PingFederate Server

Indexing client attributes in PingDS

If you use PingDS to store OAuth client records for PingFederate, you must index the client attributes.

About this task

Index these OAuth client attributes using the following procedure.

Attribute name Index type

pf-oauth-client-id

equality

pf-oauth-client-id

ordering

pf-oauth-client-id

substring

pf-oauth-client-name

equality

pf-oauth-client-name

ordering

pf-oauth-client-name

substring

pf-oauth-client-last-modified

ordering

Steps

  1. Create the indexes using the PingDS dsconfig utility.

    The dsconfig utility is interactive, letting you enter command arguments. For example:

    $ dsconfig create-backend-index \
    --hostname localhost \
    --port 4444 \
    --bindDN uid=admin \
    --bindPassword password \
    --backend-name dsEvaluation \
    --index-name pf-oauth-client-id \
    --set index-type:equality \
    --set index-type:ordering \
    --set index-type:substring \
    --usePkcs12TrustStore /path/to/opendj/config/keystore \
    --trustStorePassword:file /path/to/opendj/config/keystore.pin \
    --no-prompt
    $ dsconfig create-backend-index \
    --hostname localhost \
    --port 4444 \
    --bindDN uid=admin \
    --bindPassword password \
    --backend-name dsEvaluation \
    --index-name pf-oauth-client-name \
    --set index-type:equality \
    --set index-type:ordering \
    --set index-type:substring \
    --usePkcs12TrustStore /path/to/opendj/config/keystore \
    --trustStorePassword:file /path/to/opendj/config/keystore.pin \
    --no-prompt
    $ dsconfig create-backend-index \
    --hostname localhost \
    --port 4444 \
    --bindDN uid=admin \
    --bindPassword password \
    --backend-name dsEvaluation \
    --index-name pf-oauth-client-last-modified \
    --set index-type:ordering \
    --usePkcs12TrustStore /path/to/opendj/config/keystore \
    --trustStorePassword:file /path/to/opendj/config/keystore.pin \
    --no-prompt

  2. After creating the indexes, build them using the rebuild-index utility.

    The following example builds the required indexes.

    $ rebuild-index \
    --hostname localhost \
    --port 4444
    --bindDN uid=admin
    --bindPassword password
    --baseDN dc=example,dc=com
    --index pf-oauth-client-id \
    --index pf-oauth-client-name \
    --index pf-oauth-client-last-modified \
    --usePkcs12TrustStore /path/to/opendj/config/keystore
    --trustStorePassword:file /path/to/opendj/config/keystore.pin