Connect Application: Enabling Active Directory Synchronization Using G Suite

Document created by user.Yo2IBgvWqr Employee on Jun 18, 2018Last modified by user.oxriBaJeN4 on Jul 20, 2018
Version 12Show Document
  • View in full screen mode

Applies To...

 

This page applies to new clients connecting with Mimecast using the Connect Application. If you're not using the Connect Application, click here.

 

Walkthrough

 

If you have a G Suite account, you can automatically manage your users and groups by synchronizing your G Suite Directory with us. Once configured and verified, we'll automatically synchronize with your G Suite Directory several times a day. If you choose not to synchronize your directory, you'll need to manually import a list of your users. See the Connect Application: Adding Users Manually page for further information.

Only the "Email Address" and "Full Name" attributes are synchronized by default. Other attributes must be configured in the G Suite and Mimecast Administration Consoles first. Once a directory synchronization completes successfully, these attributes are displayed in Mimecast. The only attributes we can’t support are multi-valued attributes. Additionally G Suite doesn't synchronize passwords or provide any authentication functionality. If you require authentication for your G Suite applications, use Exchange EWS or ADFS domain authentication functionality.

Configuring G Suite for Directory Synchronization


Before synchronizing your directory using G Suite in the Connect Application, you'll need to complete the following external tasks:

  1. Enable API access and create a user account in the Google Admin Console. You'll need a Super Administrator logon.
  2. Enable the Admin SDK. You'll need access to the API Console.
  3. Create a Service Account from the Google API Console.
  4. Authorize the Service Account's Client ID in the Google Admin Console.

View the Configuring G Suite for Directory Synchronization page for full configuration information. 

Creating a Mimecast Directory Connector

 

To create a Mimecast Directory Connector using G Suite:

  1. Log on to the Connect Application.
  2. Navigate to the Platform | Synchronize Your Directory tab.
  3. Click on the Start button in the "Task Steps for G Suite Directory" section.
  4. Skip to Step 3 | Create a Directory Connector page by clicking on the Next buttons.
    Ensure the prerequisite tasks outlined in the "Configuring G Suite for Directory Synchronization" section are complete.
  5. Enter the Email Address of the user created in the "Google Administration Console Configuration" section of the Configuring G Suite for Directory Synchronization page.
  6. Upload the JSON File created in the "Setting Up the API Service" section above by either:
    • Clicking on the Import button and selecting the saved file.
    • Pasting the file contents into the Service Account JSON File field.
  7. Click on the Synchronize button. A summary page displays confirming the configuration.

 

Verifying the Mimecast Directory Connector

 

To verify that the synchronizations are completing successfully:

  1. Log on to the Mimecast Administration Console.
  2. Click on the Services | Directory Synchronization menu item. The G Suite configurations display.

 

See Also...

 

Attachments

    Outcomes