Tag Archives: Admin Console

Reminder: Absolute metrics removed from Admin console Reports API on 5/29

As a reminder, we’re removing some Drive metrics from the Admin console Reports API starting May 29th, 2018. Specifically, we’re removing absolute count metrics, which have been replaced by activity based metrics. This was announced a year ago, and the Admin console user interface was updated in October. The old metrics will no longer be available through the Reports API from May 29th.

More Information 
G Suite Developers blog post (April 2017): New Google Drive metrics now accessible from Reports API 
G Suite Updates blog post (October 2017): Google Drive reporting will show activity-based metrics in the Admin console 

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Making Admin Quarantine easier, quicker, and safer

Admin Quarantine helps your organization prevent spam, minimize data loss, and protect confidential information. G Suite admins can set up and manage quarantine policies to divert emails that pose a risk before they’re sent or delivered. They can then review those emails and take appropriate action to protect their organization and its data.

In response to your feedback, we’re making it easier to see why emails have been quarantined directly in the Admin Quarantine interface. This information will make it quicker to review emails and easier to identify the right action. Admins will be able to see:


  • The specific rule that was triggered to cause the email to enter Admin Quarantine 
  • The matched content (when applicable). 



Users with the “Access Admin Quarantine” or “Access restricted quarantines" admin privileges will have access to this new information in the Admin Quarantine.

For more information, please visit the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace: 
Full rollout (1–3 days for feature visibility)

Impact: 
Admins only

Action: 
Admin action suggested/FYI

More Information 
Help Center: Set up and manage email quarantines


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Twelve third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just once. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are many applications with pre-integrated SSO support in our third-party apps catalog already.

Building on other recent launches (February 27th, March 12th, March 29th), we’re adding SAML integration for 12 additional applications:
  • Black Duck 
  • Brightcove
  • Chartio
  • Duo
  • Hootsuite
  • Jenkins
  • Jostle
  • Mango Apps 
  • SumTotal 
  • TextMagic 
  • Veracode 
  • Zinc 



Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details 
Release track:
Launching to both Rapid Release and Scheduled Release

Editions: 
Available to all G Suite editions 

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
Admins only

Action: 
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO 


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Define rules to handle Gmail confidential mode messages

In April, we introduced the new Gmail, including a feature called confidential mode, which helps you protect sensitive content in your emails by setting expiration dates or revoking access to previously sent messages. This feature is now launching to consumer Gmail users only. As previously announced, it will launch to G Suite users at a later time. As a G Suite admin, you can define rules to handle confidential mode messages sent from consumer users to G Suite users in your domain.

Create a compliance rule to block incoming messages and more
For detailed instructions on how to set up rules for content compliance in your domain, please see this Help Center article. Gmail confidential mode will be listed as an attribute under “Metadata match.”



Stay tuned to the G Suite Updates blog for more information when confidential mode launches to G Suite users.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1–3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Set up rules for content compliance

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Google Mobile Management now supports managed configurations for Android apps

Some apps designed for enterprises include built-in settings called “managed configurations” that IT admins can set up remotely. For example, many VPN apps offer automatic setup, meaning people don’t have to take lengthy and confusing steps to begin using VPN . These managed configurations save admins valuable time and allow them to easily deploy otherwise complex settings arrangements. With this launch, we’re making it possible to set up managed configurations for Android apps using advanced mobile device management from Google Mobile Management.

To set up managed configurations by organizational unit (OU) or group, visit Device Management > App Management > Manage Applications for Android Devices > Whitelisted Android Apps in the Admin console and select the “App Distribution and Configuration” for the app you’re looking to configure. For step-by-step instructions, visit the Help Center.



To check if an app supports managed configurations, visit the managed Google Play store and click on the app you’re interested in. If the app supports managed configurations, it’ll be noted under the “Approve” or “Buy” button.


We hope this will make it easier for G Suite admins to deploy the Android apps their users need most, with the built-in settings that work best for their organization.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to G Suite Business, Enterprise, and Enterprise for Education editions only

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Manage apps on mobile devices
Help Center: Managed app configuration


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Automatically provision users with six additional apps

When auto-provisioning is enabled for a supported third-party application, any users created, modified, or deleted in G Suite are automatically added, edited, or deleted in the third-party application as well. This feature is highly popular with admins, as it removes the overhead of managing users across multiple third-party SaaS applications.

We’ve heard continued positive feedback from admins, so we’re adding auto-provisioning support for four new applications:
  • DeskPro 
  • Federated Directory
  • Front App
  • ScreenSteps
  • ThousandEyes
  • Trello

Customers subscribed to G Suite Education, G Suite Business, and G Suite Enterprise editions can enable user auto-provisioning in all supported applications. Customers on G Suite Basic, G Suite Government, and G Suite Nonprofit can configure auto-provisioning for up to three applications from the supported list. For more information on how to set up auto-provisioning, check out the Help Center.

Launch Details 
Release track:
Launching to both Rapid Release and Scheduled Release

Editions: 

  • G Suite Education, Business, and Enterprise customers can enable auto-provisioning for all supported applications 
  • G Suite Basic, Government, and Nonprofit customers can enable auto-provisioning for up to three applications 

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
Admins only

Action: 
Admin action suggested/FYI

More Information 
Help Center: Automated user provisioning
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

More improvements to user management in the Admin console

We’re updating the User lists interface in the Admin console to make it easier to see, find, and manage users. These user list improvements build on the improvements to the user details experience we recently announced.

