Mapping and synchronization, Mapping and synchronization 9 – Google Postini Directory Sync Configuration Guide User Manual

Architecture

9

2. Directory Sync opens a secure SSL connection to the address you have

provided, and logs on to your DSML server using basic authentication.

3. Directory Sync requests a user list for a Base DN that you provide from your

directory server.

4. Your DSML server opens the LDAP directory and queries the user list for the

appropriate organization. Depending on the Directory Sync settings, this may
be a request for a user list for the base DN, or a recursive request for
information for the base DN and the whole subtree beneath it.

5. Your DSML server collects this information from the LDAP directory, and

reformats it into XML.

6. Your DSML server sends this information back to the email protection service

in response to the DSML request. The session closes.

7. Directory Sync checks the user list against the current list of registered users

in the email protection service. Directory Sync generates a list of changes
needed to update the email protection service’s user list to match the user list
on the directory server.

8. Directory Sync displays a list of changes to the email protection service for

verification. If there are any problems with connectivity, or if the changes
exceed any limits the administrator has set, an error will be displayed.
Otherwise, the administrator will have the option to synchronize the email
protection service’s user lists.

9. If the administrator approves changes, the email protection service’s user list

is updated.

Mapping and Synchronization

Users in the email protection service are organized in a hierarchical structure.
One or more organizations will be mapped to organizations in your directory
server.