diff --git a/education/windows/configure-aad-google-trust.md b/education/windows/configure-aad-google-trust.md index 99b45ebcb9..65c6673c04 100644 --- a/education/windows/configure-aad-google-trust.md +++ b/education/windows/configure-aad-google-trust.md @@ -37,19 +37,19 @@ To test federation, the following prerequisites must be met: ## Configure Google Workspace as an IdP for Microsoft Entra ID -1. Sign in to the [Google Workspace Admin Console](https://admin.google.com) with an account with *super admin* privileges. +1. Sign in to the [Google Workspace Admin Console](https://admin.google.com) with an account with *super admin* privileges 1. Select **Apps > Web and mobile apps** -1. Select **Add app > Search for apps** and search for *microsoft*. -1. In the search results page, hover over the *Microsoft Office 365 - Web (SAML)* app and select **Select**. +1. Select **Add app > Search for apps** and search for *microsoft* +1. In the search results page, hover over the *Microsoft Office 365 - Web (SAML)* app and select **Select** :::image type="content" source="images/google/google-admin-search-app.png" alt-text="Screenshot showing Google Workspace and the search button for Microsoft Office 365 SAML app."::: -1. On the **Google Identity Provider details** page, select **Download Metadata** and take note of the location where the **IdP metadata** - *GoogleIDPMetadata.xml* - file is saved, as it's used to set up Microsoft Entra ID later. +1. On the **Google Identity Provider details** page, select **Download Metadata** and take note of the location where the **IdP metadata** - *GoogleIDPMetadata.xml* - file is saved, as it's used to set up Microsoft Entra ID later 1. On the **Service provider detail's** page: - - Select the option **Signed response**. - - Verify that the Name ID format is set to **PERSISTENT**. - - Depending on how the Microsoft Entra users have been provisioned in Microsoft Entra ID, you might need to adjust the **Name ID** mapping. - If using Google autoprovisioning, select **Basic Information > Primary email**. - - Select **Continue**. -1. On the **Attribute mapping** page, map the Google attributes to the Microsoft Entra attributes. + - Select the option **Signed response** + - Verify that the Name ID format is set to **PERSISTENT** + - Depending on how the Microsoft Entra users have been provisioned in Microsoft Entra ID, you might need to adjust the **Name ID** mapping + If using Google autoprovisioning, select **Basic Information > Primary email** + - Select **Continue** +1. On the **Attribute mapping** page, map the Google attributes to the Microsoft Entra attributes |Google Directory attributes|Microsoft Entra attributes| |-|-| @@ -58,7 +58,7 @@ To test federation, the following prerequisites must be met: > [!IMPORTANT] > You must ensure that your Microsoft Entra user account's email matches that in your Google Workspace. -1. Select **Finish**. +1. Select **Finish** Now that the app is configured, you must enable it for the users in Google Workspace: