====== Google Apps General ======
------------------------------------------------------------------------------------------------------------------------------------------------\\
====== Setup forwarding of email from the admin panel ======
From: https://support.google.com/a/answer/2368153?hl=en
Three Methods I use
1. forward all from user settings
2. set up a forwarding email group
a> forward all to forwarding group from settings
b> add members as recipients to group
3. Configuring a Default routing setting for a domain
a> In your Google Admin console (at admin.google.com)...
b> Go to Apps > G Suite > Gmail > Advanced settings.
c> Click Default routing.
d> Click Add setting and configure
e> https://support.google.com/a/answer/2368153?hl=en
From : Gsuite Support
From what I understand you wanted to configure a rule that will forward emails sent to an employee that is leaving the company to 2 other user accounts.
As discussed, there are several options to configure such a rule, but in our case we configured a default routing as per this Help Center article:
https://support.google.com/a/answer/2368153?hl=en
Another option is to forward emails from the Gmail Inbox of the user as per this Help Center article:
https://support.google.com/mail/answer/10957?hl=en
However, please keep in mind that, if you configure a forwarding rule in the Gmail inbox of the user and then delete the user account, the forwarding will stop working as well.
As promised, I'm also sending you another Help Center page with more information regarding the routing options in G Suite:
https://support.google.com/a/answer/6297084?hl=en
====== Groups ======
To setup as a public email address.
* Google Apps for Business **Admin Console**.
* click on the **Groups** option.
* click on top of the name of the group
* **access settings ... information ... advanced ... reset group ...Select a group type**
* set list to **email list**
* Select **Force reset of permissions and roles**
* press **reset group**
* **access settings ... Settings ... Moderation ... Spam messages**
* select **Skip moderation queue and post message to Group** from the 'Spam messages' section.
* Press **Save**
* **access settings ... Permissions ... basic permissions ... join the group ...**
* **only invited members**
* Press **Save**
* **access settings ... Permissions ... basic permissions ... post ...**
* Anyone on the web
* Press **Save**
* **access settings ... Permissions ... basic permissions ... View topics ...**
* Remove "All organizational members"
* Press **Save**
* **access settings ... Information ... General info ... Posting options**
* enable options **Allow posting by email**
* Disable **Allow users to post to the group on the web**
* Press **Save**
* **access settings ... information ... Content control ... Archive options**
* De-select **Archive messages to the group**
* Removes storage of messages for just the group
* All messages will remain in the forwarded to inboxes
* **access settings ... Roles ... Roles ... Owner**
* Add Member
* Select Me or the Admin person
* Press **Save**
====== Collaborative Groups ======
To setup as a public email address.
* Google Apps for Business **Admin Console**.
* click on the **Groups** option.
* click on top of the name of the group
* **accessed settings ... information ... advanced ... reset group ...Select a group type**
* set list to **Collaborative inbox**
* **accessed settings ... information ... advanced ... reset group ...Participants**
* set list to **All members of the group**
* Select **Force reset of permissions and roles**
* press **Reset this group**
* **accessed settings ... Settings ... Moderation ... Spam messages**
* select **Skip moderation queue and post message to Group** from the 'Spam messages' section.
* Press **Save**
* **accessed settings ... Permissions ... basic permissions ... join the group ...**
* **only invited members**
* Press **Save**
* **accessed settings ... Permissions ... basic permissions ... post ...**
* public
* note: the first time I tried this: the Group had ‘Public’ selected
* Press **Save**
* **accessed settings ... information ... general info ... posting options**
* enable options **Allow posting by email**
* Disable **Allow users to post to the group on the web**
* Press **Save**
* **accessed settings ... information ... Content control ... Archive options**
* De-select **Archive messages to the group**
* Removes storage of messages for just the group
* All messages will remain in the forwarded to inboxes
* **accessed settings ... Roles ... Roles ... Owner**
* Add Member
* Select Me or the Admin person
* Press **Save**
* **accessed settings ... Members ... All Members ... Select One ... Email Delivery**
* Select **Digest email**
* Press **Save**
====== POP access - Allow or disallow less secure apps to access accounts ======
From: https://support.google.com/a/answer/6260879?hl=en
Sign in to your Google Admin console.
