Connecting PingFederate Bridge to a directory server - PingOne for Enterprise - PingFederate

Connecting PingFederate Bridge to a directory server - PingOne for Enterprise - PingFederate - 10.1

PingFederate Server

bundle

pingfederate-101

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.1

category

Product

pf-101

pingfederate

ContentType_ce

PingFederate can use a directory server for PingOne SSO and PingID VPN integration.

To connect to a directory, select Yes, Connect a Directory Server on the Identities window of the setup wizard. Provide the required information, and then click Next.

For information about each field, refer to the following table.

Field	Description
Directory Type	Select the directory server type from the list. For a list of supported directory servers, see System requirements.
Data Store Name	Enter the datastore name.
Hostname	Enter the directory server location. It can be the IP address, the host name, or the fully qualified domain name of the directory server. The entry may include a port number.
Service Account DN	Enter the distinguished name (DN) of the service account that PingFederate can use to communicate with the directory server.
Password	Enter the service account password.
Search Base	Enter the DN of the location in the directory where PingFederate begins its datastore queries.
Search Filter	Enter the LDAP query to locate a user record for attribute lookup and potentially credential validation. Depending on the selected directory type, the default value is either `sAMAccountName=${username}` or `uid=${username}`. If you require a more advanced search filter, ensure the value is a valid LDAP filter. For more information, consult your directory administrators.

When you click Next, PingFederate tries to establish a secure LDAPS connection to the directory server.

If the directory server does not support LDAPS, the Unsecure Connection window appears. To continue without a secure connection, click Next. Alternatively, you have the option to go back to the Identities tab and enter a different directory server.

If PingFederate does not trust the certificate from the directory server, the Certificate Error window appears. Import the directory server certificate and then click Next. Alternatively, you have the option to go back to the Identities tab and enter a different directory server.

To connect to a directory later, select No, Don't Connect a Directory Server, and then click Next.

Tip:
This setup scenario is suitable for proof of concept. This scenario creates local test accounts as a result.