ForgeRock Directory Services Core Concepts

  • Tuition USD $3,950
  • Reviews star_rate star_rate star_rate star_rate star_half 839 Ratings
  • Course Code DS-400
  • Duration 5 days
  • Available Formats Classroom, Virtual

The ForgeRock® Directory Services Core Concepts course is for students who want to learn how to implement ForgeRock® Directory Services (DS) in a ForgeRock Identity Platform™ (Platform) deployment and as a standalone service. Current platform best practices are used to deploy and maintain DS. Using lab exercises in this course, students gain hands-on experience with the important features and capabilities of DS, which they can use to deploy DS on the job.

  • Note that Revision A.2 of this course is built on version 6.5.1 of DS.

Skills Gained

Upon completion of this course, you should be able to:

  • Understand how DS is used in a Platform deployment
  • Install DS as a standalone service or as an external data store for the Platform
  • Use setup profiles to configure DS during installation
  • Manage backend data stores
  • Monitor and tune DS for different deployment types using HTTP and LDAP
  • Implement access control and privileges
  • Configure delegated administration
  • Back up and restore backends
  • Import and export data
  • Manage custom attributes
  • Manage log publishers
  • Replace self-signed replication certificates
  • Plan for a migration from Oracle Directory Server Enterprise Edition to DS
  • Manage entries using the CLI and REST
  • Implement high availability using replication
  • Monitor health status
  • Monitor and troubleshoot replication
  • Manage DS in a ForgeRock® Identity Management (IDM) deployment
  • Manage DS in a ForgeRock® Access Management (AM) deployment
  • Deploy a distributed topology
  • Configure data confidentiality
  • Install and configure directory proxy servers
  • Configure Prometheus and Grafana to monitor DS instances

Who Can Benefit

The following are the target audiences for this course:

  • System Integrators
  • System Consultants
  • System Architects
  • System Administrators
  • Web Developers


The following are the prerequisites to successfully completing this course:

  • Basic knowledge and skills using the Linux operating system to complete labs
  • Basic knowledge of LDAP, JSON, REST, Java

Course Details

Course Contents

Chapter 1: Introducing ForgeRock Directory Services (DS)

Lesson 1: Understanding how DS is used in the Platform

  • Describe how the Platform uses DS
  • Describe deployment options

Lesson 2: Installing DS

  • Describe request processing
  • Understand where data is stored
  • Understand the installation process

Lesson 3: Managing data stores

  • Manage the configuration
  • Manage data stores
  • Manage entries

Lesson 4: Protecting entries

  • Understand how access control is applied
  • Display privileges

Lesson 5: Locating default log files

  • Describe log publishers
  • Describe default log files

Lesson 6: Understanding DS monitoring capabilities

  • Describe DS monitoring
  • Describe HTTP monitoring
  • Describe LDAP monitoring
  • Describe SMTP monitoring
  • Describe JMX monitoring
  • Monitor health status

Chapter 2: Maintaining DS in an AM Deployment

Lesson 1: Preparing DS as an external configuration and identity store for AM

  • Describe how DS is used in a default AM Deployment
  • Configure DS instances as external configuration and identity stores for AM

Lesson 2: Preparing DS as an external CTS token store for AM

  • Describe CTS deployment options
  • Configure DS as an external CTS token store for AM

Lesson 3: Performing essential administration tasks

  • Back up and restore an AM data store
  • Configure a highly available CTS
  • Enable secure communication between AM and DS

Lesson 4: Monitoring and tuning DS in an AM deployment

  • Monitor replication and disk space
  • Reduce replication traffic
  • Tune LDAP connection pools and AM caches

Lesson 5: Troubleshooting DS in an AM deployment

  • Enable platform transaction ID propagation
  • Configure log filtering

Chapter 3: Deploying DS as a User Store

Lesson 1: Populating backends

  • Populate a backend

Lesson 2: Managing custom attributes

  • Add custom schema
  • Configure virtual attributes

Lesson 3: Delegating administration

  • Assign administrators to groups
  • Assign access control to subscriber entries
  • Grant privileges to administrators

Lesson 4: Managing authentication policies

  • Configure authentication policies

Lesson 5: Using REST to manage entries

  • Describe REST
  • Configure the embedded REST API
  • Configure the REST to LDAP gateway
  • Perform RESTful operations

Lesson 6: Implementing high availability and scalability through replication

  • Deploy a replication topology
  • Manage a replication topology
  • Replace self-signed replication certificates

Lesson 7: Monitoring and tuning a user store

  • Configure SNMP monitoring
  • Monitor indexes
  • Measure throughput and response times
  • Understand areas that affect performance

Lesson 8: Troubleshooting replication

  • Identify replication issues
  • Backup and restore a replicated topology

Lesson 9: Planning for a migration from Oracle DSEE to DS

  • Prepare for a migration from Oracle DSEE to DS

Chapter 4: Maintaining DS in an IDM Deployment

Lesson 1: Using DS as an IDM repository

  • Explore the default DS repository in IDM
  • Configure DS as an external IDM repository

Lesson 2: Provisioning subscribers to DS

  • Describe how IDM synchronizes data
  • Provision subscribers to DS

Lesson 3: Synchronizing passwords between DS and IDM

  • Enable mutual authentication
  • Install DS password synchronization plugin

Lesson 4: Monitoring and troubleshooting DS in an IDM deployment

  • Monitor DS and IDM logs
  • Troubleshoot password synchronization

Chapter 5: Creating a Distributed Topology

Lesson 1: Exploring DS scalability options

  • Describe scaling options
  • Protect user privacy

Lesson 2: Configuring a distributed topology

  • Configure regional data stores
  • Upgrade a distributed topology

Lesson 3: Monitoring and tuning a distributed topology

  • Monitor a distributed topology
  • Tune DS for multiple backends

How do I enroll?

A comprehensive listing of ExitCertified courses can be found here. You can register directly for the required course/location when you select "register". If you have any questions or prefer to speak with an ExitCertified education consultant directly, please submit your query here. A representative will contact you shortly.

How do I pay for a class?

You can pay at the time of registration using credit card (Mastercard/Visa/American Express) cheque or PO.

What if I have training credits?

ExitCertified honors all savings programs from the partners we work with. ExitCertified also offers training credits across multiple partners through our FLEX Account.

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

The Labs shown with in the exit certified portal allowed the student to put their new knowledge into action. There was seemless movement between the virtual classroom to this lab space. Thank you to the architects and developers who made this reality.

Content and Instructor were great. Just need more time during the day for labs.

Classromm confortable and enviroment. Instructir knowlegeable of course matarial but need to align to students working in the Canadian Federal Govt. ve US Federal govt.

This training organization helped me learn almost everything about DB2 in a short amount of time. I appreciate the effort and generosity of sharing your knowledge and expertise with me and my colleagues.

I am very satisfied with the course and teacher(Bill), and with the given option I will play with labs more after the class is over. Thank you

4 options available

  • GTR Oct 19, 2020 Oct 23, 2020 (5 days)
    9:00AM 5:00PM EDT
  • Nov 16, 2020 Nov 20, 2020 (5 days)
    10:00 AM 6:00 PM EDT
  • Nov 16, 2020 Nov 20, 2020 (5 days)
    Tampa, FL
    10:00 AM 6:00 PM EDT
  • Dec 14, 2020 Dec 18, 2020 (5 days)
    9:00AM 5:00PM PST
Contact Us 1-800-803-3948
Contact Us Live Chat
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward