The configuration of the Directory Proxy Server involves the following steps:
  • Configuring the locations for your deployment. A location is a collection of servers that share access and latency characteristics. For example, your deployment might include two data centers, one in the east and one in the west. These data centers would be configured as two locations in the Directory Proxy Server. Each location is associated with a name and an ordered list of failover locations, which could be used if none of the servers in the preferred location are available.

  • Configuring the Directory Proxy Server location. You need to update the configuration to specify the location of the Directory Proxy Server instance.

  • Configuring health checks for the LDAP external servers. You can configure at what point the Directory Proxy Server considers an LDAP external server to be available, of degraded availability, or unavailable. Each health check can be configured to be used automatically for all LDAP external servers or for a specified set of servers.

  • Configuring the LDAP external servers. During this step, you define each of the external directory servers, including the server type. You can configure Ping Identity Directory Servers, Sun Java System Directory Servers, or generic LDAP servers. You also assign the server-specific health checks configured in the previous step.

  • Configuring the load-balancing algorithm. You configure the load-balancing algorithm used by the Directory Proxy Server to determine which server in a set of similar servers should be used to process a client request. The Directory Proxy Server provides default algorithms. It also steps you through the creation of new algorithms by using an existing algorithm as a template or by creating one from scratch.

  • Configuring the proxying request processor. In this step, you configure proxying request processors that forward operations received by the Directory Proxy Server to other LDAP external servers.

  • Configuring subtree views. A subtree view defines the portion of the DIT available to a client. Each subtree view can be associated with a load-balancing algorithm to help distribute the work load.

  • Configuring the client connection policy. You configure policies to classify how different client connections are managed by the Directory Proxy Server. The client connection policy can be used to control the types of operations that a client may perform and the portion of the DIT that the client can access. Restrictions configured in a client connection policy will take precedence over any capabilities granted by access control or privileges.