PingAuthorize provides sample dsconfig batch files that you can use to easily make a number of common or recommended changes to the server configuration.
The config/sample-dsconfig-batch-files directory contains dsconfig batch files that you can use to configure various aspects of the server. For example, these files can enable additional security capabilities or take advantage of features that might require customization from one environment to another.
Each file includes comments that describe the purpose and benefit of its configuration change. You can choose which of the changes you want to apply.
You need to customize some of the batch files to provide values that might vary from one
environment to another. To apply a batch file that requires changes, copy it to another
directory and edit the copy. Leave the files in the
config/sample-dsconfig-batch-files directory unchanged so that
they can be updated when you upgrade the server. To specify the path to the file that
contains the changes to apply, use the dsconfig tool
(bin/dsconfig on UNIX-based systems or
bat\dsconfig.bat on Windows) with the
--no-prompt argument ensures that the tool does not block while
waiting for input if any necessary arguments are missing. Consider this
bin/dsconfig --hostname localhost \
--port 636 --useSSL --trustStorePath config/truststore \
--bindDN "uid=admin,dc=example,dc=com" \
--bindPasswordFile admin-password.txt \
--batch-file config/hardening-dsconfig-batch-files/reject-insecure-request.dsconfig \