By Rajat Bhargava Posted April 22, 2017
Many IT organizations are leveraging Apple’s Open Directory® as their identity provider. Open Directory is an on-prem directory service that is similar to Microsoft Active Directory® and OpenLDAP™. In fact, it is based on the open source OpenLDAP platform. It has become a very popular directory services solution for Apple devices on-prem, but unfortunately it is limited as a standalone, central user management platform.
As IT organizations are headed to the cloud with G Suite (formerly known as Google Apps), many IT admins are asking, “How do I manage user access to on-prem systems, applications, and the cloud?” IT admins have started wondering whether G Suite directory can serve as an Open Directory provider alternative.
G Suite as an Identity Provider
Millions of organizations are using G Suite for creating and maintaining their documents, files, and calendars. That also means that millions of organizations have Google identities for all of their employees. They also likely have identities for their systems and for other apps or IT resources.
So one question that is starting to arise is ”How do I bridge my on-prem systems with cloud platforms and one identity?”
G Suite and Apple Open Directory
Apple Open Directory is one possible solution. Open Directory is largely LDAP-based and has been integrated with Apple MacOS devices. But Open Directory can’t do everything.
The challenge when using Open Directory is how to connect to cloud platforms such as G Suite, AWS, Azure, and more. IT admins will also need to consider how they will connect Open Directory to all of their on-prem systems and applications. Open Directory is great with Macs, but can it connect to Windows and Linux devices as easily? Will you be able to connect to applications that don’t support LDAP, such as SAML or Windows authentication?
Let’s say Open Directory does work with your existing infrastructure. Then we’re back to our initial question: how do you connect G Suite with Open Directory? Sometimes organizations leverage Google Apps Directory Sync (GADS), but this requires yet another server to procure, install, and manage.
The Final Word
For IT organizations that are Apple macOS focused, Open Directory can be an effective solution. G Suite is of course an attractive option for cloud identity management. Unfortunately, just as G Suite doesn’t function as an Active Directory provider, it doesn’t work as an Open Directory provider either. G Suite directory is largely just a user management platform for Google Apps and services. A few, select web applications can be authenticated with G Suite identities, but it doesn’t control on-prem devices, cloud servers from AWS, on-prem and cloud applications, and WiFi network access.
G Suite and Directory-as-a-Service Work Together
The good news is that a complementary solution called Directory-as-a-Service® can extend Google identities to all IT resources – including on-prem systems and apps that use the SAML protocol. This is achieved through a directory-level integration with G Suite that allows you to import all of your existing Google identities into JumpCloud’s secure, fully-featured cloud directory. As a cloud identity management platform, Directory-as-a-Service centrally controls access to G Suite, Office 365, AWS, MacOS / Linux / Windows devices, WiFi, on-prem and cloud applications, and more. The benefits are significant with no need to implement or manage an identity provider, and it comes with the ability to control virtually all IT resources.
Learn How to Make G Suite Your Open Directory Provider
If you would like to learn more about whether G Suite is an Open Directory provider, drop us a note. We can walk you through your cloud hosted directory services options. You can also sign-up for a free account and check out our IDaaS platform for yourself. Your first 10 users are free forever – no credit card required.