LDAP Support in Google Cloud™ Identity?

By Zach DeMeyer Posted November 3, 2018

LDAP Support In Google Cloud Identity

Is there LDAP support in Google Cloud™ Identity? Google recently announced an early version of their support of the LDAP protocol, so in a sense, the answer is yes. Of course, like many Google Beta solutions, the devil is in the details.

What is Google Cloud™ Identity?

google idaas identity

Before diving into the LDAP support in Google Cloud Identity, it is important to understand what role Google’s identity management approach can play in your organization. If you are a G Suite™ or Google Cloud Platform™ customer, you know that your users can use their Google credentials across virtually all Google apps. That’s really the function that Google Cloud Identity is playing. Recently, Google has also leveraged this identity to a few, select web applications and, now, to some LDAP based applications.

Limitations of the Google Cloud

G Suite Google Identity Management Challenges

For most organizations, though, Google Cloud Identity doesn’t function as their authoritative identity provider, but rather an adjunct to an on-prem Microsoft® Active Directory® (AD) or OpenLDAP™ instance. Those that have tried to use Google identity management services as a “directory service” have quickly realized that it was never meant to replace AD. Since Google is mostly concerned with their own proprietary solutions, permeating a Google identity to non-Google resources (i.e. systems, competing cloud infrastructure, networks, etc.) cannot be done. This restriction makes it tough on admins who are looking to dole out authorization to their user identities using Google Cloud Identity.

The result has been that Google customers either maintain their on-prem AD server or lose a great deal of core authentication functionality such as to systems (Windows®, Mac®, Linux®), cloud and on-prem servers (e.g. AWS®, Azure®), file servers such as Samba and NAS appliances, and WiFi through RADIUS. It is certainly a rock and a hard place sort of scenario. On one hand, IT admins are stuck leveraging a traditional directory that’s being bolstered by a handful of added on tools like Google Cloud Identity. In the other, the IT organization is crippled by having to forego the majority of its authentication mainstays. So, despite the LDAP support in Google Cloud Identity, is it a worthwhile directory replacement? Is there some solution that could bridge the gap between the Google Cloud and all of the other IT resources at play?

Google Cloud Identity LDAP Support and More

g suite jumpcloud

The good news is that there is a new approach to cloud identity management that is tightly integrated to Google’s G Suite and GCP platforms. The AD replacement solution takes user authentication, be it to SAML or LDAP apps, systems, networks, and more, and offloads it to the cloud. And, since it is a platform-neutral product, this cloud directory service authenticates regardless of provider, platform, protocol, or even user location. This cloud identity management platform is called JumpCloud® Directory-as-a-Service®.

JumpCloud takes the best of LDAP support in Google Cloud Identity and the identity management capabilities of AD, offering them from one unified cloud solution. Designed to provide best-in-class user and system management, JumpCloud Directory-as-a-Service focuses on maintaining endpoint-centric identities remotely or on-prem that are scalable for almost any size organization. A key feature of the Directory-as-a-Service platform is its G Suite integration. JumpCloud identities can be directly linked to Google accounts, making it a breeze to extend to products like Google Cloud Identity and more from one set of credentials. While there is LDAP support in Google Cloud Identity, admins can take advantage of the fact that JumpCloud integrates the LDAP, SAML, and RADIUS protocols to authorize access to a wide range of applications, both on-prem and online, as well as WiFi networks.

Not a JumpCloud Customer?

Interested in JumpCloud Directory-as-a-Service for your organization? Signing up is completely free, and so are your first ten users. If you have any trepidations about the product, consider contacting our expert team or consulting our YouTube channel to learn more or answer any questions you may have.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts