PingDirectory

Automatic server discovery

Version 8.3 supports the use of information in the topology registry to automatically discover the backend PingDirectory server instances to which requests might be forwarded.

This is an alternative to explicitly configuring the PingDirectoryProxy server with the backend servers that should be used. This option is only available if all of the backend servers are PingDirectory server instances and only if the following are true:

  • The PingDirectoryProxy server must be a member of the same topology as the PingDirectory server instances to which requests will be forwarded.

  • The PingDirectoryProxy server must be configured with an LDAP external server template that provides the settings to use when communicating with dynamically discovered backend PingDirectory server instances.

  • The PingDirectoryProxy server’s load-balancing algorithms must be configured to use the desired LDAP external server template.

  • The topology registry entries for each PingDirectory server instance must be updated to indicate which of the PingDirectoryProxy server’s load-balancing algorithms can forward requests to the server.

When using automatic server discovery, you don’t need to run the prepare-external-server command. Servers do not need a service account and associated ACIs before discovery since the inter-server bind process is used to initiate communication. The server is identified using information contained in the topology registry and is given appropriate privileges during the inter-server bind process.