Sign in using an administrator account, not your current account marcus.e.hall.jr@gmail.com
From the Admin console dashboard, go to Securityand thenBasic settings.
To see Security on the dashboard, you might have to click More controls at the bottom.
Under Less secure apps, select Go to settings for less secure apps.
====== SIL Group Instructions ======
From: http://googleapps.sil.org/overview/connecting-wycliffe-sil
SIL Website for support of Google Apps
====== SMTP Servers ======
From: http://support.google.com/a/bin/answer.py?hl=en&answer=174125
Name/Host/Alias Time to Live (TTL) Record Type Value/Answer/Destination
Blank or @ 3600 MX 1 ASPMX.L.GOOGLE.COM
Blank or @ 3600 MX 5 ALT1.ASPMX.L.GOOGLE.COM
Blank or @ 3600 MX 5 ALT2.ASPMX.L.GOOGLE.COM
Blank or @ 3600 MX 10 ASPMX2.GOOGLEMAIL.COM
Blank or @ 3600 MX 10 ASPMX3.GOOGLEMAIL.COM
====== Google Apps SMTP relay ======
From: https://support.google.com/a/answer/176600?hl=en
Google Apps SMTP settings to send mail from a printer, scanner, or app
three available options are: SMTP relay service, Gmail SMTP server and
Restricted Gmail SMTP server.
Google Apps SMTP relay (recommended) smtp-relay.gmail.com Port 25, 465, or 587 SSL/TLS protocols.
Gmail SMTP server smtp.gmail.com Port 465 (SSL required) - Port 587 (TLS required)
Restricted Gmail SMTP server aspmx.l.google.com Port 25 TLS not required
====== SMTP relay: Route outgoing non-Gmail messages through Google ======
2021-01-29
From
If you don’t require TLS encryption, you can configure your on-premise mail server to point to smtp-relay.gmail.com on port 25, port 465, or port 587.
From
We recommend that you configure your mail server to present a unique identifier (such as your domain name or the name of your mail server) in the HELO or EHLO command in the SMTP relay connections your server makes to Google.
From
In these cases, you need to configure your mail server to either ensure that the server is using SMTP AUTH to authenticate as a registered Google Workspace user or present one of your domain names in the HELO or EHLO command. See the instructions here.
From
====== Postfix ======
Follow the instructions below to set up the SMTP relay service for Postfix. These instructions are designed to work with a majority of deployments. There is no need to increase the timeouts for Postfix servers. The default timeout settings are appropriate.
To set up a smart host for Postfix:
1. Add the following line to your configuration file (example path /etc/postfix/main.cf):
relayhost = smtp-relay.gmail.com:25
From
If either is true, configure your mail server to either ensure that the server is using SMTP AUTH to authenticate as a registered Google Workspace user or to present one of your domain names in the HELO or EHLO command.
From
**What domain name to use in outbound mail**
Sepcify
myhostname = really.good.one
good.one must be the domain you are sending from and to
The myorigin parameter specifies the domain that appears in mail that is posted on this machine. The default is to use the local machine name, $myhostname, which defaults to the name of the machine. Unless you are running a really small site, you probably want to change that into $mydomain, which defaults to the parent domain of the machine name.
For the sake of consistency between sender and recipient addresses, myorigin also specifies the domain name that is appended to an unqualified recipient address.
Examples (specify only one of the following):
/etc/postfix/main.cf:
myorigin = $myhostname (default: send mail as "user@$myhostname")
myorigin = $mydomain (probably desirable: "user@$mydomain")
From
====== Google APPS move email from one user to another ======
* Use Google Apps Migration for Microsoft Exchange
* create cvs file with from and to account
* Like user.fullemailaddress@domain.name#Password, toemail.address@domain.name
* Use Admin account to sign in
migration between Google Apps accounts
From: https://tools.google.com/dlpage/exchangemigration
From: https://support.google.com/a/answer/180898?hl=en
best tool available for this is Google Apps Migration for Microsoft Exchange, with this you will be
able to migrate all of the emails or if you want to migrate only a portion you can do it as well by
setting dates,
====== Split Delivery ======
Split delivery set up using the Default routing.
add a host
APPS ... Google Apps ... Settings for Gmail ... Advanced Settings ... Hosts ... add route
Add default routing
APPS ... Google Apps ... Settings for Gmail
From: https://support.google.com/a/answer/2368153?hl=en
From: http://blog.shuttlecloud.com/google-apps-forwarding/
From: https://support.google.com/a/search?hl=en&query=split+delivery
You may refer to this article that explains how to add a new host to the account https://support.google.com/a/answer/2614757?hl=en,
{{ :service:googleapps:2014-10-27_17_12_05-admin_console.png?340 |Add Host}}
and this other how to configure default routing settings https://support.google.com/a/answer/2368153?hl=en.
