GCDS Organizational unit mappings

Problem

You are creating users from your Active Directory to sync them with GCDS but they are being created in the main OU.

Environment

  • Active Directory
  • Google Cloud Directory Sync
  • Admin Console

Solution

  1. Enable the option to synchronize Organizational Unit Mappings.
  2. Setup user search rules

Example: Mapping multiple locations.

An LDAP directory server has an organizational hierarchy split between two office locations: Melbourne and Detroit. Your Google domain org unit hierarchy will match the same hierarchy.

  • First Rule:
    • (LDAP) DN: ou=melbourne,dc=ad,dc=example,dc=com
    • (Google domain) Name: Melbourne
  • Second Rule:
    • (LDAP) DN: ou=detroit,dc=ad,dc=example,dc=com
    • (Google domain) Name: Detroit

 Example: Mapping LDAP org unit to Google Root org unit.

  • (LDAP) DN: ou=corp,dc=ad,dc=example,dc=com
  • (Google domain) Name: /

 Example: Mapping LDAP org unit to a first-level Google org unit

  • (LDAP) DN: ou=detroit,ou=corp,dc=ad,dc=example,dc=com
  • (Google domain) Name: Detroit

Example: Mapping LDAP org unit to a Google second-level org unit

  • (LDAP) DN: ou=detroit staff,ou=detroit,ou=corp,dc=ad,dc=example,dc=com
  • (Google domain) Name: Detroit/Detroit Staff

Cause

The sync is not working properly according to the GCDS sync settings.