Enabling LDAP authentication - PingFederate

Enabling LDAP authentication - PingFederate - 10.0

PingFederate Server

bundle

pingfederate-100

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.0

category

Product

pf-100

pingfederate

ContentType_ce

Page created: 12 Sep 2019 |

Page updated: 19 Mar 2020

| 1 min read

PingFederate 10.0 Product Software Deployment Method Product documentation Content Type Administrator Audience Configuration User task LDAP Standards, specifications, and protocols

You can enable LDAP authentication by using configuration files located in the <pf_install>/pingfederate/bin directory.

When LDAP authentication is configured, PingFederate does not lock out administrative users based upon the number of failed login attempts. Responsibility for preventing access is instead delegated to the LDAP server and enforced according to its password lockout settings.

In the <pf_install>/pingfederate/bin/run.properties file, change the value of the pf.console.authentication property as shown below:
pf.console.authentication=LDAP
In the <pf_install>/pingfederate/bin/ldap.properties file, change property values as needed for your network configuration.
See the comments in the file for instructions and additional information.
Note that the roles configured in the properties file apply to both the administrative console and the administrative API.
Important:
Be sure to assign LDAP users or designated LDAP groups (or both) to at least one of the PingFederate administrative roles as indicated in the properties file.

Tip:
You can also use this configuration file in conjunction with RADIUS authentication to determine permissions dynamically via an LDAP connection.
Start or restart PingFederate.