PingDirectory

Configure PingDataSync

About this task

Configure PingDataSync after the PingDirectoryProxy server and its backend set of PingDirectory server instances are configured and fully functional for each endpoint, which are labeled as ldap-west and ldap-east in this example.

For information about installing and configuring PingDataSync, see Installing the PingDataSync server.

Steps

  1. From the PingDataSync root directory, run the create-sync-pipe-config command.

    $ bin/create-sync-pipe-config
  2. At the Initial Synchronization Configuration Tool prompt, press Enter to continue.

  3. On the Synchronization Mode menu, press Enter to select Standard mode.

  4. On the Synchronization Directory menu, choose the option for one-way or bidirectional synchronization.

  5. On the First Endpoint Type menu, enter the number for the type of backend data store for the first endpoint. In this example, type the number corresponding to the PingDirectoryProxy server.

    >>>> First Endpoint Type
    Enter the type of datastore for the first endpoint:
    1) Ping Identity Directory Server
    2) Ping Identity Directory Proxy Server
    3) Alcatel-Lucent Directory Server
    4) Alcatel-Lucent Proxy Server
    5) Sun Directory Server
    6) Microsoft Active Directory
    7) Microsoft SQL Server
    8) Oracle Database
    9) Custom JDBC
    
    b) back
    q) quit
    Enter choice [1]: 2
  6. Enter a descriptive name for the first endpoint.

  7. Enter the base DN where PingDataSync can search for the entries on the first endpoint server.

  8. Specify the type of security when communicating with the endpoint server.

  9. Enter the host name and port of the endpoint server. PingDataSync tests the connection. Repeat this step if configuring another server for failover.

  10. Enter the Sync User account that will be used to access the endpoint server, or press Enter to accept the default cn=Sync User,cn=Root DNs,cn=config. Enter a password for the account.

  11. The first endpoint deployment is defined using the PingDirectoryProxy server (ldap-west). Repeat steps 5-10 to define the second proxy deployment (ldap-east) on PingDataSync.

  12. Prepare the endpoint servers in the topology. This step confirms that the Sync User account is present on each server and can communicate between PingDataSync and the PingDirectoryProxy servers. In addition to preparing the PingDirectoryProxy server, PingDataSync prepares the backend set of directory servers as the proxy server passes through the authorization to access these servers.

  13. Repeat the previous step to prepare the second endpoint server. If other servers have not been prepared, make sure that they are before synchronization.

  14. Define the Sync Pipe from proxy 1 to proxy 2. In this example, accept the default "Ping Identity Proxy 1 to Ping Identity Proxy 2."

  15. To customize on a per-entry basis how attributes get synchronized, define one or more Sync Classes. Create a Sync Class for the special cases, and use the default Sync Class for all other mappings.

  16. For the default Sync Class Operations, specify the operations that will be synchronized.

  17. Review the configuration settings, and write the configuration to PingDataSync in the sync-pipe-cfg.txt file.