{{ :service:googleapps:2014-10-27_17_08_16-admin_console.png?340 |Add Default routing 01}}
{{ :service:googleapps:2014-10-27_17_11_27-admin_console.png?340 |Add Default routing 02}}
====== Google Docs Sync Alternatives ======
From: http://www.syncdocs.com/
Improved Google Drive Sync and Backup
From: https://www.insynchq.com/features
Multiple Accounts
Sync any files outside insync directory
10 per year
====== Set up Google Sync with your iOS device ======
From: https://support.google.com/a/answer/138740?hl=en&ref_topic=1220873
====== Features ======
From: https://support.google.com/a/users/answer/161771
====== Known iOS issues ======
From: https://support.google.com/a/users/answer/139635?hl=en
====== POP receive access stopped receiving email on iPhone ======
reset gmail account
From: https://support.google.com/a/users/answer/139635?hl=en
Invalid Password Prompt. If you see an error message that reads "Invalid Password", it's
likely that you'll need to unlock your account by solving a short CAPTCHA. Go to
https://www.google.com/accounts/UnlockCaptcha
and, if asked to, fill in your email address, password, and the letters in the CAPTCHA box.
====== Google Apps Sync does NOW works with Office 2013 Click-to-run ======
May have been corrected aronud this time 2014-01-01
From: http://productforums.google.com/forum/#!topic/apps/b6q0wCG3ag0%5B1-25-false%5D
[Digital River is Microsoft’s partner for fulfillment on online distribution for downloadable
Microsoft products.] All links is from Digital River, same as the Download Office 2013 Language Packs
direct links. They are 100% safe and comes direct from Microsoft. All versions is Retail so you need a
legit key to install them
==== Possible Fix ====
From:http://www.syncfix.net/about-syncfix/what-is-syncfix/
SyncFix is a simple “run once” tool that fills in the missing links that prevents Google Apps Sync
from working with Outlook Click to Run editions
====== Office 2013 Direct Download Links ======
From: http://www.heidoc.net/joomla/technology-science/microsoft/73-office-2013-direct-download-links#
With the release of Office 365, Microsoft Office is now tightly integrated with the Cloud, Skydrive,
the Windows Live services etc. As a result of this change, the majority of the download versions of
the Office 2013 applications is no longer delivered as publicly available files on the Digital River servers,
but directly streamed onto the client devices from Microsoft's servers. There is also an alternative download
source with the backup images directly from Microsoft. Both download sources make up a complete repository or
all Office 2013 downloads.
====== Advanced Search Operators Parameters ======
From: https://support.google.com/mail/answer/7190?hl=en
Advanced search operators are query words or symbols that perform special actions in Gmail search.
These operators allow you to find what you're looking for quickly and accurately. They can also be
used to set up filters so you can organize your inbox automatically. Some of the most useful
operators are listed below.
====== Google Apps Migration for Microsoft Outlook® ======
Download: https://support.google.com/a/users/topic/28813?hl=en&ref_topic=1688516
From: https://support.google.com/a/users/topic/28813?hl=en&ref_topic=1688516
You can use Google Apps Migration for Microsoft Outlook® to import data from a
Microsoft® Exchange account or PST file
=== Requirements ===
==== 1: ====
From:https://support.google.com/a/answer/176213#gappsreqs
Google Apps Migration for Microsoft Outlook® is available with any edition of Google Apps.
Google Apps for Business / Education customers: Before your users can migrate Microsoft® Exchange
and PST data to Google Apps, you need to set the Email Migration API (EMAPI) option in the Google Admin console:
Sign in to the Google Admin console.
