About the prepare-external-server
tool
Use the prepare-external-server
tool if you have added LDAP external servers using dsconfig
.
The create-initial-proxy-config
tool automatically runs the prepare-external-server
tool to configure server communications so that you do not need to invoke it separately. The create-initial-proxy-config
tool verifies that the proxy user account exists and has the correct password and required privileges. If it detects any problems, it prompts for manager credentials to rectify them.
If you want the prepare-external-server
tool to add the LDAP external server’s certificates to the PingDirectoryProxy server’s trust store, you must include the --proxyTrustStorePath
option and either the --proxyTrustStorePassword
or the --proxyTrustStorePasswordFile
option.
The default location of the PingDirectoryProxy server’s trust store is config/truststore
. The pin is encoded in the config/truststore.pin
file.
The following example prepares a PingDirectory server on the remote host ds-east-01.example.com
, listening on port 1389 for access by the PingDirectoryProxy server using the default user account cn=Proxy User
, as shown in the following example.
prepare-external-server --hostname ds-east-01.example.com \ --port 1389 --baseDN dc=example,dc=com --proxyBindPassword secret
When the prepare-external-server
command is executed, it creates the cn=Proxy User
Root distinguished name (DN) entry as well as an access control rule in the PingDirectory server to grant the proxy user the proxy access right.
For non-Ping Identity servers, the |