Customers currently using the Connect Application are advised to complete their onboarding setup as soon as possible, as the Connect Application is scheduled to be discontinued on the 31st of January, 2024.
This article provides information on configuring Google Workspace Directory Synchronization in the Mimecast Connect Application, including prerequisites, creating a directory connector, and verifying synchronization for automated user and group management.
Introduction
If you have a Google Workspace account, you can automatically manage your users and groups by synchronizing your Google Workspace Directory with us. Once configured and verified, we'll automatically synchronize with your Google Workspace Directory several times a day. If you choose not to synchronize your directory, you'll need to manually import a list of your users. See Connect Application - Adding Users Manually.
Only the Email Address and Full Name attributes are synchronized by default. Other attributes must be configured in the Google Workspace and Mimecast Administration Consoles first. Once a directory synchronization completes successfully, these attributes are displayed in Mimecast. The only attributes we can't support are multi-valued attributes. Additionally, Google Workspace doesn't synchronize passwords or provide any authentication functionality. If you require authentication for your Google Workspace applications, use Exchange EWS or AD FS domain authentication functionality.
Prerequisites
Before synchronizing your directory using Google Workspace in the Connect Application, you'll need to complete the following external tasks:
- Enable API access and create a user account in the Google Admin Console. You'll need a Super Administrator login to do this.
- Enable the Admin SDK. You'll need access to the API Console.
- Create a Service Account from the Google API Console.
- Authorize the Service Account's Client ID in the Google Admin Console.
See Configuring Google Workspace for Directory Synchronization for full configuration information.
Creating a Mimecast Directory Connector
You can create a Mimecast Directory Connector using Google Workspace by using the following steps:
- Log in to the Mimecast Connect Application.
- Navigate to Platform | Synchronize Your Directory.
- Click on Start in the Task Steps for Google Workspace Directory section.
- Skip to Step 3 | Create a Directory Connector page by clicking on Next.
Ensure the Prerequisites have been completed.
- Enter the Email Address of the user created in the Google Administration Console Configuration section of the Configuring Google Workspace for Directory Synchronization page.
- Upload the JSON File created in the Setting Up the API Service section above by either:
- Clicking on Import and selecting the saved file.
- Pasting the file contents into the Service Account JSON File field.
- Click on Synchronize. A summary page displays confirming the configuration.
Verifying the Mimecast Directory Connector
You can verify that the synchronizations are completing successfully by using the following steps:
- Log in to the Mimecast Administration Console.
- Navigate to Users & Groups | Directory Synchronization. The Google Workspace configurations display.
Comments
Please sign in to leave a comment.