From the dashboard, click Apps, then click Google Apps > Gmail > User settings.
Scroll to User email upload.
Check the box for "Allow users to upload mail using the Email Migration API."
Note: If you're using the free edition of Google Apps, you don't have to do this.
====2: ====
From: https://support.google.com/a/answer/2790331?hl=en
Still need this on to use GAMMO
Configure the Admin console
Step 1: Enable Domain Admin API access
Sign in to the Google Admin console.
From the dashboard, go to Security > API reference. Where is it?
Check Enable API access.
Click Save changes.
====== Exchange Sync ======
From: http://support.google.com/a/bin/answer.py?hl=en&answer=172212
* Set API - Dashboard ... Security ... API Reference ... Enable API Access
* OAuth - Dashboard ... Security ... Advanced Settings ... Manage OAuth Domain Key ... Enable this consumer key ... Save
* Copy OAuth Key and OAuth consumer secret:
* OAuth - Dashboard ... Security ... Advanced Settings ... Manage third Party OAuth Client Access ... Manage API Client Access
* enter key (domain name)
* Enter
https://apps-apis.google.com/a/feeds/emailsettings/2.0/,
https://apps-apis.google.com/a/feeds/user/#readonly,
https://www.google.com/calendar/feeds/,
https://www.google.com/m8/feeds/,
https://www.googleapis.com/auth/apps.groups.migration,
https://apps-apis.google.com/a/feeds/migration/,
https://apps-apis.google.com/a/feeds/group/#readonly
* Authorize
==== GAMME Sync ====
* Outlook must be 2003 SP3 or better
* hostname: 192.168.1....
* Exchange Service account domain\admin but only the username
* Google Domain: domain name
* Google Consumer Key: domain
* Customer Secret: OAuth ... https://admin.google.com/AdminHome?pli=1
* check calendar ... email ... contacts
* Next ... Yes
* After Success on all levels... start
==== Create csv file ====
http://support.google.com/a/bin/answer.py?hl=en&answer=2790320
====== Outlook Sync ======
https://tools.google.com/dlpage/gappssync
https://support.google.com/a/users/answer/153871?hl=en
====== Mac Google Apps ======
From: http://mailplaneapp.com/tour.html
Love Gmail? Mailplane makes it even better.
From: http://mac.appstorm.net/roundups/internet-roundup/ultimate-collection-of-google-related-mac-apps/
Ultimate Collection of Google Related Mac Apps
====== Google Apps Directory Sync ======
From: http://commondatastorage.googleapis.com/enterprisetraining/gapps/admin/DirSync_GoogleApps/en/DirSync_GoogleApps.html
Download From: http://support.google.com/a/bin/answer.py?hl=en&answer=106368
===== Common Queries =====
Note: Active Directory
From: http://www.google.com/support/enterprise/static/gapps/docs/admin/en/gads/3.2.1/admin/ldap.5.4.html#1004916
Rule: (objectcategory=group)
Rule: (objectclass=group) Exchange 2003 groups
Rule: (objectclass=user) Exchange 2003 Users
User: CN=John Doe,CN=Users,DC=domain,DC=local
Base: CN=Users,DC=Domain,DC=local
====== LDAP Utilities ======
jxplorer
ldp.exe
Adsiedit.msc
http://serverfault.com/questions/294191/is-my-ad-already-an-ldap-server
Having said all that, I prefer ADExplorer from Sysinternals to a plain-jane LDAP browser.
It's a little easier to use, since it's meant for use with AD specifically.
es, Domain Controllers speak LDAP.
LDAP port 389
LDAP+SSL port 636
As we run Google Apps Directory Sync directly on a DC, I just use port 389. You do, of course, have the option to connect using LDAP+SSL.
Windows Server 2003
Building on the foundation established in Windows 2000 Server, the Active Directory service in Windows Server 2003 extends beyond the baseline of LDAP compliance into one of the most comprehensive directory servers offering a wide range of LDAP support. Accordingly, the Windows Server 2003 Active Directory service introduces a number of new LDAP capabilities targeted for IT professionals and application developers. Some of the latest LDAP features include:
•Dynamic Entries - Active Directory can store dynamic entries allowing the directory to assign Time-To-Live (TTL) values to determine automatic entry deletion.
