HENNGE Access Control Implementation Procedure List (Google Workspace)

Target

This is for customers who want to connect Google Workspace and HENNGE Access Control for single sign-on access.

Purpose

To establish single sign-on connection between Google Workspace and HENNGE Access Control and perform access control.

Notes

1. Please check the necessary items according to your service and use case.

2. The content of this article is based on the product's content as of October 2023 and may be subject to change without notice in the future.

Table of Contents

1. Preparations

1.1. Confirm Global IP Address
1.2. Confirm the means by which users access Google Workspace (access source environment)
1.3. Collect HENNGE Device Certificate device information
1.4. Consider HENNGE Access Control operational policies
1.5. Set HENNGE Access Control operational policies

2. User Synchronization from Active Directory to Google Workspace and HENNGE Access Control

2.1. Organizing Users in Active Directory
2.2. Preparing and Setting up the Machine for Google Cloud Directory Sync Installation
2.3. Installing Google Cloud Directory Sync and Starting User Synchronization
2.4. Verifying Operational Requirements for HENNGE Directory Sync Tool Installation
2.5. Configuring Active Directory Domain Controllers and Verifying OS Versions
2.6. Adding UNIX ID Management to All Domain Controllers (WS 2012 / WS 2012 R2)
2.7. Installing HDEPasswordFilter.dll on All Domain Controllers (WS 2016 and later)
2.8. Installing HENNGE Directory Sync Tool
2.9. Executing the Security Group Assignment Batch
2.10. Initial Configuration of HENNGE Directory Sync Tool Settings (config.ini)
2.11. Verifying Password Settings for Synchronized User Accounts
2.12. Running the HENNGE Directory Sync Tool

3. Configuring User Information Synchronization from HENNGE Access Control to Google Workspace

3.1. Setting Up API Authorization for User Provisioning
3.2. Bulk User Registration / Update / Deletion

4. End-User Configuration for Utilizing HENNGE Access Control Access Control

4.1. Installing HENNGE Secure Browser
4.2. Terminal Authentication for HENNGE Secure Browser
4.3. Configuring Receipt of OTP (One-Time Password) via Application
4.4. Configuring Receipt of OTP (One-Time Password) via Email
4.5. Issuing HENNGE Device Certificates
4.6. Installing HENNGE Device Certificates

5. HENNGE Access Control Access Control Policy Settings

5.1. Assignment of Access Policy Groups to Users
5.2. Assignment of Browser Policy Groups to Users

6. Connection between HENNGE Access Control and Google Workspace

6.1. Single Sign-On (SSO) Connection between HENNGE Access Control and Google Workspace
6.2. Single Sign-On (SSO) Connection Confirmation between HENNGE Access Control and Google Workspace
6.3. Disconnection of Google Workspace Authentication

1. Preparations

1.1. Confirmation of Global IP Address

To control access based on IP address, please verify the IP addresses that are allowed for access.

1.2. Confirmation of How Users Access Google Workspace (Access Source Environment)

When considering and configuring access policies, please confirm the end-users' usage environment.

1.3. Collection of HENNGE Device Certificate Device Information

* If you are using HENNGE Device Certificate, please perform this step.

Information about the target devices is required when issuing HENNGE Device Certificates.
Please select the target devices and collect the necessary information in advance.

1.4. Review of HENNGE Access Control Operational Policies

Please consult with your deployment guide.

1.5. Configuration of HENNGE Access Control Operational Policies

HENNGE can assist with the configuration. Please consult with your deployment guide.

If you plan to configure it yourself, please verify the following:

Login Screen Settings

Password-related Settings

Settings Related to Secure Browser (HENNGE Secure Browser)

Other Settings

 

2. User Synchronization from Active Directory to Google Workspace and HENNGE Access Control

* Please perform this section if you are synchronizing users from Active Directory to HENNGE Access Control.

* Please note that the necessary steps may vary depending on the version of Active Directory.

2.1. Organizing Users in Active Directory

2.2. Preparation and Setup of the Machine for Google Cloud Directory Sync Installation (External Link)

For details, please check with Google or your Google Workspace reseller.

2.3. Installation of Google Cloud Directory Sync and Starting User Synchronization (External Link)

For details, please check with Google or your Google Workspace reseller.

2.4. Verification of Operating Requirements for HENNGE Directory Sync Tool Installation

2.5. Configuration and OS Version Verification of Active Directory Domain Controllers

2.6. Addition of UNIX ID Management to All Domain Controllers (WS 2012 / WS 2012 R2)

2.7. Installation of HDEPasswordFilter.dll on All Domain Controllers (WS 2016 and later)

2.8. Installation of HENNGE Directory Sync Tool

2.9. Execution of Security Group Assignment Batch

2.10. Placement of HENNGE Directory Sync Tool Configuration File (config.ini)

2.11. Verification of Password Settings for Synchronized User Accounts

2.12. Execution of HENNGE Directory Sync Tool

3. Configuration for Synchronizing User Information from HENNGE Access Control to Google Workspace

※ If you are synchronizing users from HENNGE Access Control to Google Workspace, please follow this section.

3.1. Setting API Authorization for User Provisioning

3.2. User Bulk Registration / Update / Deletion

・User Bulk Registration

・User Bulk Update

・User Bulk Deletion

4. End User Configuration for Using HENNGE Access Control Access Control

4.1. HENNGE Secure Browser Installation

※ If you are using HENNGE Secure Browser, please follow this section.

HENNGE Secure Browser Installation (iOS)
HENNGE Secure Browser Installation (Android)
HENNGE Secure Browser Installation (Windows PC version)
HENNGE Secure Browser Installation (macOS version)

4.2. HENNGE Secure Browser Device Authentication

※ If you are using HENNGE Secure Browser, please follow this section.

4.3. Configuration to Receive OTP (One-Time Password) in the Application

※ If you are using OTP, please follow this section.

4.4. Configuration to Receive OTP (One-Time Password) by Email

※ If you are using OTP, please follow this section.

4.5. HENNGE Device Certificate Issuance

※ If you are using HENNGE Device Certificate, please follow this section.

・Issuing HENNGE Device Certificate

4.6. Installing HENNGE Device Certificate

※ If you are using HENNGE Device Certificate, please follow this section.

5. HENNGE Access Control Access Control Policy Configuration

5.1. Assigning Access Policy Groups to Users

5.2. Assignment of Browser Policy Groups to Users

※ Please complete this section if you are using HENNGE Secure Browser.

Assignment of Browser Policy Groups to Users

6. Connection Between HENNGE Access Control and Google Workspace

6.1. Configuration of Single Sign-On (SSO) Between HENNGE Access Control and Google Workspace

6.2. Verification of Single Sign-On (SSO) Connection Between HENNGE Access Control and Google Workspace

6.3. Disconnecting Google Workspace Authentication

          
Was this article helpful?