Managing users on G Suite is fairly straight forward with the G Suite Directory. The challenge is that the G Suite user directory is really focused on being a contact database for G Suite.
While G Suite’s SSO functionality does allow authentication to a few select web applications that leverage SAML or OAuth, the challenge for IT organizations is that G Suite’s user directory doesn’t authenticate to systems, on-prem applications, a wide range of cloud apps, and networks.
In short, G Suite’s user directory is not a replacement for Active Directory or OpenLDAP.
Wishing that G Suite Could be Your Core Directory?
You’re not alone.
As many organizations move to the cloud, there is a desire to have the G Suite directory act as the core, authoritative directory service. The thought process is that the move to the G Suite cloud platform should eliminate both Microsoft Exchange and Active Directory. Those are two remnants of the on-prem world, and ideally IT admins would be able to move completely to the cloud.
Google’s strategy with G Suite has been to provide a cloud-based alternative to Microsoft Windows and Windows-based applications, specifically Office. With that thought process, though, Google has heavily discounted the value of devices, systems, and on-prem capabilities. As a result, the concept of the G Suite user directory is really far more about authenticating user access to the G Suite of services including email, the productivity suite, Hangouts, and more.
In Search of a Fully Featured G Suite User Directory
The good news is that there is a complementary cloud identity management platform that tightly integrates with the G Suite user directory. In fact, G Suite users can be centrally managed by the Directory-as-a-Service® platform through G Suite APIs.
The tight integration means that G Suite users can be imported into the cloud directory service to pre-populate the directory and kick-off the integration. From there, any new users are added to the Directory-as-a-Service platform. Users added in the cloud identity provider are automatically provisioned in G Suite.
Similarly, if users need to be terminated, they can be deleted from the SaaS-hosted directory service and those terminations are reflected in G Suite. In effect, the Identity-as-a-Service platform serves as the Active Directory replacement, while G Suite is an alternative to Exchange and Office.
Watch this video to see how it works:
G Suite + JumpCloud = Fully Featured User Directory
If you would like to learn more about the G Suite user directory and it’s capabilities, drop us a note. Alternatively, dig into the cloud-based directory service called Directory-as-a-Service and you’ll be able to centrally control your G Suite users as well as their access to their systems, applications, and networks. All with their G Suite identities. You can sign-up for a free account to try it with your G Suite domain. Your first 10 users are free forever.