If the create-sync-pipe-config tool was not used to create the synchronization configuration, two properties must be verified on each endpoint: proxy-server and use-changelog-batch-request. The proxy-server property should specify the name of the proxy server. The use-changelog-batch-request property should be set to true on the Sync Source only. The use-changelog-batch-request property is not available on the destination endpoint.

The PingDataSync connection parameters (hostname, port, bind DN, and bind password) are required.

  1. The following commands check the properties on a Sync Source.
    On the Sync Source:
    $ bin/dsconfig --no-prompt \
      get-sync-source-prop \
      --source-name "Ping Identity Proxy 1" \
      --property "proxy-server" \
      --property "use-changelog-batch-request"
    On the Sync Destination:
    $ bin/dsconfig --no-prompt \
      get-sync-source-prop \
      --source-name "Ping Identity Proxy 2" \
      --property "proxy-server"
  2. From the server root directory, run the dsconfig command to set a flag indicating that the endpoints are PingDirectoryProxy servers:
    $ bin/dsconfig --no-prompt \
      set-sync-source-prop \
      --source-name "Ping Identity Proxy 1" \
      --set proxy-server:ldap-west-01 \
      --set use-changelog-batch-request:true
    $ bin/dsconfig --no-prompt \
      set-sync-source-prop \
      --source-name "Ping Identity Proxy 2" \
      --set proxy-server:ldap-east-01
  3. Run the resync --dry-run command to test the configuration settings for each Sync Pipe and debug any issues.
    $ bin/resync --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2"
    --dry-run
  4. Run realtime-sync set-startpoint to initialize the starting point for synchronization.
    $ realtime-sync set-startpoint --end-of-changelog \
      --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2" \
      --port 389 \
      --bindDN "cn=Directory Manager" \
      --bindPassword password
    Note:

    For synchronization through proxy deployments, the --change-number option cannot be used with the realtime-sync set-startpoint command, because PingDataSync cannot retrieve specific change numbers from the backend directory servers. Use --change-sequence-number, --end-of-changelog, or other options available for the tool.

  5. Run the resync command to populate data on the endpoint destination server if necessary.
    $ bin/resync --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2"
    \
      --numPasses 3
  6. Start the Sync Pipe using the realtime-sync start command.
    $ bin/realtime-sync start \
      --pipe-name "Ping Identity Proxy 1 to Ping Identity Proxy 2"
  7. Monitor PingDataSync using the status commands and logs.