Configuring a Google Drive for Work Compact Security Provider

The Coveo Google Drive for Work Compact connector fully supports the Google security model. When you want users searching for Google Drive content in a Coveo search interface to only see the content to which they have access in Google Drive, the connector needs a security provider to be able to index the permissions for each indexed Google Drive item.

To configure a Google Drive for Work Compact security provider

1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

2. Select Configuration > Security.

3. In the navigation panel on the left, click Security Providers.

4. In the Security Providers page, click Add to create a new security provider.

5. In the Modify Security Provider page:

   

   1. Configure the following required parameters:

      Name

      Choose a meaningful name to identify the security provider.

      Example: Google Drive for Work Compact Security Provider

      Security Provider Type

      In the drop-down list, select Google Apps (x64).

      User Identity

      In the drop-down list, select (none).

      Activate domain-wide mode

      You must select this option when you plan to use this security provider with a Google Drive Compact (Google Apps) source type.

      Security Provider

      Select the security provider that you selected or created to allow this security provider to resolve and expand the groups (see Google Drive for Work Compact Connector Deployment Overview).

   2. Configure the following required parameters with the same values as the ones you will enter when configuring the source (see Configuring and Indexing a Google Drive for Work Compact Source):

      [Domain-wide mode] Managed domains

      Enter the domain that you want to index. When your Google Apps account contains more than one domain, you can enter a semicolon-separated list of domains to index. The security provider will resolve and expand groups for the specified domain(s).

      Examples:

      • One domain: mysubdomain.mycompany.com

      • Multiple domains: myfirstdomain.com;myseconddomain.com

      Service Account Email

      Enter the service account Email address previously obtained (see Authorizing the Coveo Connector to Access Your Google Drive).

      Example: 12345678901@developer.gserviceaccount.com

      Certificate File Path

      Note: This parameter can be left empty when you use the CertificateFileData hidden parameter (see CertificateFileData).

      Enter the path on the Coveo Master server where you saved the previously obtained service account's PCKS12 private key file (see Authorizing the Coveo Connector to Access Your Google Drive).

      Example: D:\CES7\Config\1234ab8e315e67a89e02f16ea38bd44d609471ff-privatekey.p12

      Domain Administrator Email

      Enter the domain admin account email used to obtain the list of users in the domain.

      Example: admin@domain.com

   3. Leave the Allow Complex Identities cleared as it does not apply to this type of security provider.

   4. Click Apply Changes.