Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Yes, PeopleSoft allows you to configure what reports users can access through
Process Groups. These groups can be used to provide access to a group of reports or 1
individual report if needed. BGSU can configure and unlimited amount of these
groups to allocate to the end user population when looking to tie reports or processes
to Roles and/or end users.
A security definition refers to a collection of related security attributes that you create
using PeopleTools Security. The three main PeopleSoft security definition object
types are:
User Profiles
Roles
Permission Lists
Student 10/28/03
Crystal reports are packaged and supported by PeopleSoft. BGSU will receive an
unlimited user license when deploying this product to its end users for creating,
running and viewing reports online.
For Developers that will be created and editing Reports the Crystal Client will need to
be loaded on the desktop. End-users accessing, running and viewing reports can do so
over the Web without any client install or plug-in needed.
What type of support do you suggest to administer security (i.e., a security officer
for each system (HR, Student, or one for all systems)?
PeopleSoft delivers a flexible security model, which can allow for the easy
administration of the entire PeopleSoft system. The administration of security can be
Page 2 of 12
Student 10/28/03
We use SUN hardware on the UNIX side and leverage SUN Crypto Accelerator
hardware for SSL with Apache. What kind of support for hardware SSL
acceleration with SUN hardware do Websphere/WebLogic provide?
Support for SSL acceleration will be dependent upon the hardware in place. The Sun
Crypto Accelerator will deliver network security on Sun servers running the Solaris
Operating System, the Sun Open Net Environment (Sun ONE) Web Server software,
or Apache Web server software only.
How do imports handle various batch formats such as DOS, MAC, line breaks,
etc.?
The PeopleSoft batch import file is capable of importing CSV, XML or Fixed width
files from a DOS or MAC platform. PeopleCode routines can be created to extract,
transform and load data from these variety of file formats. In the event that line
breaks may cause complications upon import PeopleCode routines can be created to
accommodate these special requirements.
Each module in the PeopleSoft application has tables that are used for functional data
storage (i.e. General Ledger in Financials, Student in Student Administration, and
Employee in Human Resources) and tables for metadata definitions (i.e. page
definitions, workflow definitions, field and label layouts). The numbers of tables
vary, based on PeopleSoft module. To date, there are over 10,000 tables (including
Page 3 of 12
Student 10/28/03
PeopleSoft delivers several workflow definitions for each module. Please see the
attached Financials and HR documents that contain out of the box workflow
definitions.
PeopleTools are used for workflow development in that setting up the underlining
workflow characteristics such as routings and branching characteristics. Workflow is
also configured as part of the underlining business events that are configured in the
PeopleSoft applications, such as security administration, or personal routing
characteristics.
Users who have security authorization can define queries, which are a reporting
mechanism in the PeopleSoft application, in the Query Manager. System or data
administrators can also define queries in PeopleTools.
PeopleSoft maintains an email address for each user of the system so in case the local
email address is unavailable, email can still be sent. PeopleSoft is capable of using
email address defined within LDAP to drive email notifications for system users. If
BGSU intends to use the address book defined within GroupWise to be accessible
directly from PeopleSoft in real-time this integration would need to be created.
Currently, some tables are maintained by user offices. It appears that these rules
are all set by IT. Can this be distributed to user offices based on processes based
on user ID or function?
Yes! PeopleSoft supports the Safari browser on the Macintosh, as well as Internet
Explorer and Netscape browsers.
Page 4 of 12
Student 10/28/03
The Format of the number is currently incremented in numeric form. BGSU can
append any character string or initial to the incremented ID number if needed using a
simple PeopleSoft function.
Yes.
W2s and 1099 forms are delivered reports from PeopleSoft. W2s and 1099s are
SQR reports, which are run via the process scheduler based on workflow or manually
run processes. The forms are delivered by PeopleSoft and maintained by BGSU.
Report templates are stored in the file directory to be accessed at run time when
needed. BGSU can copy and modify reports as needed.
Page 5 of 12
Student 10/28/03
How do you enter necessary selection criteria and which fields to print? How do
you get totals?
PeopleSoft delivers query and reporting capabilities for PeopleSoft users so that fields
can be manually selected and ordered in their reports. Totals can be created in the
same graphical interface.
The pie chart was created by using the Cognos analytic tool to query a data cube and
then present information via Cognos. In addition, PeopleSoft deliveres charting
functions which can be used to create a graph from any PeopleSoft application table.
How does Blackboard co-exist with PS Portal? For instance, does access to
information links appear in both (my services module vs. Enterprise links)?
Via PeopleTools, views can be created by users with the appropriate security. System
or data administrators who are familiar with the detailed data structures, which make
up the PeopleSoft data model, typically create views. With the input from the user
community, the system or data administrators can create custom views so that data
can be grouped logically and seen as one logical grouping instead of multiple tables.
Can you limit user access to data or roles based on time of day via roles or is it
based on user ID?
Page 6 of 12
Student 10/28/03
Can you ensure audit trail data cannot be altered in any way?
The PeopleSoft application has a detailed security model which prevents everyone
from being able to alter the audit data that is stored. In a relational data model, only
the trusted DBA who has the highest level of database authority can have update
authority on this data.
Does PS have real time integration with all external databases including VSAM,
etc.?
PeopleSoft integration capabilities with mainframe data can be achieved in real time
by using the PeopleSoft Integration Broker technology in conjunction with IBM
Websphere or 3rd party applications such as Jacada.
The security setup in the PeopleSoft application is local to the PeopleSoft application.
However, PeopleSoft is LDAP compliant, which allows security permissions to be
stored outside of the application, and can be transferred to other applications when
necessary.
Where is the actual role and authority data stored? Is it held in the database? Can
we use existing LDAP authentication information? Can we store role data in
LDAP groups?
