立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Administration Guide for Connecting to Google Workspace

Mapping a Google Workspace environment in One Identity Manager Synchronizing a Google Workspace customer
Setting up initial synchronization of a Google Workspace customer Customizing the synchronization configuration for Google Workspace Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing Google Workspace user accounts and identities
Account definitions for Google Workspace user accounts Assigning identities automatically to Google Workspace user accounts Manually linking identities to Google Workspace user accounts Supported user account types Specifying deferred deletion for Google Workspace user accounts
Login credentials for Google Workspace user accounts Managing Google Workspace entitlement assignments Mapping Google Workspace objects in One Identity Manager
Google Workspace customers Google Workspace user accounts Google Workspace groups Google Workspace products and SKUs Google Workspace organizations Google Workspace domains Google Workspace domain aliases Google Workspace admin roles Google Workspace admin privileges Google Workspace admin role assignments Google Workspace external email addresses Reports about Google Workspace objects
Handling of Google Workspace objects in the Web Portal Basic configuration data for managing a Google Workspace customer Troubleshooting the connection to a Google Workspace customer Configuration parameters for managing a Google Workspace environment Default project template for Google Workspace API scopes for the service account Processing methods of Google Workspace system objects Special features in the assignment of Google Workspace groups

Mapping a Google Workspace environment in One Identity Manager

One Identity Manager offers simplified user administration for Google Workspace. One Identity Manager concentrates on setting up and editing user accounts and providing the required permissions. For this, groups, organizations, permissions, admin roles, products, and SKUs are mapped in One Identity Manager.

One Identity Manager provides company identities with the necessary user accounts. There are different ways for you to connect identities to their user accounts. You can also manage user accounts independently of identities and thus set up administrator user accounts.

For more detailed information about the Google Workspace structure, see the Google Workspace documentation from Google.

Architecture overview

To access Google Workspace data, the Google Workspace connector is installed on a synchronization server. The Google Workspace connector establishes communication with the Google Workspace to be synchronized through several Google Inc. REST APIs. The synchronization server ensures the comparison of data between the One Identity Manager database and Google Workspace.

Figure 1: Architecture for synchronization

One Identity Manager users for managing a Google Workspace customer

The following users are used for setting up and administration of a customer.

Table 1: Users

User

Tasks

Target system administrators

Target system administrators must be assigned to the Target systems | Administrators application role.

Users with this application role:

  • Administer application roles for individual target system types.

  • Specify the target system manager.

  • Set up other application roles for target system managers if required.

  • Specify which application roles for target system managers are mutually exclusive.

  • Authorize other identities to be target system administrators.

  • Do not assume any administrative tasks within the target system.

Target system managers

Target system managers must be assigned to the Target systems | Google Workspace application role or a child application role.

Users with this application role:

  • Assume administrative tasks for the target system.

  • Create, change, or delete target system objects.

  • Edit password policies for the target system.

  • Prepare entitlements to add to the IT Shop.

  • Can add identities that do not have the Primary identity identity type.

  • Configure synchronization in the Synchronization Editor and define the mapping for comparing target systems and One Identity Manager.

  • Edit the synchronization's target system types and outstanding objects.

  • Authorize other identities within their area of responsibility as target system managers and create child application roles if required.

One Identity Manager administrators

One Identity Manager administrator and administrative system users Administrative system users are not added to application roles.

One Identity Manager administrators:

  • Create customized permissions groups for application roles for role-based login to administration tools in the Designer as required.

  • Create system users and permissions groups for non role-based login to administration tools in the Designer as required.

  • Enable or disable additional configuration parameters in the Designer as required.

  • Create custom processes in the Designer as required.

  • Create and configure schedules as required.

  • Create and configure password policies as required.

Configuration parameters

Use configuration parameters to configure the behavior of the system's basic settings. One Identity Manager provides default settings for various configuration parameters. Check the configuration parameters and modify them as necessary to suit your requirements.

Configuration parameters are defined in the One Identity Manager modules. Each One Identity Manager module can also install configuration parameters. In the Designer, you can find an overview of all configuration parameters in the Base data > General > Configuration parameters category.

For more information, see Configuration parameters for managing a Google Workspace environment.

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级