Getting started with the PingDirectory server
After setting up your PingDirectory server instance, you can configure additional server settings, import your user database, and run initial performance tests to optimize the server’s throughput.
Configure the server
You can configure the PingDirectory server using the dsconfig command-line tool or the admin console. With dsconfig, you can also apply configuration changes in a batch file.
Server configuration details
-
The batch file defines the
dsconfigcommands necessary for configuring your server instance. -
The host name and HTTPS port you set during installation determine the deployment URL for the admin console.
For example, given a host name of server1 and an HTTPS port of 1443, you would access the admin console at https://server1.com:1443/console. You can also find the admin console URL by running
bin/status. -
If you’re migrating from a Sun Java System directory server (version 5.x - 7.x), you can use the
bin/migrate-sun-ds-configcommand to migrate your configuration settings to this new server instance.
Import user data
Import your user data using the import-ldif tool, as shown in the following example:
$ bin/import-ldif --backendID userRoot --ldifFile ../user-data.ldifThe import serves as an initial test of the schema settings. Learn more about Importing data and Managing the schema.
Test operational performance
The PingDirectory server provides three tools for operational performance testing using built-in LDAP clients that access the server directly.
|
Running these utilities on the server that’s hosting the directory being tested impacts performance results. In general, increasing the thread count improves throughput, but higher thread counts have diminishing returns on performance. |
Before you begin
You need a sufficient number of entries in your server to run these performance tests. For example, the following commands assume you have at least 2000 user entries.
If you want to populate the server with sample data for testing, learn more in Generating sample data.
authrate
Use authrate to test the server’s performance for authentication operations. The following command issues a search request to find a user and then a bind request to authenticate that user:
$ bin/authrate --hostname <server-name> --port <ldap-port> \
--baseDN "dc=example,dc=com" --scope sub \
--filter "(uid=user.[0-1999])" --credentials password \
--numThreads 10 --numIntervals 20|
In the previous command, |
modrate
Use modrate to test the server’s performance for modify and write operations. For example:
$ bin/modrate --hostname <server-name> --port <ldap-port> \
--entryDN "uid=user.[0-1999],ou=People,dc=example,dc=com" \
--attribute description --valueLength 12 --numThreads 10 --numIntervals 20searchrate
Use searchrate to test the server’s performance for search operations.
For example:
$ bin/searchrate --hostname <server-name> --port <ldap-port> \
--baseDN "dc=example,dc=com" --scope sub \
--filter "(uid=user.[0-1999])" --attribute givenName --attribute sn \
--attribute mail --numThreads 10 --numIntervals 20Install Delegated Admin (optional)
Install a JavaScript-based web application for business users to manage identities stored in the PingDirectory server. Learn more in Installing Delegated Admin and the Delegated Admin application guide.
The Delegated Admin application provides delegated administration of identities in the following scenarios:
-
A help desk or customer service representative needs to initiate a password reset and unlock an account.
-
An employee in HR needs to update an address stored within another employee profile.
-
An application administrator needs to update identity attributes or group membership to allow single sign-on (SSO) access.