3/22/2023 0 Comments Ldap address book server![]() Set up GCDS to only read members from the group. Group-Create a new group in the LDAP directory and add your Google users as members of the group.Set up GCDS to only sync users from the organizational unit. Organizational unit-In your LDAP directory, set up an organizational unit and move your Google users into it.Then, after your sync is set up and running correctly, you can mark active Google users with a different name, such as GoogleActiveUsers. Descriptive name-In your LDAP directory, mark the users that you plan to sync with a descriptive name, such as GoogleUsers.To simplify your LDAP queries, you should mark all your Google users in the LDAP directory before you set up a synchronization. Step 5: Mark Google users in the LDAP directory (Optional) Set naming conventions-Identify any email naming conventions that you want to use.For details, see How will you synchronize passwords? Populate the attribute with a password setting. (Optional) Populate a password attribute-If you’re using a password field in GCDS, create a custom attribute in your LDAP directory for your Google domain users.Consider name and password guidelines-Ensure that your directory doesn't contain unsupported characters.User-managed groups aren't affected by synchronization. You can also set the Google domain to allow users to create and manage their own groups. Locate mail-enabled groups-Identify mail-enabled groups that operate as mailing lists, not security groups, to sync with the Google domain.Identify users-Get a list of your organization's current users and identify the ones that you want to sync with the Google domain.Each group must have a unique email address defined on the group object to sync correctly. Security groups-Identify security groups that you might want to sync.Examine some sample users and other resources to identify the important LDAP attributes. Look through your LDAP directory structure using an LDAP browser. LDAP structure information-Identify the LDAP attributes that have important information, such as groups that contain users and other resources that you want to sync.You can specify a separate base DN for each sync rule. Note: You can use multiple base DNs in a configuration. Because GCDS searches for users and groups from the base DN, specify a base DN on a level that includes the users and groups that you want to sync. LDAP base distinguished name (DN)-GCDS uses the base DN as the top level for all LDAP queries.Use an LDAP browser to collect the following information about your LDAP server and structure: This is because global catalog data differs from the main domain partition data. Note: Test this thoroughly using a simulation before doing a full sync. If you have multiple Microsoft Active Directory domains, syncing from a global catalog (using port 3268 or 3269) might help with your synchronization.Consolidating your LDAP server data into a single directory.If you have multiple LDAP directories, consider: GCDS can only get data from a single LDAP directory. Confirmation that your LDAP server directory meets all server requirements.If you want to limit the users and groups to synchronize, you can set up an LDAP administrator with limited permissions on your directory server. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |