Configuring an LDAP connection
If you’re planning to provide SSO to users whose accounts reside in a directory server, ensure you have an LDAP data store defined for it in PingFederate.
About this task
Learn more about Managing datastores in the PingFederate documentation.
Ensure the |
If you need to support multiple Office 365 subdomain accounts through one SP connection in PingFederate 7.2 or later, create additional LDAP data store connections to LDAP servers of the subdomains. |
Steps
-
In the PingFederate administrative console go to Server Configuration > System Settings > Data Stores.
-
Click Add New Data Store.
-
Select LDAP in the Data Store Type tab and click Next.
-
Populate the fields in the LDAP Configuration tab.
-
In the Hostname(s) field enter the DNS name or IP address of the data store, which might include a port number such as
181.20.42.130:389
. For failover, you can enter multiple LDAP servers, each separated by a space. -
In the LDAP Type field, select Active Directory.
-
Enter the User DN and password of a user account with read permission in Active Directory.
-
-
Click Advanced and then click the LDAP Binary Attributes tab.
-
In the Binary Attribute Name field, enter
objectGUID
and click Add. -
Click Done and then click Next.
-
Review the summary and click Save.