This article provides a description how to connect a Sophos Mobile server to a Google Cloud Directory using secure LDAP. The following sections are covered:
Applies to the following Sophos products and versions Sophos Mobile
Important note: After you set up or change LDAP access and permissions for Google Cloud Directory it can take Google Cloud Directory up to 24 hours to apply the changes.
Sign in to the Google Admin console
Use your Google super administrator account, and not your personal Gmail account.
On the Access permissions page activate all three options.
You can allow either all users of your domain or members of selected organizational units only. Then you can use all Sophos Mobile features with users from Google Cloud Directory like the self-service portal, admin portal, placeholder replacement and so on.
Click ADD LDAP CLIENT to proceed.
After the access permissions page you can download a client certificate that is used to authenticate the Sophos Mobile server. Only with this certificate, you can access your Google Cloud Directory. A zip archive with two certificate files is created automatically. Download it and save it for later use.
Click CONTINUE TO CLIENT DETAILS.
Sophos Mobile requires credentials to connect to LDAP servers. Click Access credentials, GENERATE NEW CREDENTIALS and your credentials will be created and presented to you. Save them for later use.
The LDAP authentication with client certificates requires the use of a software like Stunnel. Please follow these steps to configure it appropriately:
To switch the service status to On perform the following steps:
You are now ready to use Sophos Mobile with users from your Google Cloud Directory
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.