If you have previously deployed the LDAPExtendedAttributesPCV-<version>.jar file from the PingID integration kit and created an instance of the LDAP PCV with Extended Attributes, migrate to the integrated LDAP Username PCV.

  1. Create an instance of the integrated LDAP Username PCV.
    1. On the System > Data & Credential Stores > Password Credential Validators window, click Create New Instance.
    2. On the Type tab, enter the required information and select LDAP Username Password Credential Validator from the list.
    3. On the Instance Configuration tab, select an LDAP datastore from the list, enter a search base and a search filter, and select the scope of the search.
      Tip:

      You can reuse the information from the existing LDAP PCV with Extended Attributes instance.

    4. On the Extended Contract tab, enter memberOf under Extend the Contract and click Add.
    5. On the Summary tab, review the setup and click Done.
    6. On the Manage Credential Validator Instances window, click Save.
  2. In the configuration where the LDAP PCV with Extended Attributes instance is used, replace it with the newly created LDAP Username Password Credential Validator instance.

    For example, if you have created an instance of the PingID PCV (with integrated RADIUS server) instance and have selected an instance of the LDAP PCV with Extended Attributes as one of the delegate PCVs, remove the selection and add the newly created LDAP Username Password Credential Validator instance to the list.

  3. After replacing the LDAP PCV with Extended Attributes instance, delete it from the Password Credential Validators window.
  4. Remove the <pf_install>/pingfederate/server/default/deploy/LDAPExtendedAttributesPCV-<version>.jar file on all PingFederate servers.
  5. Restart PingFederate on all PingFederate servers.