Note: The Password Sync
Agent cannot be pointed at multiple domain clusters.
- On the domain controller, double-click the setup.exe file to start the installation.
- Select a folder for the PSA binaries, local database, and log files.
-
Enter the host names (or IP addresses) and SSL ports of the PingDataSyncs, such as
sync.host.com:636. Do not add any prefixes to the host names. -
Enter the Directory Manager
distinguished name (DN) and password. This creates an ADSync user on PingDataSync.distinguished name (DN) DN A name uniquely identifying an object within the hierarchy of a directory tree. - Enter a password (secret key) for the ADSync user that will be used by the PSA when connecting to the PingDataSync instances.
- Click Next to begin the installation. All of the specified PingDataSync servers are contacted, and any failures will roll back the installation. If everything succeeds, a message displays indicating that a restart is required. The PSA will start when the computer restarts, and the LSA process is loaded into memory. The LSA process cannot be restarted at runtime.
-
If synchronizing pre-encoded passwords from
Active Directory (AD) to a Ping Identity system, allow pre-encoded passwords in the default password policy.Active Directory (AD) AD A directory service for Windows domain networks, included in most Windows Server operation systems. $ bin/dsconfig set-password-policy-prop \ --policy-name "Default Password Policy" \ --set allow-pre-encoded-passwords:true