Completing the installation - PingDirectory - 10.0

PingDirectory 10.0

bundle
pingdirectory-100
ft:publication_title
PingDirectory 10.0
Product_Version_ce
PingDirectory 10.0
category
Product
pd-100
pingdirectory
ContentType_ce

Regardless of whether you are installing Delegated Admin in a Unix or Linux or Windows environment, perform the relevant steps in this section after you complete the previous OS-specific tasks.

Click the following tabs to see instructions for the type of installation you want to complete.

The PingDirectoryProxy server

Note:

The following task assumes that when you ran the setup command, you answered y to the question Is Delegated Admin being installed in a topology containing PingDirectoryProxy?

If you are installing Delegated Admin on the PingDirectoryProxy server, you must configure the proxy instance using the delegated-admin-for-proxy.dsconfig script as described in the fourth tab, "Locations other than PingDirectoryProxy."

To configure all instances of the PingDirectory server:

  1. Apply the commands from the delegated-admin.dsconfig batch file to all instances of the PingDirectory server.
    $ ./bin/dsconfig \
      --bindDN "cn=Directory Manager" \
      --bindPassword <password>
      --no-prompt \
      --batch-file webapps/delegator/delegated-admin.dsconfig \
      --applyChangeTo server-group
  2. Apply the commands from the delegated-admin.dsconfig batch file to all instances of the PingDirectory server, as explained in the second tab, "Replicated instances of PingDirectory."

Replicated instances of the PingDirectory server

If you are installing Delegated Admin on one or more replicated instances of the PingDirectory server:

  • Apply the following commands in delegated-admin.dsconfig to each instance:
    $ ./bin/dsconfig \
      --bindDN "cn=Directory Manager" \
      --bindPassword <password>
      --no-prompt \
      --batch-file webapps/delegator/delegated-admin.dsconfig  \
      --applyChangeTo server-group

External web server

Note:

The following steps assume that when you ran the setup command, you answered n to the question Will the web app be hosted in PingDirectory?

  1. Open config.js in a text editor.
  2. Change the variable values to specify the location of the PingDirectory server.
    config.js Variable Value

    window.DS_HOST

    Host name of the PingDirectory server

    window.DS_PORT

    HTTPS port of the PingDirectory server

    To view an example outline that features these settings, see example.config.js.

  3. Save your changes to config.js.
  4. Create a CORS policy for the Delegated Admin HTTP servlet extension, where <origin> represents the public name of the host, proxy, or load balancer that presents the Delegated Admin web application.
    dsconfig create-http-servlet-cross-origin-policy 
      --policy-name "Delegated Admin Cross-Origin Policy" 
      --set "cors-allowed-methods: GET" 
      --set "cors-allowed-methods: OPTIONS" 
      --set "cors-allowed-methods: POST" 
      --set "cors-allowed-methods: DELETE" 
      --set "cors-allowed-methods: PATCH" 
      --set "cors-allowed-origins: <origin>"
    
    dsconfig set-http-servlet-extension-prop 
      --extension-name "Delegated Admin" 
      --set "cross-origin-policy:Delegated Admin Cross-Origin Policy"
  5. Optional: If you will be enabling administrators to run Delegated Admin reports in your configuration, run dsconfig with the set-http-servlet-cross-origin-policy-prop option.
    dsconfig set-http-servlet-cross-origin-policy-prop \ 
      --policy-name "Delegated Admin Cross-Origin Policy" \ 
      --set cors-exposed-headers:Content-Disposition

All locations except the PingDirectoryProxy server

To continue installing Delegated Admin on a PingDirectory server or on an external web server:

  • Run the following command with delegated-admin.dsconfig on the appropriate server:
    $ ./bin/dsconfig \
      --bindDN "cn=Directory Manager" \
      --bindPassword <password>
      --no-prompt \
      --batch-file webapps/delegator/delegated-admin.dsconfig

Next steps

Important:

You cannot sign on to Delegated Admin until you configure the rights of the delegated administrators. For more information about configuring administrative rights, the REST resource type, session timeout values, and other properties, see Configuring Delegated Admin.

After you configure Delegated Admin, verify that the application is installed and working successfully.