Google Cloud Identity

Introduction

Companies who use Google as their cloud identity provider can now integrate MangoApps user sync and groups sync with their Google cloud identity account over LDAP. This integration of MangoApps with Google cloud identity LDAP service is simple to set up in comparison to the on-premise active directory that requires significant IT cost & effort.

Add Google LDAP client in Google's admin console for your MangoApps account

  1. Login into Google as an Admin (Admin.Google.com)

  2. Go To LDAP and click Add Client.

Enter the LDAP Client name and description.

Access Permission

  • Verify User's credentials: Select Entire Domain.

  • Read User's Information: Select Entire Domain.

  • Specify the attribute which client can access to read users information: System attributes, Public Custom, Private custom

  • Enable the Read Group Information tab.

  • Click Add LDAP Client.

Download the generated certificate to connect your client to LDAP Services and click Continue to Client details.

Go to Apps>LDAP>Settings>Authentication, to generate new credentials.

Click on the Status Service, to change the status.

Select ON for everyone and click Save.

Google LDAP is added in Google's admin console for your MangoApps account.

Add Google Cloud Server in the MangoApps admin portal.

Go to MangoApps Admin Portal, click SSO>CONNECTION>Active Directory/LDAP.

Enable the Active Directory LDAP Integration.

Server 1:

  1. Select the server type as Google LADP from the drop-down.

  2. Enter the Host and Port Name.

  3. Enter the Group and Base DN.

  4. Upload the Google digital certificated downloaded from the Google LDAP configuration.

  5. Enter the Login details and click Test Connection.

User Mapping:

  • You can set up the user mappings for automatic sync of user profile data from Google cloud identity.

  • User custom fields can be mapped and will be kept in sync in MangoApps (when it changes in Google cloud identity).

  • Both scheduled sync and just-in-time (JIT) sync of users from Google cloud identity is supported.

  • Using user object filter, admins can control which users from Google cloud identity are synced into MangoApps.

Refer to Active Directory/Ldap for more information.

Group Mapping:

Group Mapping enables the Network admin to automate the task of Group creation and user assignment in MangoApps.

  • Enable Group Sync to:

    • Read group information settings in the Google admin console for MangoApps LDAP client (Part 1 of configuration mentioned above).

    • Enable group sync settings in MangoApps.

  • Group custom fields can be mapped and will be kept in sync in MangoApps (when it changes in Google cloud identity).

  • Using group object filter, admins can control which groups from Google cloud identity are synced into MangoApps.

  • Group membership rule settings help admins control the policy to use to keep the group membership in sync with Google cloud identity.

Refer to Active Directory/Ldap for more information.

Click Save Settings.

Saving the settings will present a button to β€˜Preview & Synchronize’. This action would provide an Admin list of users & groups that satisfy the configured user & group object filters.

Last updated