Step three: decide what to synchronize, Domains, Step three: decide what to synchronize 28 – Google Apps Directory Sync Administration Guide User Manual

28

Release 4.0.2

There are three ways to mark your Google Apps users in LDAP:

•

OU: Set up an organizational unit (OU) and move Google Apps users into that unit.

•

Group: Create a new group in LDAP, and add Google Apps users as a member of that group.

•

Custom Attribute: Create a custom attribute for your users, and set that attribute for new users.

Use whichever method works best for your LDAP directory environment.

The exact steps necessary to set up an OU, group, or custom attribute will vary based on your LDAP
directory server. Consult your LDAP directory server documentation and work with your LDAP
administrator to configure your LDAP server appropriately.

Sample Scenario: Mark Google Apps Users In LDAP

The administrator creates two new groups on LDAP,

GoogleAppsUsers

and

ActiveGoogleAppsUsers

. All

users who are identified to be synchronized into Google Apps are added to the

GoogleAppsUsers

group.

When users are added into Google Apps, and have their mail flow switched over, those users are also
added to the

ActiveGoogleAppsUsers

Group. This will make it easier to track which users are in Google

Apps, and allows a clean synchronization without removing old accounts that will not be synchronized into
Google Apps.

Step Three: Decide What to Synchronize

Once you have identified your LDAP servers, decide what to synchronize.

For specific suggestions on what to synchronize during an early adopter program or other parts of your life
cycle, see “Roadmap for Deployment” on page 33, in this chapter.

Domains

Decide what domains you want to synchronize on your LDAP server and in Google Apps. Google Apps
Directory Sync can synchronize with multiple domains on the same account.

•

Domain: Before you configure synchronization, decide what domain you want to synchronize, and set
up your domain in Google Apps.