By Rajat Bhargava Posted March 15, 2017
Google’s approach to identity management has been evolving. Initially, when Google Apps (now referred to as G Suite) was created, there was a great aversion to potentially being in the identity and access management market. At the time, Microsoft Active Directory® was the monopoly in the space, so trying to change that while also competing with Microsoft Exchange® and Office® would have been too much.
Now, though, Google’s approach to identity management services is shifting. And they are intent on competing with a large number of IAM players.
Google IDaaS vs OpenLDAP will be one of the critical matchups that they will need to pay attention to.
The Origins of OpenLDAP
LDAP is a well-known authentication protocol created over two decades ago by our advisory board member, Tim Howes, and his colleagues at the University of Michigan. A well-known implementation of that protocol is OpenLDAP. There are others as well, including Apache Directory Server, FreeIPA, 389 Directory, and more. OpenLDAP has largely been used as a directory service for more technical solutions, such as Unix/Linux machines and applications. While it is possible to connect Mac devices to OpenLDAP, most IT admins don’t bother with the hassle of it. Although the OpenLDAP platform is a number of years old, it is still a workhorse in the industry and leveraged in a number of situations.
New Beginnings for Google Identity Management Services
On the other hand, Google IDaaS is a relatively new concept for Google. They have started to think about how they want to play in the identity management world. With their G Suite Directory, it appears that they are thinking about how to move towards competing with Active Directory and OpenLDAP.
The challenge is that their G Suite Directory platform is largely a user management system for G Suite and a web SSO using OAuth and SAML for a select few web apps. Authentication of systems (Mac, Windows, and Linux devices) whether on-prem or in the cloud is not available. Authentication leveraging LDAP or RADIUS or other authentication protocols is also out of purview. AWS and Azure are, of course, competitors to Google Cloud. As such, there isn’t any way to cross connect and leverage identities. In short, Google identity management is a nascent user management system for Google services.
JumpCloud® Resolves the Issue of Google IDaaS vs OpenLDAP
When thinking about how to authenticate via LDAP with G Suite credentials, there is another approach that will work well. A complementary solution to G Suite (and Office 365) is called Directory-as-a-Service®. It provides a replacement to Active Directory in the cloud that is seamlessly integrated with the G Suite and Office 365 platforms. G Suite credentials can be federated to LDAP applications, on-prem and cloud systems, WiFi networks, and more. G Suite credentials can be federated to AWS, Azure, or any other cloud provider. Since Directory-as-a-Service is independent, it isn’t bound to any one IT platform, provider, protocol, or location.