Find users with improved search and new filters

The new user list view lets you view users in all or some organizational units (OUs), search for and filter users, and take actions on specific users. You can:


  • Find users with filters: You can now filter by admin role, job title, department, user status, and more.
  • Download or export filtered lists: Once you filter, you can download a list of users with those filters applied.
  • Improved search: Find users quickly using powerful new search features, including the ability to search within specific OUs and by user attributes.
  • Customize your view: Customize the columns displayed in the table to see all the info you need in a single view.


Learn more about filtering and searching here.

Take quick actions on users directly from the list

  • Change individual user info: Hover over a user to take quick actions including reset password, rename user, suspend, delete, or restore user account, change organizational unit, and more.
  • Update multiple users with bulk actions: Quickly edit info for multiple users with bulk actions such as add to group, email users, delete accounts, and more.

Easily manage organizational units


There’s a new section dedicated to simpler management of organizational units. Here, you can easily create, move, and manage organizational units.



Learn more about managing user accounts in the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Add users
Help Center: Manage user accounts
Help Center: Apply policies to different users

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Display your organization’s brand in the Google bar

We’re updating the Google bar to feature your brand. Along with some small changes to the bar’s look and feel, we’ll soon show your domain’s logo next to a user’s picture (or initials or avatar) at the top of many G Suite services, like Calendar and Drive.


You can add an image for your organization in the Admin console at Company profile > Personalization; until you’ve done so, we’ll show the G Suite logo instead.

Note that this will roll out across G Suite services slowly, so you may not see it in all of your apps for some time.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Extended rollout (potentially longer than 15 days for feature visibility)

Impact:
Admins and end users

Action:
Admin action suggested/FYI

More Information
Help Center: Add your logo


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Session length controls for domains using SAML

In March, we introduced a setting that allows G Suite Business, Enterprise, and Education admins to specify the duration of web sessions for Google services (e.g. four hours, seven days, or infinite). At the time, this setting only applied to domains where Google was responsible for the login (i.e. where Google was the Identity Provider). We’re now extending the reach of this setting and making it applicable in domains that federate to another Identity Provider (IdP) using SAML.


Note that these settings apply to all desktop web sessions, as well as some mobile browser sessions. Native mobile apps, like Gmail for Android and iOS, aren’t impacted by these settings.

Removing session-based cookies on May 7th, 2018

In the past, in order to give more control over session lengths to a G Suite customer’s preferred IdP, we set cookies for sessions created by federating to another IdP via SAML as transient, or session-based. These cookies were intended to expire whenever the browser was closed, meaning the user would be redirected to their primary IdP whenever they reopened the browser and visited a Google site.

Over time, however, this behavior has become increasingly inconsistent across browsers. We believe that G Suite admins are better served by explicit session length controls, like the ones we just launched. Unlike session cookies, these controls are respected regardless of the user’s browser.

With this in mind, we’ll be removing session-based cookies for G Suite customers who federate to another IdP via SAML on May 7th, 2018. Please consider setting a custom session length for your organization if your workflows depend on it.

Replicating previous behavior

If it’s critical to replicate the previous behavior, where all sessions expired when a browser was closed, you can change the browser settings on impacted machines to delete all Google cookies when the browser is exited. Instructions to configure this on Chrome can be found here. To deploy this policy on multiple machines, use Chrome policies to configure session-only cookies for [*.]google.com.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to G Suite Business, Enterprise, and Education editions only

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Set up session length for Google services

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Improved user management in the Admin console

We’re updating the interface you use when you manage your organization’s users in the Admin console. These changes will make it easier to find and control user information and settings. For more information, see our Help Center topic on how to add and manage users.

New quick actions panel 
When you click into an individual user, you’ll see a user information panel, which allows you to quickly see and edit basic information about the user.

Category cards provide more detailed user management 

When you’re looking at an individual user, you’ll also see cards with summarized information that will give you a quick overview of the most important information in several categories. Click on the cards to view the settings in detail or to quickly edit information related to that user. Depending on the user’s account and your administrator privileges, you’ll see some or all of these cards:
  • User information. View and edit the user’s contact information and see custom attributes. 
  • Security. Control the user’s security settings, like 2-step verification and security keys. 
  • Groups. See the user’s group memberships and roles, and manage their roles in those groups. 
  • Admin roles and privileges. See and change admin controls granted to the user. 
  • Apps. View apps the user has installed on a managed device. 
  • Managed devices. View and manage the devices associated with the user. 
  • Licenses. See licenses granted to the user and control individual user licenses. See more below. 
  • Team Drives. See the user’s Team Drives memberships and manage Team Drive settings. 

New license management functions 

One of the new cards is a Licenses card which will help improve visibility and management of licences within your organization. It features:
  • Improved license states to provide a better understanding of a user’s license assignment. 
  • Separate view mode and edit modes to aid decision making for license management. 
  • Improved error handling and messaging to help admins. 


Launch Details 
Release track:
Launching to both Rapid Release and Scheduled Release

Editions: 
Available to all G Suite editions

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
Admins only Action: Admin action suggested/FYI

More Information
Help Center: Add users 
Help Center: Manage user accounts 
Help Center: Manage passwords 
Help Center: Grant administrator privileges 
Help Center: Apply policies to different users 


Launch release calendar

Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates