Learn how to install and deploy PingIDM (IDM) in an on-prem or self-managed cloud environment to manage the lifecycle and relationship of digital identities. Topics include how to model identity objects in IDM, create connector configurations and synchronization mappings to manage the flow identity objects and properties with various external identity resources, manage workflows, and deploy IDM within a cluster. This course explores the identity management-related features in depth, how they work, and the configuration options available during implementation.

Note: Revision A of this course is based on version 8.0 of IDM.

Target Audiences

The target audiences for this course include:

• System Administrators
• System Integrators
• System Consultants
• System Architects
• System Developers

Objectives

Upon completion of this course, you should be able to:

• Provide an overview of the lab environment, model objects and identities, and set up the end-user UI with IDM
• Create and configure connections between external resources and IDM
• Synchronize identity data across multiple external resources, in real-time or by scheduling reconciliation events, and consolidate multiple identity data stores into one centralized identity store
• Install and deploy IDM in an on-prem or cloud provider Linux environment

Prerequisites

The following are the prerequisites for successfully completing this course:

• Completion of the PingIDM Essentials course available at: https://backstage.pingidentity.com/university/on-demand/course/TGVhcm5pbmdQYXRoOjM%3D/module/Q291cnNlOjE1NzI0/chapter/Q29udGVudDoxMzAw/play/Q29udGVudDoxMzAx
• Basic knowledge and skills using the Linux operating system will be required to complete the labs.
• Basic knowledge of JSON, JavaScript, REST, Java, Groovy, SQL and LDAP would be helpful for understanding the examples; however, programming experience is not required.

Duration

3 days

Course Contents

Chapter 1: Building and configuring the prerequisites

Provide an overview of the lab environment, model objects and identities, and set up the end-user UI with IDM

Lesson 1: Setting Up the Lab

Provide an overview of how to set up the lab environment:

• Install IDM
• Explore the auxiliary software

Lesson 2: Modeling Objects and Identities

Describe how to model objects and identities via REST:

• Introduce the Postman collection
• Run the Postman collection

Lesson 3: Setting Up the End-User UI

Describe how to configure the end-user UI:

• Install and configure the end-user UI
• Retrieve, compile and deploy the end-user UI
• Access the end-user UI

Chapter 2: Managing Connectors

Create and configure connections between external resources and IDM.

Lesson 1: Configuring Connectors With the IDM Admin UI

Create a connector configuration to connect to an external resource using the IDM admin UI:

• Connect external resources to IDM
• Create a connector configuration using the IDM admin UI
• Add a connector configuration for an external LDAP resource
• Add a CSV connector configuration
• Add a connector configuration to import device identities

Lesson 2: Configuring Connectors Over REST

Create a connector configuration in IDM over the REST interface:

• Create a connector configuration over REST
• Describe the core connector configuration settings
• Describe the object types and property mappings
• Use the scripted SQL connector
• Create a scripted SQL connector configuration

Chapter 3: Managing Synchronization and Reconciliation

Synchronize identity data across multiple external resources, in real-time or by scheduling reconciliation events, and consolidate multiple identity data stores into one centralized identity store.

Lesson 1: Performing Basic Synchronization

Describe how to use the IDM admin UI to create sync mappings to reconcile identities between IDM and an external resource:

• Create mappings to synchronize identity objects and properties
• Create a sync mapping from IDM to an external resource
• Add source and target properties to the sync mapping
• Add a correlation query and a situational event script
• Set the situational behaviors and run reconciliation
• Add a sync mapping from IDM to an LDAP server
• Describe the sync mapping from an LDAP server to IDM
• Add a sync mapping from an LDAP server to IDM
• Create a sync mapping to provision devices to the IDM repository
• Create a sync mapping to provision devices to the IDM repository (optional)

Lesson 2: Running Selective Synchronization and LiveSync

Filter objects that are synchronized and automate synchronization using LiveSync:

• Filter entries
• Run selective synchronization using filters
• Use LiveSync to synchronize changes
• Trigger LiveSync on a connector
• Schedule LiveSync
• Schedule LiveSync with an external resource
• Control synchronization to multiple targets

Lesson 3: Configuring Role-Based Provisioning

Automatically provision users to a set of LDAP groups based on role membership:

• Provision attributes to a target system based on static role assignments
• Enable role-based provisioning
• Query the role assignment properties using the REST interface
• Provision attributes to a target resource based on static role assignments
• Provision attributes to a target system based on dynamic role assignments
• Provision attributes to a target resource based on dynamic role assignments
• Add temporal constraints to a role
• Set temporal constraints on a role

Lesson 4: Configuring a Custom Endpoint

Describe how to configure a custom endpoint:

• Use a custom endpoint
• Create a custom endpoint (optional)

Chapter 4: Installing and Deploying IDM

Install and deploy IDM in an on-prem or cloud provider Linux environment.

Lesson 1: Install an IDM instance

Install a stand-alone IDM instance for development and testing the IDM sample configurations:

• Describe the basic IDM installation requirements
• Install and start IDM
• Install IDM
• Select MariaDB as backend repository
• Describe how to start IDM with a sample configuration
• Start IDM with a sample configuration
• Describe how to configure IDM to run as a background process or service
• Configure IDM to run as a background process

Lesson 2: Monitoring and Troubleshooting

Describe how to set up monitoring and perform basic troubleshooting:

• Describe the monitoring options available for IDM
• Set up monitoring in IDM
• Describe the different IDM log files
• Examine the different log files in IDM (optional)

Lesson 3: Password Management

• Password Policies in IDM
• Password sync from DS into IDM
• Password sync from DS into IDM