This task explains how to create users in PingFederate for a test setup.
For a production environment, see the guidance in the PingFederate documentation on
other options, including configuring an LDAP connection: LDAP Configuration.
-
Perform and run a full LDAP sync. This can be done by restarting SkyVault.
If a user exists in LDAP and PingFederate, but not in SkyVault, they will not be able to log in to SkyVault when SAML SSO is enabled. See Configuring LDAP (Active Directory) for more information.
- Stop the PingFederate server.
-
Add a section at the end of this file:
root/pingfederate-7.3.0/pingfederate/server/default/deploy/quickstart-app-idp.war/WEB-INF/classes/users.xml,
above the </users> closing tag.
The format expected is as follows for each SkyVault user:
<user> <first-name>Administrator</first-name> <last-name>Administrator</last-name> <email-address>admin@alfresco.com</email-address> <user-id>admin</user-id> <password>admin</password> <attribute name="SSN">123-45-6789</attribute> <attribute name="net worth">$38.26</attribute> <attribute name="salary">18500</attribute> </user>
Ensure you choose a non-trivial password for each user, and that the details match the user in SkyVault.To export user information from SkyVault, use the Repository REST API.
-
Restart the PingFederate server.
The new users are loaded and visible in the menu when you next go to your IdP logon page. You can check the PingFederate server.log for more information.