Use a gateway connection to set up provisioning to or from an Active Directory or PingDirectory user store through a new or existing gateway configuration.
Ensure that you have:
- An existing gateway that is enabled and has a healthy connection. FLearn more in Gateways. For provisioning through an LDAP gateway,
PingOne supports only
Active Directory or PingDirectory user stores.
Note:
For LDAP gateways, you can configure inbound or outbound provisioning. RADIUS gateways do not support provisioning.
- A gateway that is not configured for just-in-time (JIT) provisioning. You cannot enable, the Enable migration of new users upon first authentication option if you want to use the gateway for outbound or inbound sync. Learn more in Adding a user type.
- For inbound provisioning, ensure that the LDAP Gateway is version 2.3.3 or later. Previous versions of the LDAP Gateway do not support inbound provisioning.
- A gateway that makes outbound websocket connections to specific websocket endpoints. Learn more in Before you begin configuring an LDAP Gateway.
- A gateway that is able to establish an outbound connection to auth.pingone.com (or .au or .asia, or. eu, depending on region ) and api.pingone.com.
- Established secure websocket connections on those relevant endpoints.
Creating an outbound rule for a connection through an LDAP gateway
Creating an inbound rule for a connection through an LDAP gateway