Hello team,
I have two questions about using the Netskope Directory Importer with our current environment:
Multi‑Domain Synchronization
We are migrating from the domain ejemplo.co to ejemplo.com. Since we manage users and groups in Google Workspace (and do not use Active Directory), I’d like to confirm:
-
Can the Directory Importer sync both domains simultaneously (
ejemplo.coandejemplo.com)? -
If that’s not supported, what is the recommended best practice?
Note: Directory Importer supports only one base DN per LDAP configuration, so typically one importer is required per domain community.netskope.com+14community.netskope.com+14community.netskope.com+14community.netskope.com.
Importing Groups with External Users
We currently maintain a “Providers” group in Google Workspace that includes users from external domains, such as user@apple.com. Specifically:
-
Is it possible to import such groups—including external users—using Directory Importer?
-
What configuration steps or restrictions should we be aware of?
-
How can we avoid manually creating these external users in the Netskope tenant?
Additional Context
-
We opted for Directory Importer because we don’t have Active Directory, and we're leveraging Google Workspace Secure LDAP to provision users and groups community.netskope.com+8community.netskope.com+8docs.netskope.com+8.
-
Community feedback confirms that each domain typically requires its own Directory Importer instance .
Summary of Questions:
-
Can we synchronize both domains (
ejemplo.co+ejemplo.com) into a single Netskope tenant via Directory Importer? If not, what’s the recommended method (e.g., one importer per domain, SCIM, etc.)? -
Can we import groups containing external-domain users (e.g., apple.com) from Google Workspace with Directory Importer? What setup or limitations exist, and how can we ensure full import without manual intervention?
Thanks in advance for your guidance.
Best regards,
Andrés González