•Transport Layer Security (TLS) - Connections to Active Directory over LDAP can now be protected using the TLS security protocol.
====== LDAP Object Naming ======
http://technet.microsoft.com/en-us/library/cc977992.aspx
====== Notes on Setup ======
* setup Split Email delivery
* Setup MX records to point to Google
* Input email users
* For migration from Exchange
* Coordinate passwords (change to Google Format)
* Send copy of email in Exchange to domain.test-google-a.com
* GAMME the email to Google Apps
* Change any internal routing SMTP servers if they are still in MX record list
* Configure Phone
* Configure Client software on machines if the user wants to use a client instead of web
====== Introduction for Users ======
From: https://sites.google.com/site/appsenterpriselaunchsite/outlook-users
Welcome to Google Apps!
Moving to the cloud is easy! Let us guide you through your first days with Google Apps and beyond.
====== Settings for IMAP and POP ======
Setup other email clients: [[service:gmail|Settings for IMAP and POP]]
====== Command Line Gam Manager ======
From: https://code.google.com/p/google-apps-manager/wiki/DomainSettingsExamples
Dito GAM is a command line tool which allows Administrators to control their
Google Apps domain and accounts. With GAM you can create users, turn on/off
services for users like POP and Forwarding and much more.
See: http://www.ditoweb.com/google-apps-for-hi-tech
====== Password Characters ======
From: http://technet.microsoft.com/en-us/library/cc786468(v=ws.10).aspx
Active Directory special characters
~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
====== Help ======
From: http://www.enterprise-expert.com/2011/10/google-apps-directory-sync-tips-tricks.html
====== Custom URL for Services ======
CNAME points to ghs.googlehosted.com.
====== Mail routing and delivery: Guidelines and best practices ======
From: http://support.google.com/a/bin/answer.py?hl=en&answer=2685650
Mail routing and delivery options are accessible from multiple locations on the Gmail settings page -- including Advanced Settings, the Hosts tab, and the Default routing tab
From: Luke losin
Hi Marcus,
Here is the what my sales engineer had to say. Let me know if this helps.
"The answer depends on how the customer sets up their split delivery.
If they choose to route messages for unrecognized addresses (not setting up these users in Google Apps) the messages will be checked for spam, however they will simply pass through and be delivered to the legacy server. By clicking the Add X-Gm-Spam header check box, you also add a special header tag to indicate the spam status of the message:
• The number 0 in the header indicates a message is not spam: X-Gm-Spam: 0
• The number 1 indicates that a message is spam: X-Gm-Spam: 1
By choosing this option, an administrator at a downstream server can set up rules that will handle spam in a different manner than clean mail.
If they choose to create users in Google Apps, while still passing on messages for these users to a legacy server, then they can use the Receiving Routing section and set up a dual or split delivery that provides an option of whether or not to filter out the messages for spam. If they would choose to filter them out, those messages would only be available in the Gmail spam folder and not passed along.
This page highlights all the mail routing options available. The 'default routing' option allows for unrecognized addresses to be forwarded and the 'receiving routing' option allows for provisioned Google Apps users to be routed. "
====== Logo ======
From: http://support.google.com/a/bin/answer.py?hl=en&answer=36726
recommended size of 143 x 59 pixels
====== Creating Aliases in Google Apps Email for Non-Users ======
From: http://webapps.stackexchange.com/questions/3425/creating-aliases-in-google-apps-email-for-non-users
Open the "Settings" tab at the top, select "Email" under "Services" from the menu at the left, then select the "Default routing" tab. Click "Add Setting".
You can now decide between "Single recipient" or "Pattern match" if you have more than one. I chose to use a pattern. My pattern looks something like:
(alias1|alias2|alias3)@mydomain.com
Make sure that "Modify message" is selected, and check "Change envelope recipient". Now you can use "Replace recipient" and enter a new address like something@otherdomain.com (or, depending on how things are set up, "Existing-username@" might work for you)
Note: This is a paid Business Apps account, and I don't know if all of these settings exist for free accounts. YMMV.
