On the Identities tab, choose whether to connect PingFederate Bridge to a directory server. If you connect to a directory server, LDAP is used for user lookup and credential validation.

Note:

You do not need to use a directory server if you are only using PingID VPN or if you are configuring PingFederate Bridge to function as a test identity provider. If this is the case, select No, Don't Connect a Directory Server and click Next.

To connect to a directory server:

  1. Select Yes, Connect a Directory Server.
    Configuration fields appear.
  2. Enter information in the fields that is appropriate for your directory server.
    Directory Type
    Select the type of directory server that you are using.
    Data Store Name
    Enter the name of the data store representing the directory server.
    Hostname
    Enter the IP address or the fully qualified domain name of the directory server.
    Service Account DN
    Enter the distinguished name (DN) of the service account that PingFederate Bridge can use to communicate with the directory server.
    Password
    Enter the service account password.
    Search Base
    Enter the DN of the location of the directory where PingFederate Bridge begins its data store queries.
    Search Filter
    Optionally, enter the LDAP query to locate a user record for attribute lookup and potentially credential validation. The default value is sAMAccountName=${username} for Active Directory, and uid={$username} for PingDirectory and Oracle Directory Server.
    Note:

    If you update this field, make sure to enter a valid LDAP filter. For more information, consult your directory administrators.

  3. Click Next.
    PingFederate Bridge tries to establish a secure (LDAPS) connection to the directory server.