PingDirectory

Deploying the administrative console

To administer multiple servers from a single console instance, you can use Docker or a Java application server, such as Tomcat or Jetty, to run the administrative console as a standalone instance. Running the console as a standalone instance also allows you to make changes to the console without restarting the directory server’s HTTPS connection handlers.

For more information on deployment options, click the following tabs.

  • Use Docker to run a standalone console

  • Set up the console in a Tomcat environment

Using Docker to run a standalone administrative console

About this task

The administrative console is available as a standalone Docker image on Docker Hub. To see a docker-compose example that deploys a PingDirectory container with a corresponding console, see the PingDirectory getting started demo.

The Ping Identity Helm charts also include support for the administrative console, which you should use when deploying the console in Kubernetes.

Steps

  • To connect with a PingDirectory server that is deployed in Docker, run the administrative console image in a local Docker deployment.

    The network you use must match the network used by the PingDirectory server’s container.

    Example:

    The following example deploys the standalone console image in a local Docker deployment with the console listening on port 8443 using the pingnet network:

    docker run \
        --name pingdataconsole \
        --publish 8443:8443 \
        --network pingnet \
        --detach \
        pingidentity/pingdataconsole:edge

    You can change the first port in the --publish line based on what port you want to use on your local machine, but you shouldn’t change the second port. To access the console outside of Docker on port 9443, for example, use 9443:8443.

  • To access the console, go to https://<hostname>:<port>/console/login and enter the following credentials.

    Field Credential

    Server

    <PingDirectory container name>:<LDAPS port>

    The name of the server you enter on the sign-on page must match the name of the PingDirectory container you are trying to connect to along with the LDAPS port of that container.

    For example, use pingdirectory:1636 to connect to a standalone PingDirectory Docker container on the same network.

    Username

    administrator

    Password

    2FederateM0re

Setting up the administrative console on a Tomcat environment

Before you begin

To set up a standalone console, you need the admin-console.war file from the PingDirectory server’s resource/admin-console.zip archive.

About this task

You can use the .war file with Java application servers, such as Tomcat or Jetty. The following example uses Tomcat as the server environment.

Because Tomcat server version 10 has a defect with Spring Boot applications, use Tomcat 9 instead.

Steps

  1. Download the Tomcat 9 .zip archive from the Apache Tomcat downloads page.

  2. Extract the .zip archive.

  3. To set up the Tomcat server, follow the instructions in the RUNNING.txt file from the extracted directory.

  4. To keep the Tomcat server information from being exposed, in the Host section of the Tomcat_directory/conf/server.xml file, add the following line:

    <Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="true" showServerInfo="false" />
    This information is sourced from the Smart Scanner website, where you can learn more about this Tomcat server vulnerability.
  5. Copy the admin-console.war file into the webapps folder in the Tomcat root directory.

  6. To start the Tomcat server, run startup.sh or startup.bat from the bin folder of the Tomcat root directory.

    Result:

    Tomcat automatically extracts the console from the compressed .war file into an exploded application directory and starts running the console.

  7. To access the console, use the admin-console path from the Tomcat server path.

    By default, the path to access the console is localhost:8080/admin-console.