PingDataSync creates a Sync User account DN on each
external server. The account (by default,
cn=Sync User) is used
exclusively by PingDataSync to communicate with
external servers. The entry is important in that it contains the credentials (DN and
password) used by PingDataSync to access the source
and target servers. The Sync User account resides in different entries depending on the
- For the Ping Identity PingDirectory Server, Ping
Identity PingDirectoryProxy Server, Nokia 8661 Directory
Server, Nokia 8661 Directory Proxy Server, the Sync User account resides in the
configuration entry (
cn=Sync User,cn=Root DNs,cn=config).
- For Sun Directory Server, Sun DSEE, OpenDJ, Oracle Unified Directory, and generic
LDAP directory topologies, the Sync User account resides under the base DN in the
cn=Sync User,dc=example,dc=com).The Sync User account should not reside in the
cn=configbranch for Sun Directory Server and DSEE machines.
- For Microsoft Active Directory servers, the Sync User account resides in the Users
- For Oracle and Microsoft SQL Servers, the Sync User account is a login account
SyncUser)with the sufficient privileges to access the tables to be synchronized.
In most cases, modifications to this account are rare. Make sure that the entry is not
synchronized by setting up an optional Sync Class if the account resides in the
userRoot backend (Sun Directory Server or Sun DSEE) or Users
container (Microsoft Active Directory). For example, a Sync Class can be configured to
have all CREATE, MODIFY, and DELETE operations set to false.