One more way to do this in Google Apps is to use a "group". A group is like a mailing list. Here are the steps you can follow:
" Manage This Domain" (for domain1.com)
" Email Settings"
" Users and Groups"
" Create a New Group". Fill-in your details. In your case, the group email address will be "guy". Make sure you choose "Team" and "Also allow anyone on the Internet to post messages""
" Add new members". Here, you should add "guy@domain2.com"
From now on, whenever anybody sends email to "guy@domain1.com" it will automatically go to guy@domain2.com .
Another way to achieve something similar (but not exactly what you are asking for) is to choose "Manage This Domain" (for domain1.com) --> "Domain Settings" --> "Domain names" --> "Add a domain alias" and then add domain2.com as a domain alias.
====== Five Google App security settings you should have already changed ======
From: http://www.techrepublic.com/blog/google-in-the-enterprise/five-google-app-security-settings-you-should-have-already-changed/1185
* Enable SSL
* Increase minimum required password length
* Enable and configure 2-step authentication for user accounts
* Designate two accounts as administrators OR set the secondary email address to that of an account also secured by two-factor authentication
* Keep your Google Apps customer and support PIN and phone numbers secured offline
====== Google Apps: The Missing Manual By Nancy Conner ======
[[http://books.google.com/books?id=SZtsFe66zucC&lpg=PA6&ots=r29jMbCRgR&dq=google%20password%20symbols&pg=PP1#v=onepage&q=google%20password%20symbols&f=false|Google Apps: The Missing Manual]]
====== Active Directory sync tool ======
Our Active Directory sync tool is in fact a one-way sync (Active Directory -> Google), and it can in fact be used on an ongoing, as needed basis. It is important to note that it will only sync from Active Directory to Google, and not the other way around.
====== archive the emails/info from previous employees ======
The best solution to archive the emails/info from previous employees is in fact to create an 'archive@' alias in which you can back up all of your 'legacy' employee's data
====== Application-specific password required ======
From: https://support.google.com/mail/answer/1173270?hl=en
An application-specific password is similar to a verification code in that you don't have to memorize it. However, application-specific passwords are longer than verification codes and you do not enter them into web browsers. In addition, you do not get application-specific passwords from your phone -- instead, to generate an application-specific password:
====== password selection tips ======
From: https://accounts.google.com/PasswordHelp
How safe is your password?
The first step in protecting your online privacy is creating a safe password - i.e. one that a computer program or persistent individual won't easily be able to guess in a short period of time. To help you choose a secure password, we've created a feature that lets you know visually how safe your password is as soon as you create it.
Tips for creating a secure password:
Include punctuation marks and/or numbers.
Mix capital and lowercase letters.
Include similar looking substitutions, such as the number zero for the letter 'O' or '$' for the letter 'S'.
Create a unique acronym.
Include phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh'.
Things to avoid:
Don't reuse passwords for multiple important accounts, such as Gmail and online banking.
Don't use a password that is listed as an example of how to pick a good password.
Don't use a password that contains personal information (name, birth date, etc.)
Don't use words or acronyms that can be found in a dictionary.
Don't use keyboard patterns (asdf) or sequential numbers (1234).
Don't make your password all numbers, uppercase letters or lowercase letters.
Don't use repeating characters (aa11).
Tips for keeping your password secure:
Never tell your password to anyone (this includes significant others, roommates, parrots, etc.).
Never write your password down.
Never send your password by email.
Periodically test your current password and change it to a new one.
====== 2-step verification ======
From: http://support.google.com/a/bin/answer.py?hl=en&answer=2548882
If you will require 2-step verification of all users in the domain or within an existing organizational unit (OU), you may skip this step. If you need to have a different 2-step verification setting for a select group of users within an organization, create an admin-managed group containing all such users.
====== Google Apps Password Sync for Active Directory ======
From: http://support.google.com/a/bin/answer.py?hl=en&answer=2611859
Google Apps Password Sync (GAPS). For businesses that use Microsoft Active Directory® (AD), we’ve added new capabilities to synchronize and manage passwords. Businesses can manage password policies (e.g. password strength, reset intervals, etc.) using AD and then synchronize from AD to Google Apps when passwords are changed. Passwords are transmitted hashed and encrypted during synchronization.
====== Gmail Setup ======
[[service:gmail|Gmail Setup]]