By Ryan Squires Posted December 4, 2018
Is Google™ LDAP a viable identity provider (IdP) for organizations? The simple answer is no. Google LDAP, along with Google Cloud™ Identity, isn’t enough to serve as a replacement for Microsoft® Active Directory® (MAD or AD). AD simply controls too much at the system level. But, an LDAP offering that can leverage Google credentials can be useful. The success of Google Apps™ (now G Suite™) ensures that many users probably already have Google Cloud identities. This means that a solution that could extend those identities to more than just LDAP-based applications and Google’s stable of applications would be great.
In order to completely understand the benefits of a Google LDAP approach, we need to step back and understand the market. Over a decade ago, Google decided to get into the productivity suite business by offering solutions for hosted email and Microsoft Office®-like applications. Google’s goal was to attack Microsoft at their core—the Office productivity suite.
Interestingly, Google at the time—and still yet—wasn’t interested in challenging Active Directory, the core identity provider for organizations. Instead, the idea was to leave the complicated directory solution on-prem, but move from Exchange and Office to Google Apps (G Suite). The strategy worked brilliantly, and there are now millions of organizations who have moved away from on-prem Office software and onto G Suite. As a matter of fact, over time, IT organizations have started to see their Windows®-centric environment shift to G Suite, Amazon Web Services® (AWS®), Mac®/Linux® systems, web applications, and more. Now, the desire is to replace AD on-prem, so all of these new resources can work together in harmony.
Google and LDAP for User Management
Google’s G Suite Directory and Cloud Identity Management solutions are really focused on being a user management solution for Google applications and now for some SAML and LDAP-based applications. The challenge is that in order to replace Active Directory, IT organizations need a solution that’s more comprehensive than what Google is offering. They need to be able to manage users on Windows, Mac, and Linux systems, Samba-based file servers, and RADIUS-protected WiFi and wired networks. Ideally, they’d also be able to leverage GPO-like functions to manage the systems themselves on either granular or global scales. The aforementioned gaps in management make it extremely difficult to consider Google LDAP and its other features as a complete identity provider.
A Complete Option
For those interested in closing those gaps and eliminating AD on-prem all together or doing more with their user’s G Suite identities, an emerging cloud identity management platform called Directory-as-a-Service® is an interesting option. JumpCloud has the ability to provision G Suite identities and extend them to virtually all the on-prem infrastructure and cloud-based resources users leverage every day. You can even create new Google identities right from the JumpCloud console. Because your infrastructure evolves as time passes, Directory-as-a-Service adapts as well with a continually expanding list of abilities and features.
So, if you want to leverage Google identities for just about anything including RADIUS-enabled networks, applications that utilize the SAML and LDAP protocols, systems regardless of platform (Windows, Mac, Linux), file servers both on prem and in the cloud (NAS and Samba devices, Box™, Dropbox™), cloud infrastructure (AWS® and Azure®), and much more, consider JumpCloud.
Learn More About JumpCloud
If you’re ready to see how JumpCloud can streamline your IT operations, with Google and LDAP or anything else, don’t hesitate to reach out. Eager to see the product in action? Feel free to schedule a demo or visit our YouTube page. Alternatively, put the product to use yourself, and sign up for a free account that enables you to manage up to 10 users for free, forever.