IBM Security Verify Governance and Intelligence PeopleSoft HR Feed Adapter 10.0.2 is available. Compatibility, installation, and other getting-started issues are addressed.
Welcome to the IBM Security Verify Governance Adapter for PeopleSoft HR Feed.
These Release Notes contain information for the following products that was not available when the IBM Security Verify Governance manuals were printed:
The PeopleSoft HR Feed Adapter is designed to reconcile Person and organizational information from the PeopleSoft target. The adapter runs in "agentless" mode and communicates using JDBC and the People Tools Java API to the systems being managed.
Review and agree to the terms of the IBM Security Verify Governance Adapter License prior to using this product.
The license can be viewed from the "license" folder included in the product package.
Adapter Version
|
Component |
Version |
|
Release Date |
2025 June 19 21.56.14 |
|
Adapter Version |
10.0.2 |
|
Component Versions |
Adapter build: 10.0.2.7 Profile: 10.0.2.7 Connector: 10.0.4.4 Dispatcher 7.1.39 or higher (packaged separately) |
|
Documentation |
The following guides are available in the IBM Knowledge Center PeopleSoft HR Feed Adapter Installation and Configuration Guide |
New Features
|
Internal# |
Enhancement # (Idea) |
Description |
|
|
Items included in current 10.0.2 release |
|
|
SVGAD-4365 |
ADAPT-187 |
Certify the adapter for use with IBM Security Verify Directory Integrator version 10.0.0 |
|
SVGAD-4366 |
ADAPT-188 |
Recertify PeopleSoft HR Feed adapter with 8.61 version |
|
SVGAD-4284 |
ADAPT-204 |
Add support of standard attributes for PeopleSoft HR Feed Adapter |
|
SVGAD-4337 |
|
Enhance adapter to improve the reconciliation time |
|
Items included in 10.0.1 release |
||
|
SVGAD-149 |
ADAPT-124 |
Add support for IBM Security Verify Governance Identity Manager (ISVGIM) starting v10.0.1 FP4 release onwards |
|
SVGAD-151 |
ADAPT-105 |
Verify and Certify Support for PS 8.60 |
|
SVGAD-157 |
Rebranding to IBM Security Verify Governance |
|
|
|
|
Items included in 7.1.4 release |
|
None |
||
|
Items included in 7.1.3 release |
||
|
RTC 174564 |
Verify and Certify Support for PS 8.56 |
|
|
Items included in 7.1.2 release |
||
|
RTC 155223 |
US - As a PeopleSoft HR adapter developer, I need to create a suitable 8.55 dev/test environment. Certify PeopleSoft HR Feed adapter on PeopleTools 8.55 HRMS 9.2 version |
|
|
Items included in 7.1.1 release |
||
|
RTC 152292 |
Add Support for Verify Governance and Intelligence (IGI) v5.2.2 |
Closed Issues
|
Internal# Case# |
APAR# |
Description |
|
|
|
Items closed in current release (10.0.2) |
|
SVGAD-429 |
|
Adapter returns account status as active for all user entries |
|
SVGAD-3950 |
|
Adapter doesn't capture organizational information for some users |
|
SVGAD-4260 |
|
Count of users in ISIM and target doesn't match for PeopleSoft HR Feed Adapter (See Known limitation for additional details) |
|
|
|
Items closed in release (10.0.1) |
|
None |
None |
None |
|
|
|
Items closed in 7.1.4 release |
|
RTC 182039 |
TS001434428 APAR IJ12544, Bugz 2739 |
D - As a PS HR adapter developer, I must ensure that the adapter works with PS configured with Oracle DB, APAR IJ12544, Bugz 2739, TS001434428 |
|
|
|
Items closed in 7.1.3 release |
|
|
|
None |
|
|
|
Items closed in 7.1.2 release |
|
|
|
None |
|
|
|
Items closed in 7.1.1 release |
|
|
|
None |
|
Internal# |
APAR# |
Case# / Description |
|
SVGAD-4296 |
|
If PeopleSoft person opened from Personal Data page displays below errors in PeopleSoft UI, then those records will not get reconciled by the adapter. · You are not authorized for this page. · No matching buffer found for level. (15,26) · No rows exist for the specified keys. {CI_PERSONAL_DATA} |
See the Installation and Configuration guide for IBM Security Verify Governance Adapter for PeopleSoft HR Feed for detailed instructions.
The PeopleSoft HR Feed Adapter Installation and Configuration Guide can be obtained from the IBM Knowledge Center.
