Global configuration values (GCVs) are values that can be used by the driver to control functionality. GCVs are defined on the driver or on the driver set. Driver set GCVs can be used by all drivers in the driver set. Driver GCVs can be used only by the driver on which they are defined.
The Google Apps driver includes several predefined GCVs. You can also add your own if you discover you need additional ones as you implement policies in the driver.
To access the driver’s GCVs in iManager:
Click to display the Identity Manager Administration page.
Open the driver set that contains the driver whose properties you want to edit.
In the
list, click .If the driver set is not listed on the
tab, use the field to search for and display the driver set.Click the driver set to open the Driver Set Overview page.
Locate the driver icon, click the upper right corner of the driver icon to display the
menu, then click .or
To add a GCV to the driver set, click
, then click .To access the driver’s GCVs in Designer:
Open a project in the Modeler.
Right-click the driver icon or line, then select
or
To add a GCV to the driver set, right-clickthe driver set icon , then click
.Table A-6 Global Configuration Values
Name |
Description |
Example Value |
---|---|---|
Google Apps Domain Name |
Specify the name of the Google Apps domain managed by this driver. |
mydomain.com |
Base Container for users in eDirectory |
Only users in or below this container will be synchronized to the connected Google System. |
yourorg\users |
Use Entitlement for User Account Creation |
If this GCV is set to true then users will only be created in Google when the entitlement is granted. |
True |
Match Users who do not have a Google Account Entitlement. |
If this GCV is set to true then users who have not been given an entitlement will be matched to existing Google Accounts. Otherwise the connector will not attempt to match users without a Google Account Entitlement they will just be blocked at the matching rule. |
False |
What should the Connector do when the Google Account entitlement is revoked? |
This GCV determines how the connector will handle a user account who has their Account Entitlement revoked. Do Nothing: This means that if an Account Entitlement is revoked, then the driver will do nothing. The account will remain in the state it was in when it was revoked. Disable Account: If this is selected then when the entitlement is revoked. The account in Google will be disabled.Delete Account: This will tell the connector to Delete the account in Google when the entitlement is revoked. |
Do Nothing |
Base Container for Groups in eDirectory |
Only Groups in or below this container will be synchronized to the connected Google System. |
Yourorg/groups |
Default visibility for Google Groups. |
This GCV sets the default visibility for groups created in GoogleApps. If all your groups will be used as a distribution list available to users on the internet you will need to set the Value to Anyone-Internet Enabled. Note that by using the Policy Builder you can change the permissions on any group during add or modify events. |
Owner, Member, Domain, Anyone |
Base Container for Organizational Units in eDirectory |
Only OU's in or below this container will be synchronized to the connected Google System. If placement is done with mirroring package this GCV is also used as the root container for where the mirror will start. |
Myorg |
What to use for intitial Password if Distribution Password not Present |
If the system is not set up for universal password synchronization or the user account just doesnt have a distribution password set yet, then an initial password has to be set. This GCV tells the system whether to use an attribute off of the user account for an initial password or to use a random generated password. If the accounts are going to use SAML for authentication then a Random Password would be fine. Otherwise an attribute value should be selected. |
Random PasswordAttribute Value from User |
eDirectory attribute to use for initial password value. |
This is the name of the attribute in edirectory that the Google driver should use for an initial password if no Distribution password is available on creation. |
Surname |
Number of letters to use in the Random Password |
This is the number of Letters to use in the random password. when added to the value of the "Random password numbers" GCV It will determine the number of characters in the total Length |
6 |
Number of numbers to use in the Random Password |
This is the number of numbers to use in the random password. when added to the value of the "Random password letters" GCV It will determine the number of characters in the total Length. |
6 |