--- title: Configuring identity repository settings description: Set up a customized directory configure identity repository settings either immediately or at a later time. component: pingfederate version: 13.1 page_id: pingfederate:administrators_reference_guide:pf_configuring_identity_repository_settings canonical_url: https://docs.pingidentity.com/pingfederate/13.1/administrators_reference_guide/pf_configuring_identity_repository_settings.html llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md revdate: July 8, 2024 section_ids: about-this-task: About this task steps: Steps --- # Configuring identity repository settings Set up a customized directory configure identity repository settings either immediately or at a later time. ## About this task On the **Identities** tab, you can optionally connect to a directory server. ## Steps * Go to **System > External Systems > Connect to PingOne for Enterprise** and access the **Identities** tab. * To enable directory integration, select **Yes, Connect a Directory Server**. You can create a new datastore or reuse an existing datastore in this configuration. * Create a new datastore Provide the required information to connect to a directory server, and then click **Next**.More information about each field is provided in the following table. | Field | Description | | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Directory Type** | Select the type of directory server from the list.See [System requirements](../installing_and_uninstalling_pingfederate/pf_system_requirements.html) for a list of supported directory servers. | | **Data Store Name** | Enter the name of the datastore. | | **Hostname** | Enter the location of the directory server.It can be the IP address, the host name, or the fully qualified domain name of the directory server. The entry might include a port number. | | **Service Account DN** | Enter the distinguished name (DN) of the service account that PingFederate can use to communicate with the directory server. | | **Password** | Enter the password associated with the service account. | | **Search Base** | Enter the DN of the location in the directory where PingFederate begins its datastore queries. | | **Search Filter** | Enter the LDAP query to locate a user record for attribute lookup and potentially credential validation.The default value is either `sAMAccountName=${username}` or `uid=${username}`, depending on the selected directory type.If you require a more advanced search filter, ensure the value is a valid LDAP filter. For more information, consult your directory administrators. | When you click **Next**, PingFederate tries to establish a secure (LDAPS) connection to the directory server.If the directory server does not support LDAPS, the **Unsecure Connection** window appears. If you want to continue without a secure connection, click **Next**. Alternatively, you can go back to the **Identities** tab and specify a different directory server.If the certificate presented by the directory server is not trusted by PingFederate, the **Certificate Error** window appears. You can import the certificate used by the directory server to establish a secure connection, and then click **Next** in the **Identities** tab and specify a different directory server. * Use an existing datastore Click **Begin**, and then follow the on-screen instructions to create a service provider (SP) connection to PingOne for Enterprise. (Optional) To set up a directory later, select **No, Don't Connect a Directory Server** and then click **Next**. | | | | - | ----------------------------------------------------------------------------------------------------------- | | | This setup scenario is suitable for proof of concept. Multiple local test accounts are created as a result. |