Yes, Roles are comparable to groups in LDAP. PeopleSoft gives you the ability to
assign roles to existing LDAP groups in mass using our delivered LDAP interface.
Need more clarification on how to interface with other systems. Example: MBS,
or bookstore system. They need to know who is eligible to make charges, then
send that charge to their bursar account or their department account.
When making charges directly into the PS system, Student Financials Business Unit
security as well as Item Type security can be used to control the posting of charges to
Page 7 of 12
Student 10/28/03
PeopleSoft passwords are Hashed when stored to the database. PeopleSoft delivers a
Single Signon process, which will allow BGSU to store different Passwords for a user
in different modules but only require the User to know 1 UserID and Password for
system wide authentication thereby circumventing any need for password
synchronization. When using LDAP passwords will be stored and maintained within
the Directory Service and not PeopleSoft. Below is an example of the PeopleSoft
signon process:
1
The user enters the User ID and password into the PeopleSoft signon page.
If the login to the Psoft application server is successful, the server generates a single signon token. The web
server receives the single signon token from the application server, and issues a cookie to the browser.
The user navigates in the application and encounters a hyperlink to the external system. The user clicks on the
link.
The browser passes the PS_TOKEN cookie to your external web server.
The external web server checks for the PS_TOKEN cookie before displaying a signon page.
Once it is determined that the user is accessing your application through PeopleSoft, you retrieve the
authentication token and send it to the PRTL_SS_CI component interface to verify authentication. For instance,
Call PRTL_SS_CI.Authenticate(Auth. token string)
After the system authenticates the token, the system can then make calls to the PRTL_SS_CI.Get_UserID()
function to return the appropriate User ID.
Page 8 of 12
Student 10/28/03
How many current clients use row level or field level security?
We dont have exact statistics on this type of metric from our clients, but it is
believed that almost all clients have row level security and most have implemented
some form of field level security.
How are the roles initially assigned to the database of users of the system:
students, faculty, employees and all combinations?
No. Unlimited.
How much time must DBA team spend on occasional security problem diagnosis?
DBA time varies, but will decrease as time goes on and the system has been in
production. The DBA will be required to monitor the health of the database to make
sure response time is adequate.
Security administrators who have access to PeopleTools typically maintain the views
related to field level security.
Page 9 of 12
Student 10/28/03
What process or tools eliminates duplicate accounts or people from the system if
they have been added by mistake?
PeopleSoft, as defined by BGSU, can setup data validation rules so that when
accounts are created, duplicate data will not be input into the system. However,
FirstLogic also has tools to identify accounts that may be duplicates that are not
caught by the data validation rules.
Can BGSU define custom roles and security? Can users view specific fields only
or is it all or nothing?
Via the security administration tools in PeopleSoft, BGSU can define their own
custom roles and permission lists based on their own unique requirements. Security
can be defined at multiple levels so that the appropriate level of access is granted to a
users based on the type of transaction that is being issued, or blanket security given to
that user. Users can view specific fields on a page based on field level security. Each
user or role can see different fields based on security access.
Views, which are a logical grouping of physical tables, are created by a system or
data administrator in the application designer; a component of PeopleTools. The
fields in a view can be placed on a page just as a physical record (or table) has its
fields defined on a page. Views are typically used to group similar data and present
multiple records (or tables) in one view.
PeopleSoft supports:
Web Servers
BEA WebLogic Server
IBM WebSphere Server
Optional Reverse Proxy Servers (HTTP Servers):
Microsoft IIS v4 on Windows NT 4
Microsoft IIS v5 on Windows 2000
iPlanet Web Server, Enterprise Edition
Apache (WebLogic only)
IBM HTTP Server (IHS) (WebSphere only). Packaged with WebSphere install.
Page 10 of 12
Student 10/28/03
How do we maintain changes or upgrade for these database and field changes?
The Upgrade Manager utility, which is part of PeopleTools, manages the PeopleSoft
upgrade processes. When a change is made by Bowling Green to any object in the
PeopleSoft application, the metadata for that object is updated and defined as a user
defined change so that during the upgrade process, all changes are captured, verified,
and migrated with the Upgrade Manager. The Upgrade Manager manages the
upgrade process.
How are they available in different regions? Example: If you want to modify a
screen by adding a new field, how would you do this change and be able to test
without modifying the production screen?
In the security administrator, if a user name must be changed, the following process
should be followed:
1) Copy the existing user profile name to the new profile name
2) Test the sign in process to the new user profile name
3) Delete the old user profile name
Page 11 of 12
Student 10/28/03
Are the queries that appear on the portal page processed realtime only or can they
be cached or set to expire results within a specific time frame?
The queries in the portal pagelets are run real-time when the user logs in or clicks on
the refresh button on the pagelet or the browser.
How are changes deployed from development to test without recreating elements?
Over time BGSU may have multiple changes to the system. When implementing
a new release of PeopleSoft, does PeopleSoft automatically account for these
changes? If not, does PS inform DBA of changes to the system?
The Upgrade Manager utility, which is part of PeopleTools, manages the PeopleSoft
upgrade processes. When a change is made by Bowling Green to any object in the
PeopleSoft application, the metadata for that object is updated as a user defined
change, so that during the upgrade process, all changes are captured, verified, and
migrated. As part of the upgrade process, a report will be created stating what was
changed by Bowling Green. Bowling Green will have the option to carry forward all
modifications they made, or only carry forward a sub set of changes. This process is
all defined via the Upgrade Manager.
Is all security done by a master admin or are there sub admins.? Can some
security be delegated?
PeopleSoft supports WAP enabled devices and PocketPC devices. Please refer to the
Hardware and Software guide for supported device
Page 12 of 12
Student 10/28/03