Can G Suite Serve as Your Domain Controller?

Written by Cassa Niedringhaus on June 12, 2020

Share This Article

G Suite, formerly known as Google Apps, offers a useful set of productivity solutions. From email and spreadsheets to video conferencing tools and other services, Google has made G Suite a staple in the modern enterprise. But can G Suite handle system and user management as well? In this post, we’ll analyze whether G Suite and Google Cloud Identity can serve as an organization’s domain controller, and what other modern alternatives exist.

The Evolution of G Suite

Google took the first step on the road to G Suite when it introduced a hosted email solution for organizations: Gmail. This was designed to replace the need to purchase and implement Microsoft Exchange servers, as well as move email to the cloud. At the time, this was a radical departure for organizations — and G Suite has continued to evolve since then. Google decided to challenge Microsoft’s monopoly in productivity applications, namely Microsoft 365 (then called Office), with its own suite of tools. 

At the time, this was introduced as Google Apps, and it caught fire in the enterprise. This cloud-based approach didn’t require additional software or on-premises hardware, and Gmail didn’t need to integrate with many different solutions. Organizations could singularly adopt it,  and their users could be productive. However, it didn’t replace the need for a separate G Suite identity and access management (IAM) solution. 

Google Avoids Complete Identity Management Infrastructure

Google took great strides replacing Exchange and Microsoft Office (now called Microsoft 365), but it did not go as far as to replace identity management infrastructure, namely Active Directory®. AD permeated the enterprise, and the network, systems, file servers, applications, and more were all controlled by Microsoft (and many of those solutions created by them, too).

Google has made inroads with Cloud Identity Premium, though, which enables authentication to Google Cloud resources and SSO to web applications via SAML and OAuth. The premium feature also includes Secure LDAP and basic device management capabilities for Android, iOS, and Windows 10 devices. However, Google Cloud Identity doesn’t offer the deep system management capabilities that IT administrators achieved for Windows systems through AD or comparable functionality for macOS and Linux machines. It’s also not designed for authentication to servers and RADIUS networks, among other IT resources.

It likely can’t serve as an organization’s domain controller in the cloud — but AD and its domain controllers leave organizations with one foot in the cloud and one foot on-prem. However, admins have other comprehensive IAM options in modern cloud directory services. 

Domain Controller Replacement

Cloud directory services are designed to be vendor- and platform-agnostic so admins can manage and authenticate users to virtually all their IT resources from a central point of command. One such solution, which doesn’t require any on-prem infrastructure, is JumpCloud Directory-as-a-Service®

JumpCloud enables admins to control and manage the authentication and authorization to an organization’s IT resources — including systems, apps, networks, and cloud and file servers. They can also manage and configure macOS, Windows, and Linux systems with GPO-like Policies deployed from the cloud

JumpCloud’s robust G Suite integration enables admins to import users from G Suite and set up those users to enter their existing G Suite passwords for access to all bound resources. This means that a user would enter that same password at login to systems, applications, networks, and virtually all other IT resources. Admins don’t need a conventional domain in this instance because JumpCloud securely manages identities in a manner analogous to a domain controller.

Learn More about Directory-as-a-Service

Admins can now sync multiple G Suite instances, as well as additional Microsoft 365 tenants, in the cloud platform, use JumpCloud as the core identity provider, and federate those identities everywhere they’re needed. With JumpCloud, organizations can also adopt the domainless enterprise model, which allows them to reduce or eliminate on-prem servers in favor of modern IT infrastructure and secure all users and devices, no matter where they’re located. 
Click here to learn more about the alternatives to using Google products as your domain controller and implementing a full-suite cloud directory service instead. If you’d like to see the configuration between JumpCloud and G Suite in action, take a look at this quick tutorial video below:

Cassa Niedringhaus

Cassa is a product marketing specialist at JumpCloud with a degree in Magazine Writing from the University of Missouri. When she’s not at work, she likes to hike, ski and read.

Continue Learning with our Newsletter