By Zach DeMeyer Posted January 8, 2019
Many of today’s IT organizations leverage G Suite™ or Google Compute Engine as a major part of their day-to-day operations. Unfortunately, with many still relying on Microsoft® Active Directory® (AD) for their source of truth for identities, connecting to these non-Windows, Google Cloud Identity-based resources becomes a challenge. Given that these Google resources are so mission critical, IT admins are searching for an AD alternative to use with Google cloud solutions. A key issue they are struggling with is whether they can use Google Cloud Identity with OpenLDAP™.
Multiple Approaches to One Question
Google solutions have met Microsoft head on, opposing Office in the productivity space and Azure® in Infrastructure-as-as-Service. Despite this, the Alphabet subsidiary has been reticent to fully challenge Active Directory in identity management. While Google is continuing to evolve their identity management offerings, Cloud Identity primarily acts as a user management platform for G Suite, GCE, and a select few web applications. The question arises, for organizations looking to leverage more than just that select few of applications, how to best apply Google Cloud Identities to LDAP applications.
There are a few approaches to this question. One is a matter of whether Google Cloud Identities can natively be exposed via LDAP altogether. Google recently announced an early version of this capability. Given its infant status, however, the capability may be limited in its abilities to federate Google Cloud Identities to all of an organization’s LDAP resources.
Another approach is, if you have an on-prem OpenLDAP server, it can be synced with Google much like Active Directory is with GCDS (Google Cloud Directory Sync). While this is a fairly straightforward answer, in practice, the process is more involved. Server implementation and management is becoming a hassle in this cloud-forward, serverless age. With a plate piled high with work to be done, the last thing IT admins need is more on their to-do lists.
Google Cloud LDAP
In fact, Google’s focus on GCDS as the link between on-prem directory services such as LDAP and AD still grounds organizations on-prem trying to become more cloud-forward. Unfortunately for IT admins, the challenge with Google Cloud Identity is that they are still stuck in a sticky situation. They have one-foot on-prem with Active Directory or OpenLDAP, and one in the cloud with their G Suite or GCE infrastructure. As more disparate IT resources are added to an org’s day-to-day, this siloed state of affairs can leave IT admins feeling stretched and spent.
Ideally, IT organizations could shift their environment to one entire identity provider (IdP)—not just a user management platform for LDAP or SAML focused applications. By centralizing the IdP, admins need only to manage one solution instead of multiple fractured platforms. This One Directory to Rule Them All®, so to speak, would reimagine Active Directory and LDAP from the cloud.
A next generation cloud identity platform would connect users to not only applications, but systems (Windows® macOS®, Linux®), cloud and on-prem servers (AWS®, Azure), cloud and physical file servers (e.g. Box™, Samba, NAS appliances), and WiFi infrastructure via RADIUS. That’s a long way from solely integrating Google Cloud Identity and OpenLDAP. It’s the directory of the future.
Well, that future is now, and that cloud identity provider is JumpCloud® Directory-as-a-Service®. Find out how to integrate your Google Cloud Identities with LDAP applications, as well as your systems, cloud apps, networks, servers, and more by trying JumpCloud today. By signing up for the Directory-as-a-Service platform, you can explore all of the product’s capabilities absolutely free, with complementary ten users available as long as you are signed up. For more information, be sure to tune in to our YouTube channel or read up on our blog.