There are over 5 million organizations using G Suite (formerly Google Apps for Work). Many of these organizations want to shift their entire organization to the cloud. While G Suite enables IT organizations to get rid of Microsoft Exchange as an email provider, it also enables them to provide cost-effective productivity applications.
With the Google Apps model, one challenge that IT admin are facing is what they should do with directory services. Not surprisingly, many IT organizations are interested in a solution that will allow them to integrate G Suite with OpenLDAP.
G Suite and OpenLDAP Integration Can Be Tough
LDAP is one of the most important authentication protocols. Originally authored by Tim Howes, our advisor, and his colleagues, the LDAP protocol is the centerpiece of the open source solution, OpenLDAP.
As a popular directory service, many organizations would like to integrate their OpenLDAP instance with their Google Apps implementation. To enable the integration, IT admins need to implement Google Apps Directory Sync (GADS) to make it work.
Of course, it is a one-way integration given Google’s approach to directory services. You can export your data into Google Apps. However, this sync does not let you export your data from Google or passwords from Google Apps. The integration requires an additional server and is fairly brittle. As a result, it is not widely used by IT admins.
There’s an Easier Way
A different and more popular approach to integrating G Suite with OpenLDAP exists. The approach is called Directory-as-a-Service®. It creates a cloud-hosted directory service that does not require another server, IT management, or babysitting.
The process works as follows: IT organizations leverage Directory-as-a-Service as their core user directory. Users and credentials stored within the identity provider are then synced with G Suite. A new user can be created in the central, authoritative user management platform, which subsequently updates G Suite. A user deleted in Directory-as-a-Service is also suspended in G Suite.
Robust and Flexible Functionality
While the integration with Google Apps and Directory-as-a-Service provides the same function as with OpenLDAP through GADS, it offers a lot more too. Not only is DaaS far more resilient, it’s also API driven from the JumpCloud® service. IT organizations get a complete hosted directory service instead of a self-managed, on-prem LDAP implementation.
With Directory-as-a-Service, Google Apps organizations can federate their GApps identities to their Windows, macOS, and Linux machines, AWS servers, WiFi authentication, and LDAP-based applications hosted on-prem, among others. The seamless integration is easy for end users because they have one set of secure credentials. And IT has central control over the identity management infrastructure.
If you would like to learn more about how to integrate G Suite with OpenLDAP, drop us a note. Our Directory-as-a-Service platform can solve this for you without the need to have your own OpenLDAP server or GADS. Your first 10 users are free forever when you sign up for a free account, so give it a try today.