By Ryan Squires Posted April 15, 2019
Google Cloud™ recently announced a managed Active Directory® (AD) solution. As a result, many DevOps engineers and IT admins are wondering how they can leverage this new cloud identity offering and what the potential benefits and drawbacks may be. In this post, we will discuss the use cases for Google Cloud Managed Active Directory as well as how IT admins and their users may benefit.
Active Directory® On-Prem
Before diving deeper into the specific use cases for Google’s managed AD service, we should quickly step back and cover the basics around this approach. As IT pros know, Active Directory has been the most popular on-prem identity provider (IdP), largely because of the historical bias towards Windows®-based, on-prem networks. But, the days of IT infrastructure existing exclusively on-prem have gone. With the shift to the cloud, IT admins are thinking through whether a cloud AD-like offering makes any sense for them and their users. And if they do choose to go that route, there are a few choices. Before we get to those, though, let’s take a look at how Google fits into the picture.
Google’s Play to Keep Up
Google has been aggressively developing their own compute infrastructure to compete with AWS®, called Google Cloud Platform™. With Amazon Web Services and Microsoft’s Azure® platforms leading the Infrastructure-as-a-Service (IaaS) market, Google is working hard to catch up to those leaders. In that vein, Google’s managed Active Directory offering is effectively a catch-up feature to AWS Directory Services, which is another managed AD offering. On the Azure side, this service is also a means to keep up with Microsoft, which has a completely separate Azure AD family of offerings—and they can get rather confusing. So who should consider using a managed AD offering from Google?
Use Cases for Managed Active Directory
The use case for DevOps and IT organizations to use Google’s managed AD offering is something like this: they need to integrate their Windows-focused (AD) identity provider and domain with their GCE environment. Doing so will allow them to use their AD identities with Windows servers at Google Cloud. Linux® servers, however, will still be a challenge to manage and control via the managed Active Directory offering, so for those organizations that utilize Linux systems, this service may not be the ideal fit. The same is true for organizations that don’t have AD on prem or are starting to transition away from Active Directory. So why did Google decide to throw their hat in the managed AD ring?
Google Cloud and Managed AD: Catch Up
For Google, where playing catch up to AWS and Azure is paramount, this offering makes a lot of sense. GCP isn’t looking to blaze new ground in this area, but rather eliminate the friction of lifting and shifting infrastructure from on-prem or collocated data centers to Google. For organizations that are tied to AD and moving to GCP, this offering will be potentially useful, but it does continue to force organizations to be tied to the Windows-based AD platform.
A New Approach
As organizations shift to cloud infrastructure and web applications and further from on-prem solutions, there are new opportunities. One of them is to consider a new approach to identity management that is both platform and vendor neutral. That means you get the freedom to pick the best solutions that can help your users increase productivity while enabling your business to grow. A tool that provides both is JumpCloud® Directory-as-a-Service®.
As a vendor-neutral, cloud-based directory service, JumpCloud enables you to provide your users with True Single Sign-On™, the ability to log in to all of their tools using only a single set of credentials. As such, JumpCloud isn’t a play at simply helping you migrate AD credentials to Google Cloud. It is a play at empowering you to utilize the best tools for your organization. With Directory-as-a-Service, your users leverage one set of credentials for systems (Windows, macOS®, Linux), cloud infrastructure (GCE, Azure, AWS), file servers on-prem and in the cloud (NAS/Samba Devices, Box™, G Drive™), applications via LDAP and SAML 2.0, and networks through RADIUS. It’s a directory built for the cloud era.
Evaluate JumpCloud Free Today
Sign up for a JumpCloud account, and get instant access to the entirety of the JumpCloud product. Plus, by signing up, 10 free users are included at no charge to you—ever. If you’re ready to get to work setting up and managing your JumpCloud account, a good place to start is our Knowledge Base. You can also drop us a line anytime.