Add, edit, or remove an LDAP directory

This page is for Directory Sync. If you’re using Google Cloud Directory Sync (GCDS), go to GCDS. Directory Sync is currently in public beta.

Now you need to connect your LDAP directory using Directory Sync in the Google Admin console. Later, you can add other LDAP directories and connect to multiple directories at once. 

You can set up multiple directory configurations but they must point to separate Active Directory servers. You can’t point more than one directory configuration to a single Active Directory server.

Before you begin

Make sure you:

Add a directory

To complete these steps, you must be a super administrator or have the Manage Directory Sync Settings privilege.

  1. In your Google Admin console (at admin.google.com), click Directoryand thenDirectory sync.
  2. Click LDAP directoriesand thenAdd Directoryand thenContinue
  3. For Directory name, enter a name for your directory and, optionally, add a description.
  4. Click Continue.
  5. For Project ID, enter the ID from the Google Cloud project where you created the VPC access connector.
  6. For VPC access connector name, enter the name of the VPC access connector that you set up in Google Cloud. Use the following format:

    projects/project id/locations/VPC location/connectors/VPC connector name

    To find the values for VPC location and VPC connector name, in your Google Cloud project, click VPC networkand thenServerless VPC access and find your VPC access connector. Go to Name for the VPC connector name. Go to Region  for the VPC location.

  7. Click Continue.
  8. For Active Directory server details, enter:
    • Host—IP address or fully qualified domain name of your Active Directory server.
    • Port—Port number of your Active Directory server.
    • Connection type—Select your connection type.
    • Base DN—Base distinguished name (DN) in Active Directory. The base DN is used as the root for all searches. You can change this later when you set up your sync.

      Example: ou=Sales, dc=example, dc=com

    • DNS server—DNS server that can resolve your Active Directory host name.
    • Authorized account and Password—The username and password of an account that has read access to your Active Directory server (usually a service account).
    • Certificate—TLS client certificate. Click Attach certificate, navigate to your certificate, and confirm.
  9. Click Save and Test Connection.

    This process might take up to a minute. If you close the window before the test is completed, you can check the results in the Admin audit log. If the test fails, you'll be prompted to re-enter your directory information.

  10. Click Continue or troubleshoot a failed connection (below on this page).

Troubleshoot a failed connection

If your connection fails, you can view information about the cause of the failure on the connection status page.

For additional troubleshooting information, you can view the Directory Sync log events data. For details, go to Check log events for Directory Sync.

Edit a directory

  1. Click the name of the directory that you want to edit.
  2. Next to Sync status, click Turn off "" to deactivate the sync.
  3. Update the details of the selected directory.
  4. Click Save and Test Connection.
  5. Reactivate sync, if needed.

Remove a directory

Important: Make sure that you have retained any information you need from the LDAP directory before you remove it. When you remove an LDAP directory, the connection and sync setup is deleted. Any data that was synced to your Google cloud directory is retained.

  1. On the directory details page, next to Sync status, click Turn off "".
  2. Click Delete ""and thenDelete.

Related topics

Admin log events

Next step

Set up user sync


Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.

Was this helpful?
How can we improve it?

Need more help?

Sign in for additional support options to quickly solve your issue

Search
Clear search
Close search
Google apps
Main menu
Search Help Center
true
true
true
true
73010
false
false