Question
How do I configure AD eDiscovery to collect from GMail?
Prerequisites
- A Google G Suite Basic, Business, or Enterprise account for your organization
- Administrator account credentials for your organization's G Suite account
- Access to GMail from the Collections Work Manager machine
- One of the following versions of Outlook installed on the Collections Work Manager machine:
Outlook 2007 32-bit Standard & Professional
Outlook 2010 32-bit Standard & Professional
Outlook 2013 32-bit Professional Plus
Outlook 2016 32-bit Professional Plus
Answer
- Login to the G Suite Admin Console at https://admin.google.com/AdminHome with your organization's G Suite Administrator account
- Click "Security"
- Click "API reference"
- Check "Enable API access" and click "Save"
- Open the Google API Console at https://code.google.com/apis/console/
- Expand the upper-left menu, then select "API Manager" and "Credentials"
- When prompted to select or create a project, click "Create"
- Give your project a name and click "Create"
- When prompted, select "OAuth client ID" from the "Create credentials" drop-down
- Follow the prompts to Configure the OAuth consent screen and click "Save"
- For the Application Type, select "Other", give it a name, and click "Create"
- Take note of your Client ID and Client Secret
- Log into eDiscovery and go to Data Sources > Gmail
- Click the Add button in the upper-right
- Enter you Gmail Domain, Client ID, and Client Secret, and click the "Google" button
- In the resulting browser window, sign in with your organization's G Suite Administrator account
- When prompted, click "ALLOW" to allow the connector to audit emails of the users on your domain
- Copy the resulting Authorization Code, paste it into the connector details in eDiscovery, and click "OK"
Notes
- GMail collections may spend a while "Waiting for Service" while eDiscovery waits for the collection request to be processed and packaged up by the queue on Google's end.