The following example illustrates how to run the prepare-external-server tool to prepare a Directory Server on the remote host, ds-east-01.example.com, listening on port 1636. The Directory Server is being accessed by a Directory Proxy Server that uses the default user account cn=Proxy User,cn=Root DNs,cn=config. Since a password to the truststore is not provided, the truststore defined in the --proxyTrustStorePath is referenced in a read-only manner.

  • Use the prepare-external-server tool to prepare the Directory Server. Follow the prompts to set up the external server.
    $ ./PingDirectoryProxy/bin/prepare-external-server \
      --baseDN dc=example,dc=com
      --proxyBindPassword password \
      --hostname ds-east-01.example.com \
      --useSSL \
      --port 1636
      --proxyTrustStorePath /full/path/to/trust/store \
      --proxyTrustStorePassword secret   
    Testing connection to ds-east-01.example.com:1636 .....
    
    Do you wish to trust the following certificate?
    
    Certificate Subject: CN=ds-east-01.example.com, O=Example Self-Signed Certificate 
    Issuer Subject:      CN=ds-east-01.example.com, O=Example Self-Signed Certificate 
    Validity:            Thu May 21 08:02:30 CDT 2009 to Wed May 16 08:02:30 CDT 2029   
    
    Enter 'y' to trust the certificate or 'n' to reject it.
    
    y
    
    The certificate was added to the local trust store
      
    Done
    Testing 'cn=Proxy User' access to ds-east-01.example.com:1636 ..... Failed to bind as
    'cn=Proxy User'
    
    Would you like to create or modify root user 'cn=Proxy User' so that it is available
    for this Directory Proxy Server? (yes / no) [yes]:
    
    Enter the DN of an account on ds-east-01.example.com:1636 with which to create or 
    manage the 'cn=Proxy User' account [cn=Directory Manager]:
    
    Enter the password for 'cn=Directory Manager':
    
    Created 'cn=Proxy User,cn=Root DNs,cn=config'
    
    Testing 'cn=Proxy User' privileges ..... Done