Corrections to Installation Guide:
Chapter 1: Overview
No updates for the current release
Chapter 2: Planning
No updates for the current release
Chapter 3: Installing
Installing in an IBM Security Verify Directory Dispatcher
Container
Before you begin
The steps to install adapter and related
files into the container can be performed using the adapterUtil.sh script,
which is shipped with the dispatcher package. This script should be staged on
the machine running Kubernetes cli. The adapterUtil.sh script is also readily
available in the bin directory of ISIM IBM Security Verify Governance Identity
Manager Container Starter Kit installation directory (If ISVDI was selected for
installation during the ISIM container installation steps).
If, for any reason, the adapter util
script cannot be executed or used, the below manual instructions must be
followed to copy the files to the persistent volume.
Note: The container must
be restarted after installing or uninstalling the adapter and any changes to
the configuration yaml. To activate changes and restart the container run the
following commands:
· <path_to_starterkit>/bin/createConfigs.sh
isvdi
· For OpenShift container: oc
-n isvgim rollout restart deployment isvdi
· For Kubernetes container:
kubectl -n isvgim rollout restart deployment isvdi
Note: This document only
describes the adapterUtil.sh command options that are required to install this
adapter. For other command options, such as listing installed connectors and
3rd party jars, please refer to the Dispatcher10 Installation and Configuration
Guide.
Installing / Upgrading / Re-installing / Downgrading the adapter
Using Script
Use
below command to install / upgrade/ re-install / downgrade the adapter:
/path/to/adapterUtil.sh -loadAdapter
"/path/to/Adapter-PeopleSoftHRFeed-*.zip" accept
Where
/path/to/adapterUtil.sh is the location where the adapterUtil.sh script is installed
and /path/to/Adapter-PeopleSoftHRFeed-*.zip is the location where the Adapter
zip file is staged on the machine running Kubernetes cli.
Manually copying files to
Persistent Volume
Copy
the files to the persistent volume mapped to the /opt/IBM/svgadapters directory
of the container image as per the given directory structure:
PeopleSoftConnector.jar
Copy this file to <Persistent_Volume>/jars/connectors directory.
ILMT-Tags
Copy below files to <Persistent_Volume>/swidtag directory:
· ibm.com_IBM_Verify_Identity_Governance_Application_Adapters-11.0.0.swidtag
· ibm.com_IBM_Verify_Identity_Governance_Enterprise-11.0.0.swidtag
Copying
3rd party libraries:
Using Script
Use
below command to copy 3rd party jars:
/path/to/adapterUtil.sh -copyTo3rdpartyOthers "/path/to/ojdbc8.jar"
/path/to/adapterUtil.sh -copyTo3rdpartyOthers "/path/to/psjoa.jar"
/path/to/adapterUtil.sh -copyTo3rdpartyOthers "/path/to/CompIntfc.jar"
This
command will copy the 3rd party jars to <Persistent_Volume>/jars/3rdparty/others directory.
Manually copying files to
Persistent Volume
Copy
below 3rd party jar files to <Persistent_Volume>/jars/3rdparty/others directory
(Refer release notes for the supported jar versions):
· ojdbc8.jar
· psjoa.jar
· CompIntfc.jar
Enabling LLE (Link-Level Encryption)
Refer https://www.ibm.com/docs/api/v1/content/SSCQGF_10.0.0/container/html/verify-directory-integrator.html#advanced page
from SVDI.
If the config.yaml file which is used as
the YAML_CONFIG_FILE environment variable for the container
doesn't have an advanced configuration element, follow the instructions that
are provided in https://www.ibm.com/docs/api/v1/content/SSCQGF_10.0.0/container/html/verify-directory-integrator.html#advanced to
add an advanced configuration section to the config.yaml file.
To enable LLE, add given attr and value
(key pair as mentioned in the SVDI guide) as below:
- attr: TM_ALLOW_NOTLS
value: 'Y'
Note: The container must
be restarted after making these changes to the configuration yaml. To activate
changes and restart the container run the following commands:
· <path_to_starterkit>/bin/createConfigs.sh
isvdi
· For
OpenShift container: oc -n isvgim rollout restart deployment isvdi
· For
Kubernetes container: kubectl -n isvgim rollout restart deployment isvdi
Enabling TLS 1.2
Refer https://www.ibm.com/docs/api/v1/content/SSCQGF_10.0.0/container/html/verify-directory-integrator.html#advanced page
from SVDI.
If the config.yaml file which is used as
the YAML_CONFIG_FILE environment variable for the container
doesn't have an advanced configuration element, follow the instructions that
are provided in https://www.ibm.com/docs/api/v1/content/SSCQGF_10.0.0/container/html/verify-directory-integrator.html#advanced to
add an advanced configuration section to the config.yaml file.
