About Google as a directory service

Caveats

• This authentication service is for Google G Suite domains. Networks using Google Cloud Directory Sync (GCDS) should configure the Smoothwall Filter and Firewall to use the Active Directory connection.
• Multitenant configurations for the Google directory service are currently not supported.
• You can't use Google as a directory as a standalone directory connection. It must be used in conjunction with Connect for Chromebooks where the G Suite domain credentials are trusted, see our help topic, Configuring the Google and Chromebook settings, and downloading the HTTPS certificate.
• Only single domain configurations are supported

Users, groups and organizational units

Google makes use of both user groups and organizational units (referred to in Google documentation as both "organization units", "organizational units", and "OUs"). Google groups are to manage user contact, for example, email groups, whereas Google organizational units control service availability for users.

The Smoothwall must hold an up-to-date copy of the Google G Suite domain usernames, group membership, and organizational units' structure to make sure that Connect for Chromebooks authentication works seamlessly. To do this, you must synchronize your Google G Suite domain with Smoothwall before continuing with the Connect for Chromebooks configuration; this isn't an automatic step and must be started manually.

Map groups

To make full use of filtering policies, and apply permissions and restrictions to users, you should map your domain directory structure to Smoothwall local groups.

Tip: Google makes use of both user groups and organizational units (referred to in Google documentation as both "organization units", "organizational units", and "OUs"). Google groups are to manage user contact, for example, email groups, whereas Google organizational units control service availability for users.