Gmail: Why Your Directory Will Live In The Cloud

By Rajat Bhargava Posted February 24, 2015

Reevaluating Active Directory Illustration

This blog is part of a four-part series, as listed below:

  1. The Directory-as-a-Service Movement
  2. Heterogeneous IT: The #1 Reason your Directory will be in the Cloud
  3. Cloud Infrastructure is Reason #2 your Directory will be in the Cloud
  4. Business Gmail: Reason #3 why your Directory will live in the Cloud

If you’ve been following along, you know we’ve been discussing specific reasons why your directory service will live in the cloud (if not today, sometime in the near future).

In our last two posts, we discussed how heterogeneity and cloud infrastructure are two top trends driving the shift of the directory service from being on-premise to being in the cloud.

We also discussed the history of the Directory-as-a-Service® movement and how we wound up where we are today.

Each of these contributes to a force that is pushing directories unequivocally, up into the cloud.

As the final proof point for this series, let’s take a look at the impact of Gmail as a corporate email provider, and how that, too, necessitates a cloud-based directory.

A Brief History of the Rise of Gmail in Corporate Settings

Gmail started as a free consumer email service in 2004. But organizations quickly realized it was a (cheap) way for them to outsource their entire corporate email needs, too.

Over the course of the next decade, Gmail almost single-handedly replaced any prior corporate email provider. Prior to the advent of corporate Gmail, organizations relied on Microsoft Exchange. The company hosted the hardware and software on-premises and IT teams managed each component.

Of course, in order to use Exchange, AD was required as well. This duo was the gold standard at organizations large and small for the better part of the last decade.

As the business version of Gmail (called Google Apps at the time, known as G Suite now) was introduced, organizations realized that they didn’t need to manage their own email. Effectively, email became a cloud service. Since most organizations also had AD, they left that in place often to continue to manage users, Windows devices, and printers. Over time, Google created a syncing method between Google Apps and the on-premises AD. But IT admins began to question why they needed to have one part of the duo (email) in the cloud and the other on-premises (directory services).

With Part On-Premise, Part Cloud-Based Business: How did they Manage their Directory?

G Suite Google Identity Management Challenges


Unfortunately there was no option to move their directory to the cloud and Google Apps Directory, or GAD (now known as Google Cloud Directory or GCD), did not function as an AD equivalent (GAD was effectively a contact database).

Google ended up creating “syncing mechanisms” to connect on-premise directories such as AD or LDAP with Google Apps. These were called Google Apps Directory Sync, or GADS (now known as Google Cloud Directory Sync or GCDS) and Google Apps Password Sync, or GAPS (now known as G Suite Password Sync, or GSPS). Each of these agents ran AD and helped ensure the AD user store was replicated within the Google’s user store. It was a quick fix, but IT admins soon realized the whole operation would have been improved if the on-premise server was simply moved to the cloud.

Microsoft Offers a Solution…

Microsoft balked at the slowly dominating Google Apps service, and made a competitive move.  They released Windows Azure Active Directory (WAAD) services. WAAD extended on-premise Active Directory to Azure enabling single sign-on (SSO) for cloud applications as well as provide Azure cloud servers integration. This was clearly a move by Microsoft to lean into the cloud era, and also reduce further account loss to Google’s email and apps solutions.

…But the Solution Wasn’t Quite Right

However users of this solution cannot leverage WAAD without an on-premise AD system which, of course, completely misses the point of moving both email and directory to the cloud.

As more organizations leverage cloud-based email, an equivalent cloud-based directory is critical. GAD and WAAD are, unfortunately for users, both fall short; each ends up forcing admins to keep their on-premise directory services.

A true cloud-based directory allows organizations to move their email and directory services to the cloud.

Directory-as-a-Service

Fortunately, this cloud-based directory already exists. It’s called Directory-as-a-Service®. Directory-as-a-Service, or DaaS, allows businesses to not just put a “bandaid” on on-premise issues, but completely overhauls the concept by providing businesses with an opportunity to create an ecosystem that is ready for the future. More business will move to the cloud. That’s unquestionable.

In other words, as core network infrastructures move to the cloud, so too must directory services.

A modern, cloud-based directory is the core of safe and effective business. DaaS authenticates, authorizes, and manages all resources from one central web-based console; not with a “fix-it” methodology, but with a “re-create it” methodology. Directory-as-a-Service functions as the core, central user management system, hosted LDAP, True Single Sign-On™ platform, multi-factor authentication system, WiFi authentication service, and device management solution. In short, a cloud-based directory is AD and LDAP reimagined.

If you would like to learn more about DaaS, drop us a note. We’d be happy to discuss it with you. Or, feel free to give JumpCloud’s Directory-as-a-Service a try. Your first ten users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts