By Vince Lujan Posted August 6, 2019
One question that we continue to hear is whether or not you can authenticate Windows® systems with a Google® Cloud Identity. While you can leverage Google Cloud Identity to manage user access to Windows-based servers located within GCP (Google Cloud Platform), the question here is really about Windows end user systems (laptops and desktops) that are not located within GCP.
Unfortunately, it would appear that the two tech titans are more interested in competition than cooperation. Consequently, IT admins often need a third-party identity bridge to connect the two, but that might actually be more beneficial to the overall organization depending upon the platform of choice. Let’s take a closer look below.
Overview of the Problem Space
Google first entered the IDaaS (Identity-as-a-Service) space with introduction of G Suite™ Directory, which is essentially the core identity provider (IdP) for Google Apps. Originally, Google identities were effectively built from the apps and resources that the user leveraged within the Google ecosystem. While effective for Google identities, it was difficult for IT admins to manage all of their user’s identities as they essentially had a number of identity siloes to coordinate.
Recently, Google changed their approach to identity management by effectively decoupling the core user identity from G Suite Directory to create their Google Cloud Identity management solution. Ultimately, the goal was to make it easier for an organization to connect to Google’s cloud services, especially Google Compute Engine.
However, Google Cloud Identity only addresses one small part (i.e., the Google angle) of the overarching challenges that organizations face when it comes to managing their IT infrastructure. This is demonstrated by the fact that Google identities can connect to Windows-based servers within GCP, but not end user systems and resources located outside of GCP. Thus, leaving a gap for IT admins to bridge with their own devices.
Similarly, the same can be said for Microsoft equivalent solutions. The on-prem Active Directory® (AD) platform, as well as the cloud-based Azure® AD, are highly tailored for Windows-based IT resources—leaving Google on the outside looking in. So, if neither vendor will extend an olive branch, how do you authenticate Windows with a Google Cloud Identity?
JumpCloud® Directory-as-a-Service® integrates with G Suite Directory via a secure connection between the JumpCloud API and Google’s OAuth-based API. Directory-as-a-Service also has the ability to manage Windows end user systems (macOS® and Linux® too) both on-prem and remote. So, by integrating both G Suite Directory and your Windows fleet with JumpCloud, IT admins can extend a single identity (the JumpCloud Identity) to both platforms.
With JumpCloud, IT admins can create new users from scratch within the JumpCloud Admin Console, or import existing users from G Suite Directory. With the latter, existing Google users can continue to leverage their Google credentials with the added ability to gain access to their Windows systems. A similar user import workflow is also possible for Office 365, Active Directory, LDAP, and Workday. The end result is that JumpCloud can connect users to virtually any IT resource with One Identity to Rule Them All®, effectively giving IT admins One Directory to Rule Them All®.
Learn More About JumpCloud
Sign up for a free account and enable your organization to authenticate Windows with Google Cloud Identity today. Your first ten users are free forever, and you will have access to the standard Directory-as-a-Service platform, with the option for add-on services. Contact the JumpCloud team if you have any questions.