PingDirectory

Installing the PingDataSync server

This section describes how to install and run PingDataSync.

Click the following tabs to see instructions for the type of installation you want to perform.

  • Install the main server

  • Install a failover server

Installing the main server

About this task

Use the setup tool to install the server. The server needs to be started and stopped by the user who installed it.

Steps

  1. Sign on as a user other than root.

  2. Obtain the latest zip release bundle, as described in Downloading the installation packages, and unpack it in a directory owned by this user.

    $ unzip  PingDataSync-<version>.zip
  3. Change to the server root directory.

    $ cd  PingDataSync
  4. Run the setup command.

    $ ./setup
  5. Type yes to accept the End-User License Agreement and press Enter to continue.

  6. If adding this server to an existing PingDataSync topology, type yes, or press Enter to accept the default (no).

  7. Enter the fully qualified host name or IP address of the local host.

  8. Create the initial root user DN for PingDataSync, or press Enter to accept the default (cn=Directory Manager).

  9. Enter and confirm a password for this account.

  10. Press Enter to enable server services and the administrative console.

  11. Enter the port on which PingDataSync will accept connections from HTTPS clients, or press Enter to accept the default.

  12. Enter the port on which PingDataSync will accept connections from LDAP clients, or press Enter to accept the default.

  13. Press Enter to enable LDAPS, or enter no.

  14. Press Enter to enable StartTLS, or enter no.

  15. Select the certificate option for this server.

  16. Choose the desired encryption for the directory data, backups, and log files from the choices provided:

    • Encrypt data with a key generated from an interactively provided passphrase. Using a passphrase (obtained interactively or read from a file) is the recommended approach for new deployments, and you should use the same encryption passphrase when setting up each server in the topology.

    • Encrypt data with a key generated from a passphrase read from a file.

    • Encrypt data with a randomly generated key. This option is primarily intended for testing purposes, especially when only testing with a single instance, or if you intend to import the resulting encryption settings definition into other instances in the topology.

    • Encrypt data with an imported encryption settings definition. This option is recommended if you are adding a new instance to an existing topology that has older server instances with data encryption enabled.

    • Do not encrypt server data.

  17. Choose the option for the amount of memory that should be allocated to the server.

  18. To start the server when the configuration is complete, press Enter for (yes).

  19. A Setup Summary is displayed. Choose the option to set up the server with the listed parameters, change the parameters, or cancel the setup.

Next steps

After the server configuration is complete, you can run the create-sync-pipe-config tool configure the synchronization environment.

The administrative console enables browser-based server management, the dsconfig tool enables command-line management, and the Configuration API enables management by third-party interfaces.

Installing a failover server

About this task

PingDataSync supports redundant failover servers that automatically become active when the primary server is not available. Multiple servers can be present in the topology in a configurable prioritized order.

Before installing a failover server, have a primary server already installed and configured. When installing the redundant server, the installer will copy the first server’s configuration.

The primary and secondary server configuration remain identical. Both servers should be registered to the allservers group and all dsconfig changes need to be applied to the server group allservers.

If the primary server has extensions defined, they should also be installed on any cloned or redundant servers. If extensions are missing from a secondary server, the following message is displayed during the installation:

Extension class <com.server.directory.sync.MissingSyncExtension> was not
found. Run manage-extension --install to install your extensions. Re-run setup to continue.

To remove a failover server, use the uninstall command.

Steps

  1. Unpack the PingDataSync zip build. Name the unpacked directory something other than the first server instance directory.

    $ unzip PingData<server_version>.zip -d  <server2>
  2. Go to the server root directory.

  3. Run the setup command without any options to install the failover server in interactive mode, or run the following command to install it in non-interactive mode:

    $ ./setup --localHostName <server2>.example.com --ldapPort 7389 \
      --masterHostName <server1>.example.com --masterPort 8389 \
      --masterUseNoSecurity \
      --acceptLicense \
      --rootUserPassword password \
      --no-prompt

    The secondary server is now ready to take over as a primary server in the event of a failover. No realtime-sync invocations are needed for this server.

  4. Verify the configuration by using the bin/status command. Each server instance is given a priority index. The server with the lowest priority index number has the highest priority.

    $ bin/status --bindPassword secret
    
    ...(status output)...
                                  --- Sync Topology ---
    Host:Port	                       :Status	:Priority
    ---------------------------------------:-------------:---------------
    <server>.example.com:389 (this server) : Active      : 1
    <server>.example.com:389	        : Unavailable : 2
  5. To obtain the name of a particular server, run the dsconfig command with the list-external-servers option.

    $ bin/dsconfig list-external-servers
  6. To change the priority index of the server, run the bin/dsconfig command as follows:

    $ bin/dsconfig set-external-server-prop \
      --server-name  <server2>.example.com:389 \
    --set  <server>-priority-index:1