Before you install Google Cloud Directory Sync (GCDS), ensure you meet the following requirements.
Google Account
You need one of the following accounts:
- A Google Account or Cloud Identity account
- A Google Workspace or Cloud Identity super administrator account
GCDS server
Operating system
The GCDS server requires one of the following operating systems:
- Microsoft Windows
- GCDS is supported on Windows 7, 8, and 10, and Windows Server 2008, 2012, 2016, 2019, and 2022.
- You must be an administrator on the Windows server to install GCDS.
- Linux
- If you use a 32-bit version of GCDS on a 64-bit Linux system, install a 32-bit libc (such as libc6-i386).
- Install a Graphical user interface (GUI) on the GCDS server or access another server with a GUI. (If you use a different server, reauthorize the configuration file. For details, go to Use a configuration file with different machines or users.)
Hardware requirements
For optimal GCDS performance, we recommend:
- At a minimum, a 2 core processor.
- At least 5 GB of disk space for log files and data. If you run the DEBUG or INFO level of logging, you might need more free space for additional logging data.
- The amount of free random-access memory (RAM) required depends on the size of your data:
Note: You might need to increase the size of the free RAM. For details, see What if I'm seeing memory-related errors?
Number of entities* Recommended amount of free RAM Fewer than 10,000 1 GB 10,000–200,000 2–4 GB 200,000+ 8 GB * Entities include resources, such as users, groups, group members, organizational units, and contacts.
LDAP server
Microsoft Azure Active Directory (Azure AD) is not supported. If you want to sync with Azure AD, use Directory Sync.
All versions of LDAP are supported. You need:
- LDAP administrator access to your directory server
- Network access to your LDAP server (you don't need to run GCDS on your LDAP server)
- Read permissions in LDAP server for the organizational units that you want to sync
- An LDAP browser that can read and browse your LDAP directory server data
- GCDS access to the user information from the LDAP server
Network requirements
- Network access to your Google data through HTTPS directly or through a proxy server. Ensure ports 80 and 443 are open.
For details, go to Set up a Google Workspace host name allowlist.
- Access to one of the following ports to allow the SMTP server to send email notifications: 25, 465, or 587. You decide how to set up email notifications in Configuration Manager.
For details, go to Set your notifications.
- If required, access to TLS Certificate Authorities (CAs) for your network.
For details, go to Troubleshoot certificate-related problems.
- (Recommended) A network connection to your Google Account with no proxies or firewalls.
- GCDS uses the following APIs:
Encryption
- GCDS to LDAP:
- Encrypted by SSL when the connection type specified in Configuration Manager is LDAP+SSL.
- No encryption is used if the connection type is Standard LDAP.
- GCDS to Google connections are encrypted using HTTPS.
Level of effort & expertise
- LDAP directory—Familiarity with your LDAP data. It's also useful to be comfortable with LDAP query language.
- Network expertise—Experience with your network and security settings for internal and outbound traffic. Able to set up mail servers for notification traffic.
- Knowledge of your user base—Able to identify which LDAP entries represent current users and groups.
Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.