Recently there has been a growth of users wanting more e-mail storage, more collaboration and greater client access capabilities. IT professional are stuck administrating a multitude of services and applications. Now with Google Apps, it is possible to have all these features and more, but having your email and collaboration system disconnected from your production environment isn’t the best solution.

With the Identity Manager driver for Google Apps, you can now keep your user accounts in Google Apps connected with the user accounts in your production environment. It will keep passwords and user account details in sync, without extra work required from the IT professional.


The driver only supports one-way synchronization, and thus no data can be retrieved from the Google Apps domain. The driver does not support reading attributes from the Google Apps domain so matching policies will not work.

The following features has been implemented:

  • User creation, updates and deletion.
  • Group creation, updates and deletion.
  • Synchronize passwords to Google Apps Domain


Before you start make sure that you are running at least IDM 3.6 and that you have enabled the Provisioning API in your Google Apps domain.

Copy the googleDriver.jar file to the relevant location:
Windows: C:\novell\nds\lib
Unix: /opt/novell/eDirectory/lib/dirxml/classes/

Restart the eDirectory

Goto your Identity Manager Driverset and Add a driver.

Import the configuration from the client and select the googleDriver.xml file.

In the driver configuration make sure that the Authentication ID is set to a valid Domain admin and that the Authentication context is set to the Google Apps Domain to be managed. The Application password should be set to the password of the relevant admin.

Eg: Authentication ID:
Authentication context:

Final Word

I urge anybody that used this driver or that wants to use this driver to please post if you require extra functionality. The driver was only created for the current set of features, but I am willing to expand it if necessary.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

Leave a Comment

  • aperez says:

    besides costs, how does this driver differ from the one offered by CosmosKey? Also, don’t you need to enable the Provisioning API in the google admin dashboard?

    • chrysalis69 says:

      The driver from CosmosKey was developed before IDM 3.6.1 and thus JAVA 1.5 was not available which is required by the Google API. To solve the problem they used the SOAP interface.
      The driver I developed uses the Java Google API.
      The Provisioning API must be enabled for the driver to work.

      • rhettplace says:

        The ConneXcloud driver for Google Apps was developed with the latest Google API for IDM 3.6.1. It supports matching and has advanced features for contact lists and groups. If you want a full-functioning driver that always uses the latest Google API, you should check out the ConneXcloud driver.

      • geoffc says:

        Trying to understand what this app does, it does not look to me like it is an IDM driver, rather it is its own event engine, and whatnot.

        I can see use cases for both models. I.e. If you have a well developed IDM model in place, one more driver is probably easier than an entire other sync app. Conversely, if you just want this functionality, standalone is quite nice.

      • rhettplace says:

        Yes, ConneXcloud is a driver for Novell IDM. It is not a stand alone application. A standalone version could be advantageous for several reasons however, it seems like a lot of work to develop an event engine when IDM already does it so well.

      • geoffc says:

        The web page does not contain a lot of info about the product, in terms of detailed technical specs. Which is ok, I suppose for a ‘sales’ web page.

        Do you work for these guys? Or just a satisfied customer? Regardless, do you happen to know what value is used in the DirXML-Association for the @component=’path’ part of it? I have a list I maintain at:

        and I would like to update it with info about this driver, if you happen to have it. (Share the wealth, right?) Also, if you happen to be using it, or associated with the company, do you think you have some time to contribute a doc on how the default driver configuration works for this page?

      • dlpowell says:

        Does your driver support reading data from Google Apps?

      • chrysalis69 says:

        Sorry for replying sooner.
        Currently the driver has no support for reading data from google, as the provisioning API from google does not support it. I’m am looking at using the reporting API to achieve this functionality. The downside to the reporting API is that it only supports limited search functionality, and thus bandwidth would become an implication, as I would have to retrieve all data, about all users.
        Currently no-one has requested this functionality so I’ve not given any attention to it.

        Please let me know if you are interested/require this functionality and I’ll see if I can fit it into my schedule.

  • bkynaston says:

    TriVir LLC also has a Google Apps driver that can fully leverage the Google API set. More info available at

  • woutsi says:

    Mentioned functionality works as advertised but i have a few suggestions on expanding the driver. How can we contact you?

Feb 18, 2010
10:40 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow