The PingDirectory Server is a powerful, 100% Java, production-proven PingData Platform solution for mission-critical and large-scale applications. The Directory Server provides an extensive feature-rich set of tools that can meet the production needs of your system.

  • Full LDAP Version 3 Implementation. The Directory Server fully supports the Lightweight Directory Access Protocol version 3 (LDAP v3), which supports the Request For Comments (RFCs) specified in the protocol. The Directory Server provides a feature-rich solution that supports the core LDAPv3 protocol in addition to server-specific controls and extended operations.

  • High Availability. The Directory Server supports N-way multi-master replication that eliminates single points of failure and ensures high availability for a networked topology. The Directory Server allows data to be stored across multiple machines and disk partitions for fast replication. The Directory Server also supports replication in entry-balancing proxy server deployments.

  • Administration Tools. The Directory Server provides a full set of command-line tools, an Administrative Console, and a Java-based setup tool to configure, monitor, and manage any part of the server. The Directory Server has a task-based subsystem that provides automated scheduling of basic functions, such as backups, restores, imports, exports, restarts, and shutdowns. The set of utilities also includes a troubleshooting support tool that aggregates system metrics into a zip file, which administrators can send to your authorized support provider for analysis.

  • Self-Service Account Manager Application. The Self Service Account Manager project, hosted at https://github.com/pingidentity/ssam, is a customizable web application allowing users to perform their own account registration, profile updates, and password changes. The project is for testing and development purposes, and is not a supported application.

  • Delegated Admin Application. A Javascript-based web application can be installed for business users to manage identities stored in the Directory Server. The application provides delegated administration of identities for help desk or customer service representatives (CSR) initiating a password reset and unlock; an employee in HR updating an address stored within another employee profile; or an application administrator updating identity attributes or group membership to allow application SSO access.

  • Security Mechanisms. The Directory Server provides extensive security mechanisms to protect data and prevent unauthorized access. Access control list (ACL) instructions are available down to the attribute value level and can be stored within each entry. The Directory Server allows connections over Secure Sockets Layer (SSL) through an encrypted communication tunnel. Clients can also use the StartTLS extended operation over standard, non-encrypted ports. Other security features include a privilege subsystem for fine-grained granting of rights, a password policy subsystem that allows configurable password validators and storage schemes, and SASL authentication mechanisms to secure data integrity, such as PLAIN, ANONYMOUS, EXTERNAL, CRAM-MD5, Digest-MD5, and GSSAPI. The Directory Server also supports various providers and mappers for certificate-based authentication in addition to the ability to encrypt specific entries or sensitive attributes. See the PingDirectory Server Security Guide for details.

  • Monitoring and Notifications. The Directory Server supports monitoring entries using the PingDataMetrics Server, JConsole, Simple Network Management Protocol (SNMP), or using the Administrative Console. Administrators can track the response times for LDAP operations using a monitoring histogram as well as record performance statistics down to sub-second granularity. The Directory Server also supports configurable notifications, auditing, and logging subsystems with filtered logging capabilities.

  • Powerful LDAP SDK. The Directory Server is based on a feature-rich LDAP SDK for Java, designed by Ping Identity. The LDAP SDK is a Java API standard that overcomes the many limitations of the Java Naming and Directory Interface (JNDI) model. For example, JNDI does not address the use of LDAP controls and extended operations. The LDAP SDK for Java provides support for controls and extended operations to leverage Ping Identity’s extensible architecture for their applications.

    For more information on the LDAP SDK for Java, to go http://www.LDAP.com.

  • SCIM Extension. The Directory Server provides a System for Cross-domain Identity Management (SCIM) servlet extension to facilitate moving users to, from, and between cloud-based Software-as-a-Service (SaaS) applications in a secure and fast manner.

  • Server SDK. Ping Identity also provides the Server SDK, which is a library of Java packages, classes, and build tools to help in-house or third-party developers create client extensions for the PingDirectory Server, PingDirectoryProxy Server, and Data Sync Server. The servers were designed with a highly extensible and scalable architecture with multiple plugin points for your customization needs. The Server SDK provides APIs to alter the behavior of each server's components without affecting its code base.