Using Google Apps as an LDAP Provider

By Greg Keller Posted December 7, 2016

Google Apps has a lot of great features, so it’s no surprise that it has replaced Microsoft Exchange and Office. In addition, it is the file server and also the communications platform with Hangouts.

We often hear folks wondering whether Google Apps for Work (now G Suite™) can also be the directory service. More specifically, can organizations use Google Apps as an LDAP provider? The short answer is no. GApps isn’t also a directory service like Active Directory®, LDAP, or Open Directory.

The long answer? Google Apps can be an LDAP provider with the help of Directory-as-a-Service® (DaaS).

Dynamic Combination of DaaS and Google Apps

Directory-as-a-Service can function as your core, authoritative directory service and tightly integrate with Google Apps. As a cloud directory service, Directory-as-a-Service works very similarly to Google Apps. It is hosted in the cloud, priced on a per user basis, and an excellent alternative to Microsoft technology. When combined, IT organizations can skip the Microsoft Exchange and Active Directory duo. And that is a significant benefit for them.

The virtual identity provider can authenticate and authorize user access to systems, such as macOS, Windows, and Linux, cloud and on-prem applications, and networks. It can also serve as the platform to manage devices similar to how AD manages Windows devices with Group Policy Objects (GPOs).

Cloud and on-prem applications can be authenticated via the LDAP protocol or via SAML. WiFi authentication can occur via the cloud RADIUS functionality as well. The beauty of the cloud directory service integrated with Google Apps is that a user’s Google Apps credentials can be used everywhere – to access their laptop or desktop, AWS® cloud servers, WiFi authentication, applications, and more.

Integrated Approach to Harmonious Identity Management 2016-07-22 12-42-05

The benefits to this integrated approach with Google Apps and Directory-as-a-Service are tremendous. IT admins can shift virtually their entire infrastructure to the cloud. Directory servers are often the last items to leave the premises. Now both the directory and email servers can be offloaded into the cloud. IT can centrally manage all user access and credentials from one web console for nearly all of their IT resources, including Google Apps. GApps users can be created, deleted, and modified straight from the central directory service. Finally, from a business model perspective, IT organizations can get all of the benefits of a SaaS-based identity management platform minus the costs of LDAP or AD.

Using Google Apps as an LDAP Provider (and Much More)


If you would like to use Google Apps as an LDAP provider, drop us a note. We can walk you through how to make that happen. Directory-as-a-Service can function as your cloud directory service and seamlessly integrate with Google Apps. Sign up for a free account at your convenience. Your first 10 users are free forever.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts