PingDS Deep Dive
(DS-440)
Ping Identity is starting to rebrand all products and courses under the Ping Identity brand. The content will remain the same and our curriculum developers will continue to prioritize courses that need development.
Description
This course takes students from a high-level understanding of how the PingDS (DS), formerly known as ForgeRock® Directory Services, works to a fully functional directory deployment, where they learn how to implement the many features of DS. It provides students with the knowledge and concepts necessary to successfully manage their own deployment. It is accepted that this course is not able to demonstrate all the features and capabilities of DS. Further information and guidance can be found in the documentation and knowledge base in the online repositories at: Backstage https://backstage.forgerock.com.
Note: Revision A of this course is based on version 7.2 of DS.
Target Audiences
The target audiences for this course include:
- PingDS Administrators
- PingAM (AM) Administrators, formerly known as ForgeRock® Access Management
- PingIDM (IDM) Administrators, formerly known as ForgeRock® Identity Management
- System Integrators
- System Consultants
- System Architects
- System Developers
Objectives
Upon completion of this course, you should be able to:
- Provide a technical introduction to the infrastructure, concepts, features, and components of DS.
- Create and manage data stores, measure performance, and troubleshoot directory servers
- Understand how to deploy directory servers, and directory proxy servers, manage replication, upgrade DS servers, and configure the DS password synchronization plugin
Prerequisites
The following are the prerequisites for successfully completing this course:
- Knowledge of UNIX/Linux commands.
- A basic understanding of how directory servers function.
- A basic understanding of REST and HTTP.
- A basic knowledge of Java based environments would be beneficial, but no programming experience is required.
- Completion of the Ping Identity Essentials courses for DS, AM, and IDM available at: https://backstage.forgerock.com/university/forgerock/on-demand/category/ON_DEMAND_CLOUD_LEARNING
Duration
5 days
Course Contents
Chapter 1: Accessing Directory Services
A technical introduction to the infrastructure, concepts, features, and components of DS.
Lesson 1: Introducing PingDS
Explore DS components and understand the LDAP data model:
- Describe PingDS
Lesson 2: Interacting With Directory Servers
Access directory servers and perform operations over LDAP and HTTP:
- Send LDAP requests
- Prepare the lab environment
- Perform LDAP operations
- Introduce REST to LDAP
- Explore the API configuration
- Configure REST access
- Explain common REST operations
- Use the REST API to manage directory data
Chapter 2: Maintaining Directory Servers
Create and manage data stores, measure performance, and troubleshoot directory servers.
Lesson 1: Managing the Configuration
Locate the DS configuration data and use directory server tools to manage configuration data:
- Explore configuration data
- Prepare the lab environment
- Explore the configuration and manage the server state
- Manage data stores
- Configure backends
- Manage indexes
- Configure indexes
Lesson 2: Populating Data Stores
Customise directory server schema to add custom attributes, and then import entries to populate a data store:
- Extend the schema
- Implement custom schema
- Import entries
- Populate a backend data store
- Manage virtual attributes
- Configure virtual attributes
Lesson 3: Protecting DS Data
Understand DS security features, implement access control, manage password policies, and delegate administration:
- Describe security features
- Replace server certificates
- Describe access control
- Configure access control
- Delegate administration
- Configure delegated administration
- Explore password policies
- Configure password policies
Lesson 4: Backing Up and Restoring Data
Back up and restore directory server data:
- Explain how to back up and restore data
- Back up and restore data
Lesson 5: Measuring Performance
Understand performance requirements and settings that may be tuned to improve directory server performance:
- Explain settings that affect performance
- Tune the JE DB cache and generate performance tests
Lesson 6: Troubleshooting
Configure log files, collect troubleshooting data for Ping Identity Support, and monitor a DS deployment with Prometheus and Grafana:
- Explore log files
- Manage log files
- Explain how to collect data for support
- Collect data for support
- Monitor a DS deployment
- Observe monitoring metrics
Chapter 3: Deploying Directory Services
Understand how to deploy directory servers, and directory proxy servers, manage replication, upgrade DS servers, and configure the DS password synchronization plugin.
Lesson 1: Installing Directory Servers
Install directory servers for custom and Ping Identity Platform (Identity Platform), formerly known as ForgeRock® Identity Platform, product deployments:
- Prepare for a directory server installation
- Prepare the lab environment
- Install a directory server
- Prepare directory servers for Identity Platform installations
- Prepare directory servers for AM
- Set up a directory server as an IDM repository
- (Optional) Synchronize passwords with IDM
- (Optional) Synchronize DS passwords with IDM
Lesson 2: Replicating Data
Implement high availability for directory servers and maintain, monitor, and restore a replicated directory server topology:
- Plan for replication
- Install a replicated topology
- Monitor and maintain a replicated topology
- Monitor replication
Lesson 3: Upgrading DS Servers
Prepare for and perform an upgrade of directory servers in a DS 6.5.5 replicated topology to version DS 7.2:
- Describe upgrade options
- Upgrade DS 6 servers to DS 7
Lesson 4: Installing Directory Proxy
Understand the role of directory proxy (DP) servers and install DP servers to provide a single point of entry to directory servers:
- Introduce DP servers
- Install DP servers
- Provide a single point of access to replicas