PingDS Deep Dive (DS-440)

Ping Identity is starting to rebrand all products and courses under the Ping Identity brand. The content will remain the same and our curriculum developers will continue to prioritize courses that need development.


Description

This course takes students from a high-level understanding of how the PingDS (DS), formerly known as ForgeRock® Directory Services, works to a fully functional directory deployment, where they learn how to implement the many features of DS. It provides students with the knowledge and concepts necessary to successfully manage their own deployment. It is accepted that this course is not able to demonstrate all the features and capabilities of DS. Further information and guidance can be found in the documentation and knowledge base in the online repositories at: Backstage https://backstage.forgerock.com.

Note: Revision A of this course is based on version 7.2 of DS.


Target Audiences

The target audiences for this course include:

  • PingDS Administrators
  • PingAM (AM) Administrators, formerly known as ForgeRock® Access Management
  • PingIDM (IDM) Administrators, formerly known as ForgeRock® Identity Management
  • System Integrators
  • System Consultants
  • System Architects
  • System Developers


Objectives

Upon completion of this course, you should be able to:

  • Provide a technical introduction to the infrastructure, concepts, features, and components of DS.
  • Create and manage data stores, measure performance, and troubleshoot directory servers
  • Understand how to deploy directory servers, and directory proxy servers, manage replication, upgrade DS servers, and configure the DS password synchronization plugin


Prerequisites

The following are the prerequisites for successfully completing this course:


Duration

5 days

Show details


Course Contents

Chapter 1: Accessing Directory Services

A technical introduction to the infrastructure, concepts, features, and components of DS.

Lesson 1: Introducing PingDS

Explore DS components and understand the LDAP data model:

  • Describe PingDS

Lesson 2: Interacting With Directory Servers

Access directory servers and perform operations over LDAP and HTTP:

  • Send LDAP requests
  • Prepare the lab environment
  • Perform LDAP operations
  • Introduce REST to LDAP
  • Explore the API configuration
  • Configure REST access
  • Explain common REST operations
  • Use the REST API to manage directory data


Chapter 2: Maintaining Directory Servers

Create and manage data stores, measure performance, and troubleshoot directory servers.

Lesson 1: Managing the Configuration

Locate the DS configuration data and use directory server tools to manage configuration data:

  • Explore configuration data
  • Prepare the lab environment
  • Explore the configuration and manage the server state
  • Manage data stores
  • Configure backends
  • Manage indexes
  • Configure indexes

Lesson 2: Populating Data Stores

Customise directory server schema to add custom attributes, and then import entries to populate a data store:

  • Extend the schema
  • Implement custom schema
  • Import entries
  • Populate a backend data store
  • Manage virtual attributes
  • Configure virtual attributes

Lesson 3: Protecting DS Data

Understand DS security features, implement access control, manage password policies, and delegate administration:

  • Describe security features
  • Replace server certificates
  • Describe access control
  • Configure access control
  • Delegate administration
  • Configure delegated administration
  • Explore password policies
  • Configure password policies

Lesson 4: Backing Up and Restoring Data

Back up and restore directory server data:

  • Explain how to back up and restore data
  • Back up and restore data

Lesson 5: Measuring Performance

Understand performance requirements and settings that may be tuned to improve directory server performance:

  • Explain settings that affect performance
  • Tune the JE DB cache and generate performance tests

Lesson 6: Troubleshooting

Configure log files, collect troubleshooting data for Ping Identity Support, and monitor a DS deployment with Prometheus and Grafana:

  • Explore log files
  • Manage log files
  • Explain how to collect data for support
  • Collect data for support
  • Monitor a DS deployment
  • Observe monitoring metrics


Chapter 3: Deploying Directory Services

Understand how to deploy directory servers, and directory proxy servers, manage replication, upgrade DS servers, and configure the DS password synchronization plugin.

Lesson 1: Installing Directory Servers

Install directory servers for custom and Ping Identity Platform (Identity Platform), formerly known as ForgeRock® Identity Platform, product deployments:

  • Prepare for a directory server installation
  • Prepare the lab environment
  • Install a directory server
  • Prepare directory servers for Identity Platform installations
  • Prepare directory servers for AM
  • Set up a directory server as an IDM repository
  • (Optional) Synchronize passwords with IDM
  • (Optional) Synchronize DS passwords with IDM

Lesson 2: Replicating Data

Implement high availability for directory servers and maintain, monitor, and restore a replicated directory server topology:

  • Plan for replication
  • Install a replicated topology
  • Monitor and maintain a replicated topology
  • Monitor replication

Lesson 3: Upgrading DS Servers

Prepare for and perform an upgrade of directory servers in a DS 6.5.5 replicated topology to version DS 7.2:

  • Describe upgrade options
  • Upgrade DS 6 servers to DS 7

Lesson 4: Installing Directory Proxy

Understand the role of directory proxy (DP) servers and install DP servers to provide a single point of entry to directory servers:

  • Introduce DP servers
  • Install DP servers
  • Provide a single point of access to replicas