To enable TLSv1.2, add 2 attr and value
(key pair as mentioned in the SVDI guide) as below:
- attr: com.ibm.di.SSLProtocols
value: 'TLSv1.2'
- attr: com.ibm.di.SSLServerProtocols
value: 'TLSv1.2'
Note: The container must
be restarted after making these changes to the configuration yaml. To activate
changes and restart the container run the following commands:
· <path_to_starterkit>/bin/createConfigs.sh
isvdi
· For
OpenShift container: oc -n isvgim rollout restart deployment isvdi
· For
Kubernetes container: kubectl -n isvgim rollout restart deployment isvdi
Enabling debug logs and disabling json-logging
Refer https://www.ibm.com/docs/api/v1/content/SSCQGF_10.0.0/container/html/verify-directory-integrator.html#general_logging page
from SVDI.
If the config.yaml file which is used as
the YAML_CONFIG_FILE environment variable for the container
doesn't have root-level and json-logging configuration
elements, follow the instructions that are provided in https://www.ibm.com/docs/api/v1/content/SSCQGF_10.0.0/container/html/verify-directory-integrator.html#general_logging to
the add root-level and json-logging configuration
elements section to the config.yaml file.
To enable debug logs, set value for root-level to debug and
to disable json logging, set value for json-logging element
to false.
Note: The container must
be restarted after making these changes to the configuration yaml. To activate
changes and restart the container run the following commands:
· <path_to_starterkit>/bin/createConfigs.sh
isvdi
· For
OpenShift container: oc -n isvgim rollout restart deployment isvdi
· For
Kubernetes container: kubectl -n isvgim rollout restart deployment isvdi
Uninstalling the adapter
Using Script
Use
below command to remove the adapter:
/path/to/adapterUtil.sh -removeAdapter Adapter-PeoplesoftHRFeed
Manually copying files to
Persistent Volume
Remove files from the given directory structure of the persistent volume mapped
to /opt/IBM/svgadapters directory of the container image.
PeopleSoftConnector.jar
Remove this file from <Persistent_Volume>/jars/connectors directory.
ILMT-Tags
Remove below files from <Persistent_Volume>/swidtag directory:
· ibm.com_IBM_Verify_Identity_Governance_Application_Adapters-11.0.0.swidtag
· ibm.com_IBM_Verify_Identity_Governance_Enterprise-11.0.0.swidtag
3rd party jars
Remove 3rd party jar files used by this
adapter listed below from <Persistent_Volume>/jars/3rdparty/others directory:
· ojdbc8.jar
· psjoa.jar
· CompIntfc.jar
About this task
This procedure is applicable to install this adapter on the virtual appliance.
Procedure
1. Download the adapter package from the IBM Passport Advantage.
For example, Adapter-<Adaptername>.zip.
The adapter package includes the following files:
|
Table 1. Adapter package contents |
|
|
Files |
Description |
|
bundledefinition.json |
The adapter definition file. It specifies the content of the package, and the adapter installation and configuration properties that are required to install and update the adapter. |
|
Adapter JAR profile |
A Security Directory Integrator adapter always include a JAR profile which contains:
· targetProfile.json · Service provider configuration · Resource type configuration · SCIM schema extensions · List of assembly lines · A set of assembly lines in XML files · A set of forms in XML files · Custom properties that include labels and messages for supported languages.
Use the Target Administration module to import the target profile. |
|
Additional adapter specific files |
Examples of adapter specific files:
· Connector jar files · Configuration files · Script files · Properties files
The file names are specified in the adapter definition file along with the destination directory in the virtual appliance. |
2. From the top-level menu of the Appliance Dashboard, click Configure > SDI Management.
3. Select the instance of the Security Directory Integrator for which you want to manage the adapters and click Manage > SDI Adapters
The SDI Adapters window is displayed with a table that list the name, version, and any comments about the installed adapters.
4. On the SDI Adapters window, click Install.
5. On the File Upload window, click Browse to locate the adapter package and then click OK.
For example, Adapter-<Adaptername>.zip.
6. Provide the missing 3rd party libraries when prompted.
a. On the File Upload for Pre-requisite files window, click Select Files.
A new File Upload window is displayed.
b. Browse and select all the missing libraries. For example, httpclient-4.0.1.jar
c. Click Open.
The selected files are listed in the File Upload for Pre-requisite files window.
d. Click OK.
The missing files are uploaded, and the adapter package is updated with the 3rd party libraries.
7. Enable secure communication.
a. Select the instance of the Security Directory Integrator for which you want to manage the adapter.
b. Click Edit.
c. Click the Enable SSL check box.
d. Click Save Configuration.
8. Import the SSL certificate to the IBM® Security Directory Integrator server.
a. Select the instance of the Security Directory Integrator for which you want to manage the adapter.
b. Click Manage > Certificates.
c. Click the Signer tab.
d. Click Import.
The Import Certificate window is displayed.
e. Browse for the certificate file.
f. Specify a label for the certificate. It can be any name.
g. Click Save.
