By Greg Keller Posted October 17, 2016
Being a G Suite administrator doesn’t need to be painful and difficult. There are a number of solutions and practices that can make your life easier.
The whole goal of G Suite (formerly known as Google Apps) was to reduce the level of effort for IT and simplify the user experience for end users. By shifting a core set of solutions – email server, file server, productivity suite – to the cloud, the idea was to reduce the time and money required to provide basic IT services to an organization.
Managing Users with G Suite
G Suite isn’t particularly hard to setup and administer. The first and, perhaps most significant issue, is how to manage users on G Suite.
G Suite directory is a local user management system that enables admins to provision, deprovision, and manage users on G Suite. But, most IT admins don’t want to think of G Suite as an island. They immediately start thinking about out how to integrate G Suite into the rest of the IT organization’s tools and solutions.
The ideal foundation for that process would be to integrate into a core, authoritative directory service. Generally, there are three options here:
- Manually manage users in G Suite and elsewhere
- Integrate G Suite with an on-prem, legacy directory such as Microsoft Active Directory or OpenLDAP
- Move to a cloud hosted directory service
Each approach to managing G Suite identities is discussed in more depth below:
Manual User Management
For small organizations, managing users manually is probably just fine. It is reasonably easy to go into G Suite and add, delete, or modify user access. This approach isn’t geared toward maximizing efficiency or achieving deep control over systems, applications, and networks. It is more focused on doing enough to get by.
G Suite and Active Directory
G Suite was created with the assumption that it would integrate with AD or OpenLDAP. The Google Apps Directory Sync (GADS) tool was designed to help AD federate identities to G Suite. Unfortunately, this approach still leaves the directory service on-prem, and now adds the GADS server to what G Suite admins need to manage.
Directory-as-a-Service® Centralizing G Suite Identities
The modern, cloud forward approach for G Suite admins is to shift the identity provider to be in the cloud. Called Directory-as-a-Service, the platform is tightly integrated with G Suite and centralizes user management across virtually all IT resources including G Suite, Office 365, AWS, systems (Windows, Mac, and Linux), and through the LDAP, RADIUS, SAML, SSH, and other protocols.
What’s the best option for G Suite Admins?
Depending upon an organization’s size and scope, the right choice for your G Suite user management solution can vary. Small organizations can benefit from manual user management, at least in the short term. But most organizations will want to consider syncing G Suite with an authoritative directory. All Windows shops are a solid fit for Active Directory. Multi-platform organizations that already leverage cloud infrastructure certainly should consider a cloud-based Directory-as-a-Service.
Looking for More G Suite Tips and Tools?
Managing identity management isn’t the only challenge that G Suite administrators face. There are also issues of security, permissions, auditing and more.
Luckily, there are communities that Google has created to support IT admins. The two to investigate are the Google for Work Connect program and the Google Apps Marketplace. Both resources can help IT admins find the help and tools that they need to succeed with G Suite.
If you would like to learn more about how G Suite admin tools and tips can help, drop us a note. Or, if you would like to go deeper on which cloud identity management approach is best for your organization, let us know. You can also sign-up for a free account. Your first 10 users are free forever.