Moved to: https://osmium.morningside.edu/confluence/x/MIC6AQ

GoogleAppsDirectorySync (GADS) is the tool that we use to syncronize data in our ActiveDirectory database with Google Apps – firstnames, lastnames, mail aliases, etc.

Sync setup

The configuration is made in a program called config-manager; a java program. Because our systems are headless, this must be run elsewhere (like on DC2) and saved as an .xml file.

The resulting .xml file may be moved to any Linux system with GADS installed. Installing the xml requires the following steps:

1. Clear the encrypted fields from between the tags in the xml configuration file:

   1. <smtpAuthPasswordEncrypted>HASH_VALUE</smtpAuthPasswordEncrypted>

   2. <oAuth2RefreshToken>HASH_VALUE</oAuth2RefreshToken>

   3. <authCredentialsEncrypted>HASH_VALUE</authCredentialsEncrypted>

2. Set the ldap credentials with ./upgrade-config:

   • ./upgrade-config -c your-config.xml -ldapuser "dummy@mustang.morningside.edu" -ldappassword "secret"

3. Regenerate Oauth token

   • To populate the '<oAuth2RefreshToken></oAuth2RefreshToken>' tag, please enter the following command (as outlined in https://support.google.com/a/answer/3075991 under 'How to authorize ... without a GUI'), as follows:

     ./upgrade-config -Oauth Google_Apps_domain_name -c YourXMLConfigFile.xml

     More info: https://productforums.google.com/forum/#!topic/apps/m_V88cNM2Hk