MacOS Authentication Using G Suite Identities

Written by Rajat Bhargava on April 18, 2019

Share This Article

More organizations than ever are using G Suite. In fact, Google announced that it finished 2018 with 5 million paying customers. When you combine that with the fact that G Suite for Education has upwards of 70 million users, it’s easy to see how extending G Suite credentials to a wider range of IT resources could be useful. After all, G Suite isn’t the only IT resource on modern IT networks. In fact, Mac systems are commonly used with G Suite environments. Thus, IT admins are wondering how they can take advantage of macOS authentication using G Suite identities.

New Methods

For IT admins and organizations that are looking to leverage G Suite identities for authentication into macOS systems, that functionality is not available “out-of-the-box” so to speak from either Google or Apple. But, if you were to leverage a complementary solution to G Suite, called JumpCloud, your G Suite identities can end up actually being your universal identities.


JumpCloud MDM

Manage All Devices in One Platform

An easy way to conceptualize this problem is to think of G Suite as the replacement for Microsoft Exchange, Windows file server, and Office. And then, Directory-as-a-Service becomes the replacement for Microsoft Active Directory. When you make this switch to the cloud and cloud resources with G Suite and JumpCloud, you ensure your employees have a single password for all of their IT resources via True Single Sign-On™

But, before we get too far into the possibilities enabled with the switch to G Suite and JumpCloud, let’s talk about some limitations of trying to perform this integration without JumpCloud.

Why The Standalone G Suite Approach Falls Short

It’s important to realize that the era in which G Suite (Google Apps at the time) was created was a different era of IT. When Google Apps first hit the scene, the world was still largely based on Microsoft® Windows and the majority of IT infrastructure was located on-prem.

As a result, Google Apps was built to work around the leading directory services solutions. At that time, those were Microsoft Active Directory (MAD or AD) and OpenLDAP. It didn’t make sense for Google Apps to replace AD, but it certainly did make a great deal of sense to go after Exchange and Office.

Over time, as more IT organizations moved to G Suite, a common problem kept springing up around managing identities. If an IT organization wanted to shift completely to the cloud, continuing to leverage AD or OpenLDAP meant that a core part of their infrastructure was still on-prem. If they kept their on-prem Active Directory service, many organizations found themselves tied to Windows with one foot on-prem and the other in the G Suite cloud world.

Around that time, Apple was just beginning its resurgence and many sought to take advantage of the Windows alternative. As a result, Apple machines kept popping up everywhere. But, with many organizations continuing to leverage Active Directory, those macOS machines could not be easily managed with AD unless add-ons were stacked on top of it, which increased both complexity and cost. There had to be a simpler way.

Adapting G Suite Identities to Modern IT and macOS Authentication

The shift to G Suite and then macOS systems put a great deal of pressure on how to centralize access and identity management in a realm that was typically dominated by Microsoft and their bevy of Windows-based solutions. Also, a new, revolutionary service was beginning to make its way into IT environments—Amazon Web Services (AWS). Soon after, very little of the overall IT infrastructure in many IT organizations was actually being managed by AD for modern organizations. That has forced many to question if they need AD or if G Suite Directory is sufficient.

Unfortunately, G Suite Directory is not much help as it wasn’t built to authenticate to on-prem systems, cloud servers, on-prem applications, VPNs, and WiFi among others. It was largely just a user management system for G Suite along with web application single sign-on for a select group of web applications. So, while it was useful for Google Cloud services, it wasn’t a core identity provider for most organizations.

Full Mac Authentication is Possible

The best path forward for environments rife with macOS systems and G Suite users is through JumpCloud Directory-as-a-Service. This cloud directory serves as a central identity provider that has the ability to integrate with existing user stores, such as G Suite Directory, and import users en masse.

JumpCloud then becomes the core IdP, which can federate the same G Suite credentials to virtually any IT resource. Specifically, a user’s macOS system can be authenticated via the same G Suite credentials. So, too, can AWS cloud servers, Linux machines, on-prem applications that authenticate via LDAP, web apps by way of SAML 2.0, WiFi through RADIUS, and of course, Windows systems. As a cloud directory service, this solution complements G Suite. In effect, it is cloud-based and cost effective, just like G Suite.

Try JumpCloud for Free Today

MacOS authentication using G Suite identities doesn’t have to be an impossible integration any longer. Through a trial of JumpCloud, you can sample that and all of the JumpCloud functionality at absolutely no cost to you. Try it free today.

Rajat Bhargava

Rajat Bhargava is an entrepreneur, investor, author, and CEO and co-founder of JumpCloud. An MIT graduate with over two decades of high-tech experience, Rajat is a ten-time entrepreneur with six exits including two IPOs and four trade sales.

Continue Learning with our Newsletter