If the create-sync-pipe-config tool was not used to create the synchronization configuration, two properties must be verified on each endpoint: proxy-server and use-changelog-batch-request. The proxy-server property should specify the name of the proxy server. The use-changelog-batch-request property should be set to true on the Sync Source only. The use-changelog-batch-request property is not available on the destination endpoint.

The PingDataSync Server connection parameters (hostname, port, bind DN, and bind password) are required.

  1. The following commands check the properties on a Sync Source.
    On the Sync Source:
    $ bin/dsconfig --no-prompt \
      get-sync-source-prop \
      --source-name "Ping Identity Proxy 1" \
      --property "proxy-server" \
      --property "use-changelog-batch-request"
    On the Sync Destination:
    $ bin/dsconfig --no-prompt \
      get-sync-source-prop \
      --source-name "Ping Identity Proxy 2" \
      --property "proxy-server"
  2. From the server root directory, run the dsconfig command to set a flag indicating that the endpoints are PingDirectoryProxy Servers:
    $ bin/dsconfig --no-prompt \
      set-sync-source-prop \
      --source-name "Ping Identity Proxy 1" \
      --set proxy-server:ldap-west-01 \
      --set use-changelog-batch-request:true
    $ bin/dsconfig --no-prompt \
      set-sync-source-prop \
      --source-name "Ping Identity Proxy 2" \
      --set proxy-server:ldap-east-01
  3. Run the resync --dry-run command to test the configuration settings for each Sync Pipe and debug any issues.
    $ bin/resync --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2"
    --dry-run
  4. Run realtime-sync set-startpoint to initialize the starting point for synchronization.
    $ realtime-sync set-startpoint --end-of-changelog \
      --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2" \
      --port 389 \
      --bindDN "cn=Directory Manager" \
      --bindPassword password
    Note:

    For synchronization through proxy deployments, the --change-number option cannot be used with the realtime-sync set-startpoint command, because PingDataSync Server cannot retrieve specific change numbers from the backend directory servers. Use --change-sequence-number, --end-of-changelog, or other options available for the tool.

  5. Run the resync command to populate data on the endpoint destination server if necessary.
    $ bin/resync --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2"
    \
      --numPasses 3
  6. Start the Sync Pipe using the realtime-sync start command.
    $ bin/realtime-sync start \
      --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2"
  7. Monitor PingDataSync Server using the status commands and logs.