Use the Manage Domain/Realm Settings screen to change default security and logging settings for all configured Active Directory domains and Kerberos realms.

  1. Optional: Change the default transport protocol, the debug option, the timeout value, and the number of retry attempts, as needed. For more information of each field, refer to the following table:
    Field Description
    Force TCP When selected, requires use of the Transmission Control Protocol instead of the default User Datagram Protocol. Use this option when firewall or network configurations require acknowledgment that packets are properly received.

    If you choose this option, ensure that you restart PingFederate after saving the configuration.

    Debug Log Output When selected, sends verbose messages to the PingFederate server log for all interactions with the domain controllers or the Key Distribution Centers (KDCs).
    AD Domain Controller/Key Distribution Center Timeout (secs) Specifies the amount of time (in seconds) PingFederate waits for a network response from a domain controller or KDC. The default is 3 seconds.

    This value applies to each attempt PingFederate makes to contact the domain controller or KDC.


    The new timeout takes effect only after PingFederate is restarted, after you save the configuration.

    AD Domain Controller/Key Distribution Center Retries Specifies the number of times PingFederate tries contacting the domain controller or KDC. The default is 3 times.