Finding unique identifier attribute using GAM
1,133 views
Skip to first unread message
Jeff Davalos
Sep 17, 2013, 4:40:28 PM9/17/13
to google-ap...@googlegroups.com
I use GADS to synchronize and update user account information from an internal directory, to my Google Apps for Business account.
Within GADS, there is a field named "Unique Identifier Attribute", to which I have associated that field with an internal unique identifier.
This unique identifier attribute is synchronized to my Google Apps for Business account, along with other fields for each user account.
Using GAM, I cannot locate this field.
GAM provides a field named "Google Unique ID", which is most likely Google's unique ID for each user, not necessarily the unique ID for each user as per my setup in GADS.
All other information about each user is retrievable by GAM (first name, last name, email, etc.) save for the value in the "Unique Identifier Attribute" field in GADS.
Thoughts?
Jay Lee
Sep 17, 2013, 4:51:10 PM9/17/13
to google-ap...@googlegroups.com
GADS is based on the old Provisioning API that did not expose the Google Unique ID of a user. Thus GADS creates it's own unique identifier for Google users and stores it in a sqlite file (which maps this ID against the LDAP unique identifier) You can find out where the sqlite database of unique LDAP users to unique Google users is stored by looking at the GADS configuration XML file in a text editor.
This can be proven out by renaming a Google user's email address between GADS runs. GADS will no longer be able to identify the renamed Google user and will try to suspend/delete the Google user and create the original address as a new user.
Since the unique identifier that GADS uses is not stored in Google, there's no way for GAM to discover it.
--
You received this message because you are subscribed to the Google Groups "Google Apps Manager" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To post to this group, send email to google-ap...@googlegroups.com.
Visit this group at http://groups.google.com/group/google-apps-manager.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/00e75b73-d172-4efc-bd04-49c80b41ba46%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Jeff Davalos
Sep 26, 2013, 3:55:11 PM9/26/13
to google-ap...@googlegroups.com
Thanks for the response, Jay.
I found the .xml and it maps the email address to GADS’ unique ID.
I am unclear how GADS matches the GADS unique ID field to the objectGUID, as the only two values stored in the SQLLite file are
I am unclear how GADS matches the GADS unique ID field to the objectGUID, as the only two values stored in the SQLLite file are
the GADS unique ID and the email address.
Reply all
Reply to author
Forward
0 new messages