Migrating to the integrated LDAP Username PCV - PingFederate - 10.3

PingFederate Server

bundle
pingfederate-103
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 10.3
category
Product
pf-103
pingfederate
ContentType_ce

As of PingFederate 7.3, the integrated LDAP Username Password Credential Validator (PCV) can return additional attribute values upon successful validation.

If you have previously deployed the LDAPExtendedAttributesPCV-<version>.jar file from the PingID integration kit and created an instance of the LDAP PCV with Extended Attributes, migrate to the integrated LDAP Username PCV.

  1. Create an instance of the integrated LDAP Username PCV.
    1. On the System > Data & Credential Stores > Password Credential Validators window, click Create New Instance.
    2. On the Type tab, enter the required information and select LDAP Username Password Credential Validator from the list.
    3. On the Instance Configuration tab, select an LDAP datastore from the list, enter a search base and a search filter, and select the scope of the search.
      Tip:

      You can reuse the information from the existing LDAP PCV with Extended Attributes instance.

    4. On the Extended Contract tab, enter memberOf under Extend the Contract and click Add.
    5. On the Summary tab, review the setup and click Done.
    6. On the Manage Credential Validator Instances window, click Save.
  2. In the configuration where the LDAP PCV with Extended Attributes instance is used, replace it with the newly created LDAP Username Password Credential Validator instance.

    For example, if you have created an instance of the PingID PCV (with integrated RADIUS server) instance and have selected an instance of the LDAP PCV with Extended Attributes as one of the delegate PCVs, remove the selection and add the newly created LDAP Username Password Credential Validator instance to the list.

  3. After replacing the LDAP PCV with Extended Attributes instance, delete it from the Password Credential Validators window.
  4. Remove the <pf_install>/pingfederate/server/default/deploy/LDAPExtendedAttributesPCV-<version>.jar file on all PingFederate servers.
  5. Restart PingFederate on all PingFederate servers.