Re: Can Google Cloud Directory Sync (GCDS) Sync a ...

nvitalian · 10-03-2024 08:59 AM

I'm working on syncing our Active Directory with Google Workspace using Google Cloud Directory Sync (GCDS). I want to know if it's possible to sync a Security Group directly to a Google Workspace Organizational Unit (OU). My goal is to ensure that users in certain security groups are placed into specific OUs in Google Workspace.

If GCDS can't directly sync a Security Group to an OU, is there a workaround to map users in a security group to a particular OU?

Thought maybe as a search rule something like this?? But no go.
(&(objectClass=user)(memberOf=CN=GroupName,OU=SubOU,OU=Security,OU=Groups,OU=BaseOU,DC=domain,DC=com))

I'm not going to rebuild my entire AD tree to bend to GCDS needs.

Any help would be appreciated!

icrew

I'm not as familiar with GCDS as I'd like, but you can do this with the free, open source, command-line, indispensable GAM tool. Check out:

GAM: https://github.com/jay0lee/GAM/wiki
GAM Advanced (a variant with a few more features): https://github.com/taers232c/GAMADV-XTD3/wiki
and the mailing list at https://groups.google.com/forum/#!forum/google-apps-manager

for more details.

Specifically, see https://github.com/taers232c/GAMADV-XTD3/wiki/Organizational-Units#synchronize-users-with-an-organiz.... The command would look like:

gam update ou "/Example/OU/" sync group security_group@example.org removetoou "/Other/OU/"

Hope that helps,

Ian

nvitalian

Sorry I spaced on watching this,

Absolutely, GAM and Python, a winning combination.

Thanks

Can Google Cloud Directory Sync (GCDS) Sync a Security Group to an Organizational Unit (OU)?