In Blog, G Suite, Identity and Access Management (IAM), Mac Management

macos authentication using g suite identities

With more organizations than ever using G Suite, in fact over 5mm, a common question is, “How can you authenticate your macOS device using G Suite identities?”

The short answer is you can’t.

The longer answer is that by leveraging a complementary solution to G Suite called Directory-as-a-Service®, your G Suite identities can be your universal identities.

The easy way to think about this problem is to think of G Suite as the replacement for Microsoft Exchange, file server, and Office. And, then think of Directory-as-a-Service as the replacement to Microsoft Active Directory.

Why Can’t a Standalone G Suite Approach Work?

G Suite Logo

If we step back, it will help you understand the limitations of G Suite directory as a core identity provider. When Google Apps was created the world was largely based on Microsoft Windows and was on-prem.

As a result, Google Apps was built to work closely with the market share leading directory services. Those were Microsoft Active Directory and OpenLDAP at the time. It didn’t make sense for Google Apps to replace AD, but it did make sense to go after Exchange and Office.

Over time, as more IT organizations moved to G Suite, a common problem was around managing identities. If the IT organization wanted to shift completely to the cloud, using AD or OpenLDAP wouldn’t work. If they kept their on-prem Active Directory service, it tied them to Windows which isn’t what they wanted.

At this time, Apple’s resurgence was in full swing and MacOS devices were popping up everywhere, but IT couldn’t manage them with Active Directory.

Adapting G Suite Identities to Modern IT

macbookpro

The move to G Suite and now to Apple MacOS devices was putting increasing pressure on how to centralize user access and management. If you added in AWS cloud servers, now very little of the overall IT infrastructure was being managed by Active Directory.

G Suite’s directory wasn’t built to authenticate to on-prem devices, cloud server, on-prem applications, and WiFi among others. It was largely just a user management system for G Suite.

While that was useful when an on-prem AD server existed, it didn’t work in this environment (nor with those organizations that wanted to move away from Active Directory).

Full Mac Authentication is Possible

jumpcloud g suite integration

The path forward is through Directory-as-a-Service®. The cloud hosted directory serves as a central identity provider leveraging G Suite credentials for virtually any IT resource. Specifically a user’s macOS devices can be authenticated via G Suite identities. So, too, can AWS cloud servers, Linux devices, on-prem applications, WiFi, and, of course, Windows devices. As a cloud directory service, the solution complements G Suite – it is cloud based, scalable, and cost-effective, much like G Suite.

Learn More or Give JumpCloud a Try for Free

If you would like to learn more about how macOS authentication using G Suite identities can work, drop us a note. Or, give JumpCloud’s Directory-as-a-Service platform a try for yourself. Your first 10 users are free forever, but if you need to try it across your entire enterprise, sign-up for our JumpStart program. It provides an unlimited trial with full support that lasts for a limited time.

Recent Posts