After the PingDirectoryProxy server has been installed, it can be automatically configured using the create-initial-proxy-config tool.
The create-initial-proxy-config tool can only be used once for this initial configuration, after which you must use dsconfig to make any changes to your proxy server configuration.
Configuring the PingDirectoryProxy server with the create-initial-proxy-config tool involves the following steps:
- Providing PingDirectoryProxy server base distinguished name (DN) and password.
- Defining locations for each of our data centers, east and west.
- Configuring the LDAP external server in the east location.
- Configuring the LDAP external servers in the west location.
- Applying the changes to the PingDirectoryProxy server.
After completing setup, run the create-initial-proxy-config
Provide the bind DN and password that the PingDirectoryProxy server will use to authenticate to the backend
PingDirectory server instances.
The create-initial-proxy-config tool requires that the same bind DN and password be used to authenticate to all of the backend servers. All PingDirectoryProxy server instances have identical proxy user accounts and passwords. If necessary, the proxy user account password can be defined differently for each external server using dsconfig after the create-initial-proxy-config tool has been executed.
Specify the type of external server communication security that will be used to
communicate with the PingDirectory server
For this example, enter the option for
Specify the base DNs of the PingDirectory server
instances that the PingDirectoryProxy server will
For this example, use
Enter any other base DNs of the PingDirectory server
instances that will be accessed through the proxy server.
Because you are only using one proxy base DN, press Enter to finish.