Before you Run the Automation Scripts
1. Start with a clean PingFederate installation. For more information, see Installing PingFederate or Upgrading PingFederate.
* 
While installing PingFederate, ensure that the base URL of PingFederate is set to the fully qualified domain name (FQDN). If the base URL is set to localhost, complete the following steps to replace localhost with the PingFederate FQDN:
a. Log in to the PingFederate console as an administrator.
b. From the main screen of your PingFederate console, select Server Configuration > Server Settings > Federation Info.
c. Update the value for the Base URL field from localhost to your PingFederate FQDN.
The default properties of the automation scripts for key and encryption strength settings require that the Java Virtual Machine (JVM) used for the PingFederate installation has the Java Cryptography Extension (JCE) Unlimited Strength installed.
2. Make sure SAML 2.0 ENTITY ID is defined in PingFederate. Follow the below mentioned steps to define entityID:
a. Navigate to PingFederate administrative console.
b. Search Protocol Settings. Open the search results.
c. If no value is defined for SAML 2.0 ENTITY ID field under the Federation Info tab, enter your entityID in this field. Click Save.
3. Download the automation scripts:
a. Open the PTC software download website.
b. Enter your Customer Name and Customer Number, and click Next. The PTC Software Download page opens.
c. Depending on the product that you are using, do the following:
Product
Step 1: Select the Product Family
Step 2: Choose Release & Download
Step 3: Select Datecode
ThingWorx
ThingWorx Foundation
Release 9.x > PING Federate > Most Recent Datecode
Datecode: L009Automated-PING-Federate-Configuration
ThingWorx Navigate
ThingWorx Foundation
Release 9.x > PING Federate > Most Recent Datecode
Datecode: L009Automated-PING-Federate-Configuration
Windchill ProjectLink
Windchill ProjectLink
Release 11.2 > PING Federate > Show all Other Available Datecodes
Datecode: L0098Automated-PING-Federate-Configuration
Windchill PDMLink
Windchill PDMLink
Release 11.2 > PING Federate > Show all Other Available Datecodes
Datecode: L008Automated-PING-Federate-Configuration
Windchill MPMLink
Windchill MPMLink
Release 11.2 > PING Federate > Show all Other Available Datecodes
Datecode: L008Automated-PING-Federate-Configuration
Vuforia Studio
Vuforia Studio
Obtain via ThingWorx Foundation procedure.
Windchill RV&S
Windchill Requirements Validation & Source (Integrity Lifecycle Manager)
Contact technical support.
* 
For Step 2: Choose Release & Download, version numbers and download locations are examples only.
d. Click HTTPS or Download Manager to download the zip file that includes the automation scripts.
e. Save and unzip the zip file to a directory on your machine. Hereafter, this directory is referenced as <PINGFEDERATE_SCRIPT_HOME>.
4. Specify values for all properties in the user.properties file and review the properties in the default.properties file according to your IdP configuration.
5. Place the signing and SSL certificates (PEM format) in the <PINGFEDERATE_SCRIPT_HOME>/input directory. You need to specify the following certificates as a value for the corresponding property in the user.properties file:
The SAML signing certificate (PEM format) file name for ThingWorx in the create_sp_connection_input_sign_verif_cert property. For more information, see Configuring the SSL Certificate for Application Layer Encryption and Signing.
The SSL certificate (PEM format) file name for PingFederate in the global_pingFed_admin_certificate property. For more information, see Configuring the SSL Certificate for PingFederate.
* 
Specifying the PingFederate Admin SSL certificate file name in the global_pingFed_admin_certificate property is recommended because using a certificate enables secure SSL communication between PingFederate and the scripts. If you use a PingFederate Admin SSL certificate signed by a root certificate authority (CA) rather than a self-signed certificate, you must place the root CA certificate (PEM format) in the <PINGFEDERATE_SCRIPT_HOME>/input directory and specify the root CA certificate as the value of this property.
If you choose to configure ADFS or Generic SAML 2.0 as your IdP, you must place their respective signing certificates in the <PINGFEDERATE_SCRIPT_HOME>/input directory along with above two certificates. For example, adfs_idp_signing.crt or saml2_idp_signing.crt.
6. If you are using the Linux OS, run the following command from the bash shell to grant the execute permission for all scripts in the <PINGFEDERATE_SCRIPT_HOME> directory:
find . -type f -iname "*.sh" -exec chmod +x {} \;
7. If you are using the Windows OS, install Git Bash to run the scripts. You can download the latest Git installer from https://git-scm.com/download.
Was this helpful?