PingDirectory

PingDirectoryProxy server configuration overview

The following topic provides an overview of the component configurations for your PingDirectoryProxy server deployment.

Configuring locations for your deployment

A location is a collection of servers that share access and latency characteristics. For example, your deployment might include two data centers, one in the east and one in the west. These data centers are configured as two locations in the PingDirectoryProxy server. Each location is associated with a name and an ordered list of failover locations to use if none of the servers in the preferred location are available.

Configuring the PingDirectoryProxy server location

You update the configuration to specify the location of the PingDirectoryProxyserver instance.

Configuring health checks for the LDAP external servers

You configure at what point the PingDirectoryProxy server considers an LDAP external server to be available, of degraded availability, or unavailable. Each health check can be configured to be used automatically for all LDAP external servers or for a specified set of servers.

Configuring the LDAP external servers

You define each of the external directory servers, including the server type. You can configure Ping Identity directory servers, Java System Directory Servers, or generic LDAP servers. You also assign the server-specific health checks configured previously.

Configuring the load-balancing algorithm

You configure the load-balancing algorithm that the PingDirectoryProxy server uses to determine which server in a set of similar servers to use to process a client request. The PingDirectoryProxy server provides default algorithms. You can create new algorithms either using an existing algorithm as a template or creating one from scratch.

Configuring the proxying request processor

You configure proxying request processors that forward operations received by the PingDirectoryProxy server to other LDAP external servers.

Configuring subtree views

A subtree view defines the portion of the directory information tree (DIT) available to a client. Each subtree view can be associated with a load-balancing algorithm to help distribute the work load.

Configuring the client connection policy

You configure policies to classify how the PingDirectoryProxy server manages different client connections. The client connection policy can be used to control the types of operations that a client might perform and the portion of the DIT that the client can access. Restrictions configured in a client connection policy take precedence over any capabilities granted by access control or privileges.