---
title: Configuring the IdentityNow application for PingDirectory
description: Use the IdentityNow configuration functionality to establish a successful connection to PingDirectory.
component: solution-guides
page_id: solution-guides:single_sign-on_use_cases:htg_config_sailpoint_identityiq_pd_pf_ldaps_identitynow
canonical_url: https://docs.pingidentity.com/solution-guides/single_sign-on_use_cases/htg_config_sailpoint_identityiq_pd_pf_ldaps_identitynow.html
revdate: July 10, 2025
section_ids:
  steps: Steps
  example: Example:
---

# Configuring the IdentityNow application for PingDirectory

Use the IdentityNow configuration functionality to establish a successful connection to PingDirectory.

## Steps

1. Sign in to the IdentityNow Administrator interface.

2. Under the **Admin** tab, go to **Connections → Sources**.

3. Click the **+New** button.

4. In the window that appears, choose **SunOne** from the **Source Type** dropdown list, fill in the remaining fields with your information, and select **Direct Connection** for **Connection Type**. Click **Continue**. ![The Create New Source pop-up window with example values in its fields](_images/eej1590164597957.png)

5. Select a Virtual Appliance Cluster from those already configured for your organization. See the [SailPoint Virtual Appliance Reference Guide](https://community.sailpoint.com/t5/Connectors/Virtual-Appliance-Reference-Guide/ta-p/74641) for more details.

6. Enter the following connection details.

   1. In the **Connection Credentials** section, enter the PingDirectory administrator account information into the **Service Account** and **Password** fields.

   2. In the **Server Host** section, enter the hostname of the PingDirectory server in the **Hostname or IP Address** field.

   3. In the **Server Host** section, enter the PingDirectory configured LDAPS port 636 or 1636 in the **Port** field.

![The Config tab with sections and fields mentioned in step 6](_images/krh1590171864118.png)

1. Ensure the Account, Group and Group Member Search DNs are valid for the configured PingDirectory topology.

   ### Example:

   In the demo environment the following values were used.

   * Account Search DN: `ou=people,dc=example,dc=com`

   * Group Search DN: `ou=Groups,dc=example,dc=com`

   * Group Membership DN: `ou=Groups,dc=example,dc=com`

2. Under the **Connections** tab, enable the **Advanced Options** and select **Enable** in the **Use TLS** section and **Simple** in the **Authorization Type** section. ![The Connections tab with fields marked in accordance with step 8](_images/bnk1590174208878.png)

3. Before making changes to the source configurations via RESTful requests, you must generate an access token. See [IdentityNow REST APIs](https://community.sailpoint.com/t5/IdentityNow-Wiki/IdentityNow-REST-APIs/ta-p/80132) for details on this process.

4. Retrieve the internal **Source ID** of the PingDirectory source defined previously.

   Do this by retrieving the full list of defined sources in IdentityNow, and then searching for the correct one. The first API call is

   ```
   GET https://<api-url>/cc/api/source/list
   ```

   where `<api-url>` is `https://<org_name>.api.identitynow.com`.

   This returns a JSON array, each element of which is a source from IdentityNow. Search this array for the **Source Name** that you chose. It should look similar to the following example.

   ```json
   {
           "id": "50959",
           "version": 5,
           "name": "PingDirectory",
           "description": "PingDirectory source",
           "owner": {
               "id": "1037426",
               "name": "Adam Creaney"
           },
           "lastUpdated": "2020-04-21T20:45:58Z",
   ….
   Rest of response deleted
   ….
   ```

   |   |                                                                                                   |
   | - | ------------------------------------------------------------------------------------------------- |
   |   | The "id" entry is the value to save from this call. In the above example the "id" value is 50959. |

5. Make the following API call (using a RESTful client application is recommended to accomplish this) to retrieve an `.xml` output of the configuration for the newly created source.

   ```
   GET https://<api-url>/cc/api/source/export/<sourceID>
   ```

   where `<sourceID>` is the "id" value from step 10.

   1. Copy this output and paste into a text editor.

   2. Find the section below for the Group schema as shown in the following screenshot. ![Screenshot of the Group schema with relevant changes highlighted](_images/anx1590177904376.png)

   3. Modify the `nativeObjectType` to `"groupOfNames"`, as shown in the above image.

   4. Find the attribute definition for the "member" attribute and add `multi="true"` to this section, as shown in the above image.

   5. Change the 'groupMemberAttribute' entry by adding `value="member"`, as shown in the above image.

   6. Save the file as `ping_directory.xml` (the name doesn't matter). Do not modify any other elements of the `.xml`.

6. Import the changes back into IdentityNow using a tool such as Postman.

   Use the following Postman command to import the changes.

   ```
   POST https://<api-url>/cc/api/source/import/<sourceID>
   ```

   where `<sourceID>` is the "id" value from step 10.

   * The content-type of this request is multipart/form-data. boundary=\<calculated when request is sent>

   * The body of this request should be of type form-data.

   * The only entry key should be "file". For value, select the `.xml` file from earlier.

![POST window showing the .xml file from earlier](_images/ovc1590182441281.png)

1. Send the request. IdentityNow should return a success message.

2. Click the **Test Connection** button to ensure the connection is successful.