Google Workspace Connection

Learn how to create a connection to Google Workspace.

On This Page

Overview Creating a Connection Creating a Connection to Multiple Domains Features and Limitations Author Preservation Externally Shared Content Box to Google Path Lengths Restricted Types Google Documents Google Shortcut Links Microsoft Office Documents Non-Transferable File Types and Elements Slashes in Folder Name Versioning and Simulation

Overview

The Google Workspace (formerly G Suite) connector in DryvIQ enables you to analyze, migrate, copy, and synchronize files between your Google Workspace account and cloud storage repositories, as well as on-premises network file shares. The first step is to create a Google Workspace connection by providing the required connection information for DryvIQ to connect to the platform/server. 

Google Workspace Service Account Required

Migrating documents from Google Workspace requires a Google Workspace service account with administrative privileges. The service account allows the DryvIQ Platform to act on behalf of users using the Google Workspace API. Refer to “Creating a Google Workspace Service Account” for instructions on how to create the service account.

 

 

Creating a Connection

  1. Expand the Manage section in the left navigation menu.
  2. Click Connections.
  3. Click Add connection.
  4. Select Google Workspace as the platform on the Add connection modal.
  5. Enter the connection information. Reference the table below for details about each field.
  6. Test the connection to ensure DryvIQ can connect using the information entered.
  7. You will see a green "Connected” message at the bottom of the modal when DryvIQ establishes the connection. (If the connection fails, verify the information you entered.)
  8. Click Done.

 

Field Description Required
Display as

Enter the display name for the connection. If you will be creating multiple connections, ensure the name readily identifies the connection. The name displays in the application, and you can use it to search for the connection and filter lists. The maximum length is 255 characters.

 Optional
 
Service account email Enter the email address created during the Service Account creation process. It will resemble <service-account-name>@<project-id>.iam.gserviceaccount.com Required
Private key

Enter the x509 private key. This is the value created when creating the new private key when creating a new Service Account in the Google IAM & admin Console. It will begin with -----BEGIN PRIVATE KEY----- and end with -----END PRIVATE KEY-----.

 

You can click the Choose a file on your computer link to import the key from a file on your computer. Use the file upload dialog that appears to locate the file that contains the key you want to use. 

 Required
Subject email

Enter the email address for an administrator account with elevated privileges (such as a super admin or global admin account). The account is used on the initial connection to ensure DryvIQ can access the users and folders.

 

If you create a job using impersonation, that setting will override the account added here.

 Required
Drive Space

Select the level where the connection should be made.

 

My Drive: This is the default entry. When selected, the connection will be made at the "My Drive" (the highest) level of the account.

 

Unorganized: Selecting this option creates a connection to the unorganized content in the account. Unorganized files are files that are orphaned. This means the file exists but isn’t a part of a file structure. This happens when parent folders get deleted. These files can only be found by searching the drive for "is:unorganized owner:me." 

 

Shared with me: This creates the connection to the shared content (content available through the "Shared with me" menu option within the account).

Optional
Domain

Enter the target domain name (for example, your-domain.com).

 

If you do not include the domain for the Subject Email, you must include the domain in this field. This domain will then be used as the domain for the account.  

Optional
Token uri Enter the custom authentication URI. If not supplied, the default is used ( https://accounts.google.com/o/oauth2/token).

Optional
Preserve content type

Indicate if DryvIQ should try to preserve files in their original content type. This feature is primarily used for transferring data between Google accounts.

 

The default value is No. This means that an upload content type is not specified. Most files will retain their original content types. However, Google native documents and Microsoft Office files will transfer as Microsoft Office files.

 

Selecting Yes will preserve files in their original content type. Google native documents will transfer as Google native documents. Microsoft Office files will transfer as Microsoft Office files. 

Optional
Import as Google native documents

Indicate if DryvIQ should import Microsoft Office documents as Google documents. This feature is mainly used when transferring from any platform, such as Box to Google.

 

The default value is No. This means Microsoft Office files will be preserved as their original content type. 

 

Selecting Yes will import all Microsoft Office files as native Google documents.

Optional
Behavior When Deleting Items
 

Select the type of deletion DryvIQ should perform when deleting items: Permanent or Soft.

 

Soft delete is the default behavior. A soft delete marks items as deleted. You can still access them to restore or permanently delete the items.

 

Permanent delete is the recommended behavior. A permanent delete removes the items. This deletion is not reversible.

 Optional
 
Allow File Discovery

Indicate if files with shared links should be searchable.

 

The default value is No. This means that only users with whom the file has been shared can find and access the file. 

 

Selecting Yes sets the "People can search for this file" setting in the file link settings to TRUE. This means any files with shared links can be found and accessed by any user through the search.  

Optional
Read-only Access

Specify if the connection should be created with read-only access.

 

The default value is No. This means the connection will be created with access granted to the account used to make the connection.

