1. Configure PingFederate with a PingID RADIUS PCV, and leave the Delegate PCV section empty.
  2. In the Juniper admin portal, create and configure the PingID RADIUS configuration.
  3. Go to Authentication > Authentication Servers.
    A screen capture of the Authentication Servers window in the Juniper UI.
  4. From the New drop-down list, select LDAP Server, and then click New Server.
  5. In the Settings tab, complete the following fields:
    1. In the Name field, enter a name for the server.
    2. In the LDAP Server field, enter the IP address or hostname of the LDAP server.
    3. In the LDAP Port field, keep the default value of 389, or change it according to the LDAP configuration.
    4. From the LDAP Server Type list, select Active Directory.
    5. From the Connection options, keep the default value of Unencrypted, or change it to match the LDAP configuration.
    6. In the Connection Timeout field, enter 30.
    7. In the Search Timeout field, enter 90.
    8. Leave all other fields empty.
    A screen capture of the New Authentication Server window in the Juniper UI.
  6. To confirm that the connection is valid before continuing, click Test Connection.
  7. In the Authentication Required? section, complete the following fields:
    1. Select the Authentication Required to Search LDAP check box.
    2. In the Admin DN field, enter the admin DN.

      For example, CN=Administrator, CN=Users, DC=Accells, DC=Lab.

    3. In the Password field, enter the admin password.
    A screen capture of the Authentication Required? section in the Juniper UI. The Authentication required to search LDAP check box is selected. The Admin DN field shows the example DN: CN=Administrator, CN=Users, DC=Accells, DC=Lab. The Password field shows an obfuscated password example.
  8. In the Finding User Entries section, complete the following fields:
    1. In the Base DN field, enter the Base DN.

      For example, CN=Users, DC=Accells, DC=Lab.

    2. In the Filter field, enter samaccountname=<USER>.
    A screen capture of the Finding User Entries section in the Juniper UI. The Base DN field shows the example DN: CN=Users, DC=Accells, DC=Lab. The Filter field has an asterisk next to it and shows the value samaccountname=<USER>.
  9. In the Determining Group Membership section, complete the following fields:
    1. In the Base DN field, enter the Base DN.

      For example, CN=Users, DC=Accells, DC=Lab.

    2. In the Filter field, enter CN=<GROUPNAME>
    3. In the Member Attribute field, enter member.