Portal Conference Live Blogging – Day Two Drive Portal User Account Creation From Your ERP System


Heather Pierre the new Associate Director of Web Communications at Gettysburg College was kind enough to guest blog a session this morning by Tim Archer, University of St. Francis.

Drive Portal User Account Creation From Your ERP System

The problem:

· account creation was manual process

· reset pw’s called IT

· people expect real time access to their info

· people not notified when accounts were created

Solution overview:

DESIGN

· MUST be in ERP

· ERP tells what role(s) person plays [student, faculty, staff, alum, prospects]

· unique ID in ERP is stored in LDAP workForceID attribute

o directory and ERP are now “connected”

· ERP system queries the directory and determines who needs accounts created or roles

· Casual employees, friends, etc. handled manually…record created in ERP with comments on why they’re in there…not full data, account login handled as separate group

IMPLEMENTATION

· Work with dept’s to get data in system, correctly and in timely manner – biggest challenge, service to constituents faster

· Data not in the system…no account, call respective dpet to get it right

PROCESS

Nightly job writes a file of directory chges [acct creations/deletions/role chgs

ERP checks to see which accts were created and emails users their acct info [sent to external email address]

Accts created within 24 hours of data entered into ERP system

PW RESET

· Log into portal first time, MUST setup a security question to use pw reset

o Stored in ERP system

· Must chg pw upon first login

· Portal LDAP user has privilege to reset pw’s

o Check birth date and security question assoc with person

o Admin connect to the directory and reset pw

PW EXPIRATION

· User logs into portal, check to see if pw has expired

o Directory maintains rules for expiration, length, and pw strength

USF_LDAP_UTIL – Connect the ERP and the Directory

· Oracle PL/SQL package that allows you to pull directory data into SQL and ‘join’ the ERP to E-Directory

· Non-Oracle DB’s will need another approach

Benefits Realized:

· Data in ERP timely manner

· Students, faculty, staff, etc. can all reset their pw through the portal if they forget it

· Setup logging to determine misc. ‘issues’

Misc Issues:

· Accts locked after 10 invalid login attempts…must call IT to unlock

· People forget the answers to their security questions

One size doesn’t fit all:

· Multiple sources of data [not all in one db]

· Try to centralize the source of truth (or at least come up with a priority hierarch) and use it

· Real work is in consolidating systems and getting the data right

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: