Gads Google Apps Directory Sync
Using Enterprise Edition, Google Apps Directory Sync (GADS) 1.6.14 or 1.6.15, Active Directory (AD) on Windows Server 2003 We have configured GADS to import users and groups from AD, and it's been working successfully. I would try manually running GADS graphical interface and click on the Simulate Sync button to see what changes are proposed. May give some insight on what is happening. Only other thing that would come to mind would be Active Directory replication issues? Would also be curious in the GADS configuration file. Click on Google Apps Configuration.
I've setup Google Apps Directory Sync (GADS) to sync with my AD and its working flawlessly syncing all my users.
Google Apps Directory Sync Tool
Base DN: OU=Lunchbox,DC=office,DC=lbox,DC=com
Org Unit LDAP Mapping: OU=Lunchbox,dc=office,dc=lbox,dc=com to Users
Org Unit Search Rule: objectclass=organizationalunit
User Accounts: Active : (&(objectClass=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
User Accounts: Suspended : (&(objectClass=Person)((userAccountControl:1.2.840.113556.1.4.803:=2)))
The issue is I only want users that are members of the group 'GoogleAppsUser' to be added to Google Apps. Changing the following added the users as Active users if they were a member of GoogleAppsUser and added the user as Suspended if they were NOT a member.
User Accounts: Active : (&(objectClass=Person)(memberOf=GoogleAppsUser)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
User Accounts: Suspended : (&(objectClass=Person)(memberOf=GoogleAppsUser)((userAccountControl:1.2.840.113556.1.4.803:=2)))
Google Drive
I also tried changing following:
Org Unit Search Rule: memberOf=GoogleAppsUser
Google Apps Free
But that resulting in it syncing distribution groups as users too.
Any suggestions on how to get GADS to listen to me when I tell it to only sync users that are a member of the GoogleAppsUser group?
