Target
Customers using Google Workspace and HENNGE Access Control are eligible.
Purpose
Connect Google Workspace and HENNGE Access Control for Single Sign-on and perform access control.
Additionally, if there are other cloud services that need to be integrated, Single Sign-on integration can be carried out.
Notes
1. Please check the necessary items according to the services and usage you are using.
2. The content of this article is based on the product as of April 2024 and may be subject to change without notice thereafter.
Table of Contents
1.1. Collection of HENNGE Device Certificate device information
1.2. Consideration of HENNGE Access Control operational policies
1.3. Configuration of HENNGE Access Control operational policies
2. User Synchronization from Active Directory to Google Workspace and HENNGE Access Control
2.1. Organizing users in Active Directory
2.2. Installation of Google Cloud Directory Sync and start of user synchronization
2.3. Installation of HDEPasswordFilter.dll on all Domain Controllers (WS 2016 and later)
2.4. Installation of HENNGE Directory Sync Tool
2.5. Creation of API client for executing HENNGE Directory Sync Tool
2.6. Initial placement of HENNGE Directory Sync Tool configuration file (config.ini)
2.7. Execution of Assign-HDEOnePasswrdSyncGroup.bat
2.8. Setting passwords for synchronized users
2.9. Confirmation of password settings for synchronized users
2.10. Execution of HENNGE Directory Sync Tool
3. Configuration to Synchronize User Information from HENNGE Access Control to Google Workspace
3.1. Setting API authorization for user provisioning
3.2. Bulk registration/update/deletion of users
4. End User Settings Required to Use HENNGE Access Control Access Control
4.1. Installation of HENNGE Secure Browser
4.2. Terminal authentication of HENNGE Secure Browser
4.3. Configuration to receive OTP (One-Time Password) in the application
4.4. Configuration to receive OTP (One-Time Password) via email
4.5. Issuance of HENNGE Device Certificate
4.6. Installation of HENNGE Device Certificate
4.7. Confirmation of HENNGE Device Certificate installation status
4.8. Installation of application to load HENNGE Device Certificate
5. Configuration of HENNGE Access Control Access Control Policies
5.1. Assignment of Access Policy Groups to users
5.2. Operation testing of Access Policy Groups
5.3. Assignment of Browser Policy Groups to users
6. Connection between HENNGE Access Control and Google Workspace
6.1. Single Sign-on (SSO) connection between HENNGE Access Control and Google Workspace
6.2. Confirmation of Single Sign-on (SSO) connection between HENNGE Access Control and Google Workspace
6.3. Single Sign-on (SSO) connection between HENNGE Access Control and Chromebook
6.4. Confirmation of Single Sign-on (SSO) connection between HENNGE Access Control and Chromebook
6.5. Disconnection of Google Workspace authentication
6.6. Connection with services that perform Single Sign-on (SSO)
6.7. User provisioning with services that perform Single Sign-on (SSO)
1. Preparations
1.1. Collection of HENNGE Device Certificate device information
* This item is for customers using HENNGE Device Certificate.
When issuing HENNGE Device Certificate, information about the target devices is required.
Please select the target devices and collect the necessary information in advance.
1.2. Consideration of HENNGE Access Control Operational Policies
Consideration of operational policies for HENNGE Access Control (rules for access control, items displayed on the login screen, etc.).
1.3. Configuration of HENNGE Access Control Operational Policies
Implement the operational policy of the considered HENNGE Access Control in the actual product settings.
・Login screen settings
・Password-related settings
・Secure Browsers (HENNGE Secure Browser) settings
・Device certificate settings
・Other settings
2. User synchronization from Active Directory to Google Workspace and HENNGE Access Control
* If synchronizing users from Active Directory to HENNGE Access Control, follow this section.
2.1. Organizing users in Active Directory
2.2. Installing Google Cloud Directory Sync and starting user synchronization (external link)
For details, please check with Google and Google Workspace resellers.
2.3. Installing HDEPasswordFilter.dll on all Domain Controllers (WS 2016 and later)
2.4. Installing HENNGE Directory Sync Tool
2.5. Creating an API client for running HENNGE Directory Sync Tool
2.6. Placing the HENNGE Directory Sync Tool configuration file (config.ini)
2.7. Running Assign-HDEOnePasswrdSyncGroup.bat
2.8. Setting passwords for synchronized user accounts
Change the passwords for all users undergoing synchronization once.
2.9. Confirming the settings of synchronized user passwords
2.10. Running the HENNGE Directory Sync Tool
3. Configuring user information synchronization from HENNGE Access Control to Google Workspace
* If synchronizing users from HENNGE Access Control to Google Workspace, follow this section.
3.1. Setting API authorization for user provisioning
3.2. Bulk registration / update / deletion of users
・Bulk registration of users
・Bulk update of users
・Bulk deletion of users
4. Setting up HENNGE Access Control access control on the end user side
4.1. Installing HENNGE Secure Browser
* This section is for customers using HENNGE Secure Browser.
4.2. Terminal authentication for HENNGE Secure Browser
* This section is for customers using HENNGE Secure Browser.
4.3. Setting up receiving OTP (One-Time Password) in the application
* This section is for customers using OTP.
4.4. Setting up receiving OTP (One-Time Password) via email
* This section is for customers using OTP.
4.5. Issuing HENNGE Device Certificate
* This section is for customers using HENNGE Device Certificate.
4.6. Installing HENNGE Device Certificate
* This section is for customers using HENNGE Device Certificate.
* If you are using a Chromebook, please perform the following steps in advance.
・Register Cybertrust DeviceiD Importer for Chromebook (English page is under preparation)
4.7. Checking the installation status of HENNGE Device Certificate
* This section is for customers using HENNGE Device Certificate.
4.8. Installing the application to load HENNGE Device Certificate
* This section is for customers using HENNGE Device Certificate on iOS devices.
Depending on the service that integrates with HENNGE Access Control, this section may be required. Please consult your implementation guide for details.
5. Setting HENNGE Access Control access control policies
5.1. Assigning access policy groups to users
5.2. Assigning browser policy groups to users
* This section is for customers using HENNGE Secure Browser.
6. Connecting HENNGE Access Control with Google Workspace
6.1. HENNGE Access Control and Google Workspace Single Sign-On (SSO) Connection Procedure
6.2. HENNGE Access Control and Google Workspace Single Sign-On (SSO) Connection Verification
6.3. HENNGE Access Control and Chromebook Single Sign-On (SSO) Connection Procedure
6.4. HENNGE Access Control and Chromebook Single Sign-On (SSO) Connection Verification
6.5. Disconnecting Google Workspace Authentication
6.6. Connection Procedure with Services Performing Single Sign-On (SSO)
If you have services other than Google Workspace that perform SSO, you can check the procedures with established connections from this section.