest in the NetPoint application for my “corporate white pages” prior to the implementation of our enterprise directory, will I have to re-implement when my enterprise directory is moved to production?
![Page 37: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/37.jpg)
Nulli Secundus/HVL 2001
Easy Integration
• No. The directory implementation is readily modified, just like a relational database can be re-modelled as an application grows
• The schema employed by Oblix “out of the box” is a compendium of best practice data most Fortune 500 enterprises utilize today. It’s no different from buying the PeopleSoft application and using their relational database data model out of the box and then later applying your own changes or modifications.
![Page 38: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/38.jpg)
Nulli Secundus/HVL 2001
Directory Consumer• In many instances, the directory used by
NetPoint becomes a consumer of the data found in the authoritative LDAP enterprise directory
• This is just one option of many to consider• There will always be re-work of a schema for the
directory, but the effort initially taken to put in place the “phone book” and contact type data is the core foundation to most enterprise directories and thus forms a solid building block for moving forward in the enterprise directory
![Page 39: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/39.jpg)
Nulli Secundus/HVL 2001
Examples of HRMS to Directory• Employee Identifier used in the HRMS and
on Identity cards• Employee work location – City, State,
Building, Floor, Office• Employee payroll location – ditto• Employee Position Title• Employee Job Title if different from Position• Employee Department Description• Reports to Position• Reports to Manager Identifier
![Page 40: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/40.jpg)
Nulli Secundus/HVL 2001
Examples of HRMS to Directory• Indirect Reports• Departments that report to the employee• Employee status – (Active, Leave,
Terminated, Retired etc.)• Employment Type – (Contractor, Temp
Part-time, Full-time, Temp Full-time etc.)• Emergency Contact Information – (Spouse,
sibling, brother sister etc.)• Home Address Information
![Page 41: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/41.jpg)
Nulli Secundus/HVL 2001
Examples of Directory to HRMS• E-Mail address
• Phone Numbers – Home, Office other
• Address Information
• Work Location
• Reports to Information
• Indirect reports Information
• Administrator (secretary)
![Page 42: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/42.jpg)
Nulli Secundus/HVL 2001
Pre-Version 8?
• What if we are not going onto version 8 PeopleSoft in the near future?
• How do we keep the HRMS changes to our employee population synchronized to the LDAP directory for use by NetPoint and other network applications?
![Page 43: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/43.jpg)
Nulli Secundus/HVL 2001
It’s Not a Problem!
• Nulli Secundus Inc. has provide PeopleSoft 7.x clients with a smooth and reliable method of updating your LDAP directory based on changes occurring in the PeopleSoft HRMS
• Based on the number of types of updates and the timeliness of the updating desired such an implementation normally takes about 3-6 weeks to design and implement
![Page 44: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/44.jpg)
Nulli Secundus/HVL 2001
Complexity?
• Complexity comes into play when you want to draw data from a mixture of authoritative sources, such as Exchange for e-mail or when you want to publish to applications such as Exchange as people are added or deleted from the directory
• We’d be happy to meet with you and scope out the extent of such an integration process
![Page 45: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/45.jpg)
Nulli Secundus/HVL 2001
Multiple Directories?
• Can the soon to be released PeopleSoft Directory Integration module be used to update multiple directories?
![Page 46: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/46.jpg)
Nulli Secundus/HVL 2001
No Problem!
• Yes!
• You can update “n” different directories simultaneously from the PeopleSoft version 8 HRMS application
• We’d be happy to talk to you about how this achieved in more detail upon meeting with you at your site.
![Page 47: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/47.jpg)
Nulli Secundus/HVL 2001
Groups and Distribution Lists?
• Can NetPoint be used to develop and maintain groups and distribution lists?
![Page 48: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/48.jpg)
Nulli Secundus/HVL 2001
Yes!
• Yes it can!
• NetPoint 5.0 makes it easy to configure groups and distribution lists
• We’d be happy to demonstrate this capability for you at your site
![Page 49: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/49.jpg)
Nulli Secundus/HVL 2001
XML?
• We’re expanding our use of XML at the moment
• How does NetPoint and PeopleSoft fit into this?
![Page 50: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/50.jpg)
Nulli Secundus/HVL 2001
OASIS
• Netpoint 5 is XML based already
• Oblix is part of the OASIS group’s efforts to create XML standards for authentication and authorization known as “SAML”
• As these standards emerge NetPoint will adopt them into their protocols
![Page 51: Innovative Solutions](https://reader036.vdocument.in/reader036/viewer/2022062422/56813ee8550346895da95fe7/html5/thumbnails/51.jpg)
Nulli Secundus/HVL 2001
I’d Like to Learn More!
Derek Small, Nulli Secundus• [email protected]• www.nulli.com• 403-270-0657 (ext 20)Guy Huntington, HVL:• [email protected]• www.hvl.net• 604-921-6797