Unzip the distribution ZIP file, review Before You
Begin, and then go to the server root directory. Use the setup utility with the
--cli option to install the server in interactive
If the JAVA_HOME environment variable is set to an older version of Java, explicitly specify the path to the Java JDK installation during the setup process. Either set the JAVA_HOME environment variable with the Java JDK path or execute the setup command in a modified Java environment using the env command.
$ env JAVA_HOME=/ds/java ./setup
- Read the Ping Identity End-User License Agreement, and type yes to continue.
- Enter the fully qualified host name or IP address of the local host, or press Enter to accept the default.
- Enter the root user DN, or press Enter to accept the default (cn=Directory Manager).
- Enter and confirm the root user password.
- Press Enter to enable the Ping Identity services (Configuration, Consent, Delegated Admin, Documentation, and Directory REST API) and Administrative Console over HTTPS. After setup, individual services and applications can be enabled or disabled by configuring the HTTPS Connection Handler.
- Enter the port on which the Directory Server will accept connections from HTTPS clients, or press Enter to accept the default.
- Enter the port on which the Directory Server will accept connections from LDAP clients, or press Enter to accept the default.
- The next two options enable using LDAPS or StartTLS. Type no to use a standard LDAP connection, or accept the default (yes) to enable both. Enabling LDAPS configures the LDAPS Connection Handler to allow SSL over its client connections. Enabling StartTLS configures the LDAP Connection Handler to allow StartTLS.
Select the certificate option for this server:
Generate a self-signed certificate for testing purposes only.
To use an existing certificate using a Java Keystore, enter the keystore path and keystore PIN.
To use an existing certificate using use a PKCS#12 keystore, enter the keystore path and the keystore PIN.
To use the PKCS#11 token, enter only the keystore PIN.
Choose the desired encryption for the directory data, backups, and log files from the
Encrypt data with a key generated from an interactively provided passphrase. Using a passphrase (obtained interactively or read from a file) is the recommended approach for new deployments, and you should use the same encryption passphrase when setting up each server in the topology.
Encrypt data with a key generated from a passphrase read from a file.
Encrypt data with a randomly generated key. This option is primarily intended for testing purposes, especially when only testing with a single instance, or if you intend to import the resulting encryption settings definition into other instances in the topology.
Encrypt data with an imported encryption settings definition. This option is recommended if you are adding a new instance to an existing topology that has older server instances with data encryption enabled.
Do not encrypt server data.
- Type the base DN for the data, or accept the default base DN of dc=example,dc=com.
Choose an option to generate and import sample data. Type the desired number of entries,
or press Enter to accept the default number (10000). This option is used for
quick evaluation of the Directory Server.
See Initializing Data onto the Server if you want to use other options to initialize the server.
- Choose the option to tune the amount of memory that will be consumed by the Directory Server and its tools.
Press Enter to prime or preload the database cache at startup
prior to accepting client connections.
Priming the cache can increase the startup time for the Directory Server but provides optimum performance once startup has completed. This option is best used for strict throughput or response time performance requirements, or if other replicas in a replication topology can accept traffic while this Directory Server instance is starting. Priming the cache also helps determine the recommended JVM option, CMSInitiatingOccupancyFraction, when a Java garbage collection pause occurs. See JVM Garbage Collection Using CMS.
- Enter a location name for this server.
- Enter a unique instance name for this server. Once set, the name cannot be changed.
- Press Enter to accept the default (yes) to start the Directory Server after the configuration has completed. To configure additional settings or import data, type no to keep the server in shutdown mode.
- Choose an option to continue server set up.
- On the Setup Summary page, confirm the configuration. Press Enter to accept the default (set up with the parameters given), enter the option to repeat the installation process, or enter the option to cancel the setup completely.
Page created: 6 Nov 2019 |
Page updated: 25 Mar 2020