Can Google IDaaS help with system management? That’s a question that is often asked about the G Suite Directory solution. The short answer is no.
Google’s cloud identity management solution isn’t really aimed at system management. Google IDaaS can be thought of as more of an approach to user management for Google Apps than anything else. It really isn’t a traditional or even modern directory service.
Shortcomings of Google IDaaS
Google’s approach to identity management is focused on owning a user’s identity and tightly controlling that identity for Google’s set of services. They have federated that identity to a select few web applications through the OAuth and SAML protocols. However, they haven’t been willing to take on the very significant task of managing systems – Windows, Mac, and Linux devices.
Microsoft Active Directory® pioneered this approach in the identity and access management marketplace. With authentication, authorization, and device management embedded into their platform, IT admins came to expect system management capabilities as a part of the core identity provider. However, most IDaaS solutions have missed this aspect of being a central, authoritative source of identities. Google IDaaS is missing this component too.
What About GPO-Like Capabilities?
AD system management is known as Group Policy Objects or GPOs for short. Using GPOs, IT admins can control their fleet of Windows devices. Password complexity policies, screensaver locking, user control, and security settings are all a part of the approach that IT organizations take with GPOs.
So IT admins are looking for this method with any cloud-hosted directory service. They can’t jump from AD without having strong control over the device itself. Unfortunately, G Suite doesn’t presently offer any GPO-like capabilities.
JumpCloud® – One Solution, Three Platforms
A new generation of IDaaS platform called Directory-as-a-Service® is providing cross-platform, GPO-like capabilities. The concept is to provide strong system management capabilities from a web console for all three major platforms: Windows, Mac, and Linux. IT admins can execute commands and tasks across their fleet of devices leveraging virtually any language that the system supports. Those system-level policies can be set ad hoc or run on a scheduled basis. Full results of the tasks are available via the web console so IT admins can determine if there are any errors.
Directory-as-a-Service seamlessly integrates with G Suite so that users can be created, terminated, and modified via the cloud-hosted directory service. Combine that with other capabilities, such as cloud LDAP, RADIUS-as-a-Service, True Single Sign-On™, multi-factor authentication, and, of course, system management, and you have the makings for a very strong replacement to Active Directory.
Drop us a note to learn more about how Google IDaaS system management works. We are happy to walk you through how you can manage your systems via our cloud-hosted directory service that tightly integrates with G Suite. Also, sign up for a free account if you would like to check this out for yourself. Finally, please remember that your first 10 users are free forever.