By Greg Keller Posted July 20, 2017
Recently, Google has made substantial changes to the concept of their underlying G Suite user account object. Historically, a G Suite (formally Google Apps) administrator would create user accounts and these accounts would automatically be associated with core services such as Gmail, Drive, Calendar, etc. The user account, with its connected Google services, would be charged for at some per user/per month rate (e.g., $5/user/month). The recent changes have effectively ‘detached’ their core identity/user account information from the associated Google services. Now known as ‘Cloud Identity‘, a Google account can be provisioned as normal within the G Suite administrative console with no initial charge, and the identity can be utilized for authentication across the various Google services (e.g. G Suite and its products, Google Cloud Platform, etc).
To enable Cloud Identity, administrators can find this setting in the “Billing” section of their G Suite admin console and enable it by accepting terms and other options. The Billing section will now look similar to this once enabled:
Creation of new accounts will have various Google services defaulted OFF (this can be set to always ON if desired):
Administrators can, therefore, select specific services the user account should be assigned.
With these new changes to Google’s user object now known, JumpCloud will interoperate with these identities as seamlessly as before. Leveraging JumpCloud’s G Suite Directory Integration, administrators can import and take ownership of G Suite Cloud Identities, or provision new Cloud Identities to G Suite as desired. This tutorial will demonstrate how JumpCloud is integrated with G Suite to act as the authoritative Directory Service underpinning it, and the other critical resources an employee is connected to (e.g. their Windows and Mac workstations, cloud-based Windows and Linux servers, on-premise and web-based applications, and more).