Configuring PingOne for Enterprise SSO with PingFederate Bridge
About this task
To configure PingOne for Enterprise SSO with PingFederate Bridge as the identity repository:
Steps
-
From the PingFederate Bridge administrative console Identities section, select Yes, Connect a Directory Server.
-
Enter information in the fields that is appropriate for your directory server.
Field Description Directory Type
Select the type of directory server from the list.
Data Store Name
Enter the name of the datastore.
Hostname
Enter the fully qualified domain name (FQDN) for your directory server.
Service Account DN
Enter the distinguished name (DN) of the service account that PingFederate Bridge can use to communicate with the directory server.
Password
Enter the password associated with the service account.
Search Base
Enter the DN of the location in the directory where PingFederate Bridge begins its datastore queries.
Search Filter
Specify how the username provided by a user at sign-on is mapped to an attribute in your directory.
The default value is either
sAMAccountName=${username}
oruid=${username}
, depending on the selected directory type.If you require a more advanced search filter, enter the value in the following format:
<Your attribute Name>=${username}
. For more information, consult your directory administrators. -
Click Next.
If your directory server is SSL-enabled and presents an untrusted certificate, PingFederate Bridge prompts you to upload the server’s certificate. Click Choose Certificate, select the appropriate certificate, and click Next.
-
In the Use Cases section, select the PingOne SSO check box, leaving the Additional SSO Features check box unselected. Click Next.
-
In the Basic Information section, in the Base URL field, enter
https://Your Server Domain:9031
.Your Server Domain is your FQDN.
-
Click Next.
-
In the Confirmation section, review your configuration. To apply the configuration to PingFederate Bridge, click Next.
-
Click Done.
Result
PingOne for Enterprise SSO, using PingFederate Bridge as the identity repository, is enabled for your PingOne for Enterprise applications.