Use the create-sync-pipe-config
utility to configure a Sync
Pipe. Once the configuration is completed, settings can be adjusted using the
dsconfig
tool.
If servers have no base entries or
data, the cn=Sync User,cn=Root DNs,cn=config
account needed to
communicate cannot be created. Make sure that base entries are created on the
destination servers.
If synchronizing pre-encoded passwords to a Ping PingDirectory Server destination, allow pre- encoded passwords in the default password policy. Configure password encryption must also be configured on the destination. Be sure that the password encryption algorithm is supported by both source and destination servers with the following command:
$ bin/dsconfig set-password-policy-prop \
--policy-name "Default Password Policy" \
--set allow-pre-encoded-passwords:true
Encrypted
and clear-text passwords can be synchronized by configuring the Sync Destination
password-synchronization-format
, and
require-secure-connection-for-clear-text-passwords
properties.
The
require-secure-connection-for-clear-text-passwords
property
can be set to false when working in a test environment. If the
password-synchronization-format
property is set to
clear-text
, and
require-secure-connection-for-clear-text-passwords
property
is set to true, the connection must be secure. If a secure
connection is not available, an error is generated and the password is not
synchronized.
Perform the following steps to configure PingDataSync Server by using create-sync-pipe-config
:
dsconfig
batch file. Any Server SDK extensions, should be saved to
the <server-root>/lib/extensions
directory.The next step will be
to configure the attribute mappings using the dsconfig
command.