- Request a license key via the Ping Identity licensing website.
-
Ensure you are logged on to your system with appropriate privileges to install
and run an application.
Note:
You must install and run PingFederate under a local user account.
- Verify that the Java runtime is installed and the required environment variables are set correctly (see Installing Java).
- Download and extract the distribution ZIP file into an installation directory (<pf_install>).
-
Create a new local user account for the PingFederate service; for example,
pingfederate
.The service account is referred to as <pf_user>.
-
Change the ownership of the PingFederate installation directory
(<pf_install>) and update the
read and write permissions using the following commands:
chown -R <pf_user> <pf_install> chmod -R 775 <pf_install>
-
If the operating system supports systemd, follow these steps to install the
PingFederate unit file.
-
Edit the pingfederate.service systemd unit file, located
in the
<pf_install>/pingfederate/sbin/linux
directory.
Replace the following variables with information from your environment:
- ${PF_VERSION}
- The version of PingFederate.
- ${PF_USER}
- The local user account for the PingFederate service.
- ${PF_HOME}
- The <pf_install>/pingfederate directory.
- For example, if <pf_install> is /opt/identity.fed, replace ${PF_HOME} with /opt/identity.fed/pingfederate.
- ${PF_JAVA_HOME}
- The JAVA_HOME environment variable value (a directory).
-
Copy the pingfederate.service file to the systemd
unit files directory; for example,
/etc/systemd/system.
The exact location may vary, depending on the operating system. Consult your system administrators, as needed. The rest of the step assumes /etc/systemd/system is the systemd unit files directory.
-
Use the following command to update the read and write permissions of
the pingfederate.service systemd unit file:
chmod 664 /etc/systemd/system/pingfederate.service
-
Use the following commands to load the new system configuration changes
and start the PingFederate service:
systemctl daemon-reload ;\ systemctl start pingfederate
-
Use the following commands to configure the PingFederate service to
start automatically as the server boots.
systemctl enable pingfederate ;\ systemctl daemon-reload ;\ systemctl restart pingfederate
After setting up the PingFederate systemd unit file, you can use the systemctl command to manage the PingFederate service.
- Sample systemctl commands
-
systemctl start pingfederate systemctl stop pingfederate systemctl restart pingfederate systemctl status pingfederate
-
Edit the pingfederate.service systemd unit file, located
in the
<pf_install>/pingfederate/sbin/linux
directory.
-
If the operating system supports SysV initialization, follow these steps to
install the PingFederate script.
-
Edit the pingfederate script, located in the
<pf_install>/pingfederate/sbin/linux
directory.
Replace the following statements with information from your environment:
- PF_HOME=$PF_HOME
- Replace $PF_HOME with the <pf_install>/pingfederate directory.
- For example, if <pf_install> is /opt/identity.fed, replace $PF_HOME with /opt/identity.fed/pingfederate.
- USER="pingfederate"
- If the PingFederate service account is not
pingfederate
, replace pingfederate with the local user account for the PingFederate service. - For example, if <pf_user> is
pingfed
, replace pingfederate withpingfed
.
- Example (truncated)
- If <pf_install> and
<pf_user> are
/opt/identity.fed and
pingfederate
, respectively, the required modifications are as follows:... PF_HOME=/opt/identity.fed/pingfederate DIR="$PF_HOME/sbin" USER="pingfederate" ...
-
Copy the pingfederate script to the SysV
initialization directory; for example,
/etc/rc.d/init.d.
The exact location may vary, depending on the operating system. Consult your system administrators, as needed. The rest of the step assumes /etc/rc.d/init.d is the SysV initialization directory.
-
Use the following command to update the read and write permissions of
the pingfederate SysV initialization script:
chmod 755 /etc/rc.d/init.d/pingfederate
-
Configure the operating system to start the PingFederate service at
various runlevels.
On an RHEL server, you may use the Service Configuration utility to do so.
Alternatively, you can create symbolic links of the pingfederate script in the initialization directories associated with various runlevels manually using the
ln -s source target
command.For example, you may create the following symbolic links on an RHEL server where runlevels 2 and 4 are not used:ln -s /etc/rc.d/init.d/pingfederate /etc/rc3.d/S84pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc5.d/S84pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc0.d/K15pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc1.d/K15pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc6.d/K15pingfederate
Some operating systems may require a restart of the system to activate the new scripts. Consult your system administrators, as needed.
After setting up the PingFederate SysV initialization script, you can use the Service Configuration utility or the service command to manage the PingFederate service.
- Sample service commands
-
service pingfederate start service pingfederate stop service pingfederate restart service pingfederate status
-
Edit the pingfederate script, located in the
<pf_install>/pingfederate/sbin/linux
directory.
Page created: 12 Sep 2019
|
Page updated: 21 Dec 2021