 

Selecting Yes creates the account with read-only access. The configuration for the Google account used to make the connection must match the access level for read-only access to be applied properly. 

Optional
Impersonate Owner During Delete

Indicate if you want DryvIQ to impersonate the item owner when performing deletes.

 

The default value is No. This means that DryvIQ will attempt to delete an item as the current user being impersonated. If the user does not own the item, DryvIQ will not be able to delete it. You will need to delete the item manually.  

 

Selecting Yes allows DryvIQ to impersonate the item owner so the item can be deleted. This reduces the number of manual deletions you need to complete.

 

Google does not support impersonating external users, so DryvIQ cannot delete items owned by external users. The delete will fail, and you will need to delete the item manually. 

Optional

Creating a Connection to Multiple Domains

DryvIQ supports creating a connection with access to multiple domains within an enterprise.

  • Ensure that you use an Admin account with full access to the corresponding domains.
  • Omit the domain name when creating the connection.
  • Use the admin account as the subject/Subject email when creating the connection.

Features and Limitations

Platforms all have unique features and limitations. DryvIQ’s transfer engine manages these differences between platforms, allowing you to configure actions based on Job Policies and Behaviors. The information below is platform-specific. Use the Platform Comparison‍ tool to see how your integration platforms may interact regarding features and limitations.

Supported Features Unsupported Features Other Features/Limitations
Version Preservation‍  File Lock Propagation‍  File Size Maximum‍: 5 TB
Timestamp Preservation‍  Mirror Lock Ownership‍  Invalid Characters‍: /

Author/Owner Preservation‍ 

See below for more information.

 Tags Map‍ 

Path Length Maximum:‍ N/A

See below for more information.
Account Map‍   

Segment Path Length‍: 500

See below for more information.
Group Map‍    Restricted Types‍ 
Permission Preservation‍    No leading spaces in file name/folder name 
User Impersonation‍    No trailing spaces before or after file extensions
Metadata Map‍     

Author Preservation 

The Google Shared Drive connector uses per-request impersonation. When Google Drive is the destination connection, DryvIQ must make requests to the platform on behalf of the account owner, not the administrator. To ensure “Created By” and “Modified By” dates are preserved during migration, the destination connection must also impersonate the corresponding account owner. 

Externally Shared Content Box to Google

Externally shared content will migrate from Box to Google. External users will receive an email notification from Google, indicating that content has been shared with them. On the Google platform, you can see the permissions applied to the external collaborator under “Manage Access.”

Path Lengths 

Google does not impose restrictions on the total path length. However, segment path lengths are limited to 500 characters. Segments are delimited by a forward slash (/). For example, <max 500 characters>/<max 500 characters>.

Restricted Types 

Google Shared Drives has the following restrictions and limitations for content. DryvIQ will handle the content as indicated. 

Google Documents

Native Google documents will be handled as indicated below. 

  • Although some platforms, such as Box and Dropbox, support Google Docs, DryvIQ does not currently support transferring them to Google Shared Drives.
    • When transferring Google Docs from Google Shared Drives to another platform, DryvIQ will export the documents as Microsoft Office documents.
    • Google Docs converts to DOCX  files.
    • Google Slides converts to PPTX files.
    • Google Sheets converts to XLSX files.
    • Google Drawings converts to SVG files.
    • Google Apps Script converts to JSON files.
  • Google Forms, Fusion Tables, Sites, and My Maps are not available for download in Google Shared Drives. This means DryvIQ is prevented from transferring these items. The expected behavior is that the item will be flagged with the error message "IO Violation and message:Downloading content is not supported for file...".

Google does not allow downloading of native link files that appear on the Google platforms. DryvIQ will filter these files out of the migration job and log the reason for skipping them for reference.

Microsoft Office Documents

When transferring Microsoft Office documents to Google Shared Drives, you can choose to either keep their original format or import them as Google Docs when setting up the connection.

Non-Transferable File Types and Elements

The following file types and elements cannot be transferred. 

  • Sites, Forms, Fusion Tables, My Maps, and Google Workspace Marketplace are all files that are not transferable.
  • Comments in Docs, Sheets, and Slides are not transferable.

Slashes in Folder Name

Forward slashes (/) are invalid characters; however, DryvIQ allows “/“ in folder names only when manually building the path for the job or scan in the user interface. When creating a job or scan, it will fail to run if you copy and paste the root path with a “/” in the folder name. Also, you cannot include a slash in a folder name when creating a job or scan using the DryvIQ REST API.

Versioning and Simulation

The API can only calculate the size of the current version for native Google documents. When running a simulation job with versioning enabled, only the size of the current version of the file is displayed. The size of the other versions will not be calculated for these documents. 

 

Related Articles

Creating a Migration Job
Google Workspace (REST API)
Overview Report Using REST API
Google Drive Ownership in Migration