Note: While uploading the Adapter package, you may receive System Error: A file included in the SDI Adapter zip already exists on the system and the Server Message log under Appliance tab of VA will have a reference to error com.ibm.identity.sdi.SDIManagementService E File ibm.com_IBM_Verify_Identity_Governance_xxxx.swidtag found in the adapter zip at location ILMT-Tags/ already exists in system. This is because, you can install the same swidtags only once. So, if another adapter of the same type is installed, remove the swidtags.
The ibm.com_IBM_Verify_Identity_Governance_Enterprise-xxxx.swidtag file is common to all adapters. In addition to the common swidtag file, an application adapter needs ibm.com_IBM_Verify_Identity_Governance_Application_Adapters-xxxx.swidtag file and an infra adapter needs ibm.com_IBM_Verify_Identity_Governance_Lifecycle-xxxx.swidtag and ibm.com_IBM_Verify_Identity_Governance_Compliance-xxxx.swidtag files. So, if an application adapter is already installed and this is an infra adapter, then only install the infra-specific swidtags and the other way around. Please visit Security Verify Governance Adapters v10.x link to identify the adapter type of the installed adapters.
Enable LLE (Link-Level Encryption) (Add
new chapter)
About
this task
Starting Oracle Tuxedo Release 22c, LLE is disabled by default. Tuxedo
client/server exits with an error, while detecting LLE in use instead of
reporting a warning message in the User Log (ULOG). Setting the environment
variable TM_ALLOW_NOTLS to Y allows you to enable LLE.
Procedure
Add below property to solution.properties file under timsol directory and
restart Dispatcher instance:
TM_ALLOW_NOTLS=Y
Chapter 4: Upgrading
No updates for the current release
Chapter 5: Configuring
No updates for the current release
Chapter 6: Troubleshooting
Logs are not getting printed in FP13 in Windows OS
Procedure:
1. Copy log4j2.xml file from <SDI_Home_Dir>/etc and add to the
<SDI_Solution_Dir>/etc (which was missing there).
2. Configure /ibmdiservice.props with below parameter:
jvmcmdoptions=-Dlog4j2.configurationFile=etc\log4j2.xml
3. Restart SDI Server process
Error messages and problem solving
Update the row with Message number CTGIMT001E in "Table
1. Specific warning and error messages and actions" as below:
|
Message number |
Message |
Action |
|
CTGIMT001E |
The following error occurred. Error: Initialize Error: Unable to establish the connection with the PeopleSoft Application Server. |
- Verify that the PeopleSoft Application Server is running. |
Chapter 7: Uninstalling
No updates for the current release
Installation Platform
The IBM Security Verify Governance Adapter for PeopleSoft
HR Feed was built and tested on the following product versions.
Adapter
Installation Platform
Due to continuous Java security updates that may be applied to
your IBM Security Verify Governance servers, the following SDI releases are the
officially supported versions:
· Security Directory Integrator 7.2 + FP14
· Security Verify Directory Integrator 10.0.0
Earlier versions of SDI that are still supported may function properly, however to resolve any communication errors, you must upgrade your SDI releases to the officially supported versions by the adapters. Please refer to the adapters installation and configuration guides for the latest update on IBM Security Directory Integrator versions and fix packs.
Managed Resource
· PeopleSoft PeopleTools v8.60
· PeopleSoft PeopleTools v8.61
PTxxx_COMPONENTS_HRMS.zip resource
· PT860_COMPONENT_HRMS.zip for PeopleTools 8.60 and 8.61
IBM Security Verify Governance servers:
· IBM Verify Identity Governance v11.0
· IBM Security Verify Governance Identity Manager (v10.0.1 FP4 release or later)
· IBM Security Verify Governance v10.0
*Unless this document specifies a specific fix pack version of ISVG Identity Manager v10, we expect the adapter to work with ISIM 6 as well. However, it will only be debugged and fixed from the perspective of ISVG-IM v10.
This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785 U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:
Intellectual Property Licensing
Legal and Intellectual Property Law
IBM Japan, Ltd.
1623-14, Shimotsuruma, Yamato-shi
Kanagawa 242-8502 Japan
The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:
IBM Corporation
2Z4A/101
11400 Burnet Road
Austin, TX 78758 U.S.A.
Such information may be available, subject to appropriate terms and conditions, including in some cases payment of a fee.
The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us.
Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only. All IBM prices shown are IBM's suggested retail prices, are current and are subject to change without notice. Dealer prices may vary.
This information is for planning purposes only. The information herein is subject to change before the products described become available.
This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.
Trademarks
IBM, the IBM logo, and ibm.com® are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
PeopleSoft is a trademark of Oracle Corporation in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
Other company, product, and service names may be trademarks or service marks of others