Adding a Google directory
- You smoothwall must be able to make ICMP pings outbound through any upstream firewall that may be in place.
Note: If you're configuring multiple Google G Suite domains in your Smoothwall, we recommend that you avoid having the same administrative user for all. Attempting to synchronize these domains at the same time increases the chance of exceeding your Google API quota and rate limits (refer to the Google API Console documentation), forcing the synchronization processes to significantly slow down.
- Create an administrative user within your Google G Suite domain, used to log into the Google domain consoles (Google Admin Console: https://admin.google.com/ and the Google API Console: https://console.developers.google.com/).
- You must create a new Google Service Account and download the key to allow the Smoothwall Filter and Firewall to access the Google G Suite domain user and group information. See our knowledge base article, Creating a Google Service Account.
- You must authorize the Google Service Account you created. See our knowledge base article, Authorizing Your Google Service Account.
- On the SERVICES menu, under the Authentication submenu, click Directories.
- Click Add new directory.
- In the Add new directory dialog box, select Google and either accept the default Name or configure a new name for this directory.
- For the Client secrets file, upload the Service Account JSON file that you downloaded. Click Choose File and browse to and select the Service Account Key.
- Enter your Google G Suite Domain.
- Enter the Administrative user username, as a valid email address, of a user who has permission to access users, groups, and organizational units. The Smoothwall acts as this user to perform the username synchronization.
- Enter a descriptive Comment of the directory service and click Add.
Tip: We recommend that you run a diagnostics test at this point to make sure that the Google G Suite domain communication is correct.