G Suite™ As An LDAP Provider

By Rajat Bhargava Posted October 10, 2016

It’s easy for IT admins to get excited about G Suite™ and it’s capabilities.

G Suite is one of the leading cloud platforms with over 5 million business customers. It has shifted the concept of the email and file server from being on-prem to being in the cloud. It’s taken a run at Microsoft Office and provided a strong alternative. Video conferencing is quite easy with Hangouts.

There’s a lot to appreciate from the tool formerly known as Google Apps.

But Does G Suite Offer LDAP?

g suite and ldap

One area in which an IT admin’s enthusiasm sometimes gets the better of them is to think about leveraging G Suite Directory as an LDAP provider. It’s easy to start to think that way and have G Suite be your core identity provider. G Suite ends up having just about every person’s email address and user credentials. Each person uses G Suite each day for their productivity solutions as well.

So, why not leverage the G Suite user database to do more? After all, a user’s credentials are already there.

Unfortunately, that’s not how Google’s G Suite solution was built.

G Suite Alone is Not an LDAP Provider

It wasn’t really meant to export identities or leverage LDAP to create a directory service. Google has taken some small steps to have G Suite authenticate a few, select web sites for web application single sign-on. But, the concept of being a cloud directory service isn’t what G Suite is aimed at.

It makes a lot of sense when you consider where G Suite came from. When Google first introduced Google Apps, the IT landscape was very different. Organizations were largely Microsoft® Windows®-based and most of their IT infrastructure was hosted on-prem. The result of that was IT organizations leveraged Microsoft Active Directory® or OpenLDAP™ for their directory service. So, it wasn’t Google Apps’ job to replace AD or LDAP, it was to complement it and integrate with it. And, that’s what Google did with Google Apps Directory Sync (GADS).

device-land

Fast forward almost a decade and that infrastructure doesn’t exist.

IT infrastructures are heterogeneous with Windows, MacOS®, and Linux® all coexisting. In fact, only one in five devices now is Windows. IT organizations are taking advantage of the cloud with AWS®, Salesforce®, Box™, and many more. G Suite is a market leading platform that has eliminated Exchange and Windows file server at many organizations.

All of these shifts in the IT landscape have created the opportunity to move the directory service to the cloud as well. Many IT admins are looking for a cloud directory and the question quickly becomes, “Can I leverage G Suite as an LDAP provider or directory service?”

But, unfortunately, it can’t. At least, not alone.

G Suite doesn’t have the ability to authenticate LDAP requests, RADIUS requests, Windows / MacOS / Linux devices, or many other types of IT resources. The good news is that a Directory-as-a-Service® platform can solve the pain of a cloud hosted directory service.

Connect G Suite with a Cloud Directory for LDAP

As a central identity provider, Directory-as-a-Service securely manages and connects user identities with systems, applications, and networks. The Identity-as-a-Service platform is cross-platform treating Windows, MacOS, Linux, G Suite, Office 365™, AWS, and many more as first class citizens in the directory services platform. It can also support a wide variety of protocols including LDAP, RADIUS, SAML, SSH, REST, and more.

If you would like to learn more about how you can leverage G Suite as an LDAP provider, drop us a note. You can leverage Directory-as-a-Service to be your LDAP provider and tightly integrate with G Suite. Give it a try for yourself. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts