By Ryan Squires Posted September 12, 2018
As more IT management tools and software shifts to the cloud, IT admins are wondering if Google® can act as a domain controller. It makes sense to ask that question, because with the introduction of Google Cloud Identity Management™, people are wise to wonder what sort of capabilities this service offers. Some admins are interested because they may want to finally ditch their on-prem Microsoft® Active Directory® (AD or MAD) implementation. Others are intrigued by the idea of leveraging G Suite™ identities for their systems and on-prem file servers and applications. So, is Google a domain controller?
Google’s Push into the Enterprise
Stemming from Google’s push into the enterprise, as highlighted by solutions like Google Apps™ (now called G Suite™) and Google Cloud Platform™ (GCP), users now find themselves leveraging Google services for a significant portion of their work day. Whether they’re creating documents or spreadsheets in G Suite or spinning up virtual machines with Google Compute Engine™, it just makes sense to try and centralize identities around the tools that users employ with the most regularity. Unfortunately, any dream of a centralized identity by way of Google Cloud Identity Management gets dashed when admins learn that the identity service is essentially a single sign-on (SSO) solution for Google services and other web apps. Google isn’t a full-fledged directory service. If admins hope to manage systems, networks, and apps that exist outside of Google’s walled garden from one centralized location, then they’ll need to integrate Google with a real directory service. Conventionally, that has meant investing in a domain controller and AD.
Google Adds On to the Domain Controller
It is apparent that Google Cloud Identity Management is not authenticating users to systems (Windows, Mac®, Linux®), on-prem applications, WiFi, or competing cloud infrastructure solutions like AWS® and Azure®. The result is that IT admins have to run their productivity platform and other cloud resources from Google, but use directory services for system and network management
However, as the shift to the cloud accelerates, it makes sense to move the directory into the cloud. After all, productivity platforms, cloud infrastructure, web applications and more have all taken the leap. So, it’s time for the directory to as well. Thankfully, there is just a solution that exists. It combines much of the functionality of Active Directory with the convenience of SSO and a number of other next generation capabilities and reimagines what a directory service should be. As modern approach to AD, this cloud directory enables users to leverage one set of credentials to gain access to virtually every IT resource they may need. It’s called JumpCloud® Directory-as-a-Service®.
Control from the Cloud
As a next-generation Identity-as-a-Service (IDaaS) platform, admins can arm their users with one identity to connect their users to a vastly larger number of services than Google Cloud Identity Management can alone. For example, cloud-based directory services from JumpCloud can authorize and authenticate users to WiFi via RADIUS, on-prem legacy applications via LDAP, cloud infrastructure from the big providers including AWS®, GCP™, and Azure®, and cloud and on-prem file server solutions like Box™, Samba, and NAS devices. Directory-as-a-Service also empowers IT admins by providing them the ability to enforce security standards via GPO-like Policies and Commands, as well as management of Mac and Linux systems in addition to Windows. It also can help you become GDPR, PCI, and HIPAA compliant too thanks to event-logging and improved control over access to data. Most of this functionality does not exist in Google Cloud Identity Management, nor is it their goal to provide it. Google’s focus is to enable access to their platforms.
So there you have it, the answer to “is Google a domain controller” is a simple no. Their platform works to connect users to Google resources and some others. But, it falls short of being a full-fledged directory like we find with JumpCloud. And, because Directory-as-a-Service is a third-party solution, you won’t get boxed into a specific ecosystem. If you want to get started today, please don’t hesitate to sign up. If you have further questions about Google and its approach to identity management, drop us a line.