{"id":13573,"date":"2023-07-19T10:51:38","date_gmt":"2023-07-19T14:51:38","guid":{"rendered":"https:\/\/www.jumpcloud.com\/?p=13573"},"modified":"2023-10-11T12:28:50","modified_gmt":"2023-10-11T16:28:50","slug":"what-is-gads","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/what-is-gads","title":{"rendered":"What Is GCDS?"},"content":{"rendered":"\n
Google Cloud Directory Sync<\/a> (GCDS) makes it possible for Google accounts to sync with Microsoft\u2019s Active Directory (AD). It\u2019s a core component of Google\u2019s approach to identity and access management (IAM), which is to provide IT admins with as much optionality<\/a> as possible.<\/p>\n\n\n\n This article explores why integrating Google with AD is beneficial and other ways IT admins can leverage Google and its partner ecosystem to modernize their IT infrastructure. JumpCloud has partnered with Google<\/a> to help small and medium-sized enterprises (SMEs) to extend or replace Active Directory or to enable other important use cases such as migrating from on-premises Exchange to Google Workspace. Broader customer choice is a major benefit of Google IAM<\/a> over using Microsoft\u2019s ecosystem for single sign-on (SSO) and cloud directory synchronization. <\/p>\n\n\n\n GCDS is the identity bridge<\/a> between Active Directory and Google Workspace\u2019s account directory. Its utility is installed on Windows Server on premises (or in Google Cloud) and configured to sync Active Directory\u2019s users, aliases, groups, and other data with Google. It communicates over port 443 HTTPS\/SSL and uses Google\u2019s Virtual Private Cloud<\/a> (VPC) access connector to establish a secure network connection with Google\u2019s Cloud Identity. Google Cloud Identity handles user and access management for Google resources, and more.<\/p>\n\n\n\n Changes that are in AD are reflected to GCDS and subsequently to Google\u2019s identity management platform in the cloud. Active Directory is the authoritative source of identity. For example, suspended or deleted AD users will also be disabled in Google Cloud Identity.<\/p>\n\n\n\n This configuration will make it possible to adopt Google Workspace while keeping AD as your identity provider (IdP). <\/p>\n\n\n\n However, many IT organizations are shifting away from Active Directory<\/a>. This is largely due to the fact that AD no longer provides<\/a> IT organizations with efficient and effective user management across all endpoints and locations. Security is also motivating this change. Implementing AD according to its best practices<\/a> is challenging and can become expensive. It also requires point solutions (or Microsoft subscriptions) to function as a modern directory.<\/p>\n\n\n\n Specifically, AD doesn\u2019t provide these essential features:<\/p>\n\n\n\n Then, there\u2019s the security considerations. A recent report<\/a> found, \u201cApproximately 95 million Active Directory accounts are attacked daily, as 90% of organizations use the identity platform as their primary method of authentication and user authorization.” SMEs are at particular risk if they haven\u2019t taken steps to implement a cybersecurity program<\/a> and lower AD\u2019s attack surface. Windows admins don\u2019t need to be reminded about the disruptions caused by zero-day exploits<\/a>.<\/p>\n\n\n\n These issues are concerning, but migrations may seem difficult. Some SMEs within regulated industries may require on-premises authentication, while others can consider more modern alternatives. Google offers pathways for both scenarios, either standalone or with JumpCloud. Migrating away from AD (or extending it to do more) isn\u2019t all or nothing or unapproachable.<\/p>\n\n\n\n Google Cloud Identity offers free and premium editions<\/a> with the primary difference being app management, device management, and other advanced features that aren\u2019t available for free. Google recommends<\/a> JumpCloud for SMEs that are extending or migrating off of AD.<\/p>\n\n\n\n JumpCloud and Google are complementary. Both platforms use dynamic groups that use user attributes to automate memberships. JumpCloud imports users into groups from Microsoft, Google, Okta, and HR systems. JumpCloud\u2019s groups logically separate objects in a manner that\u2019s simpler than managing OUs within AD, while providing stronger lifecycle management.<\/p>\n\n\n\n This open directory platform helps SMEs extend or discontinue using Active Directory with unified endpoint and identity management to deliver essential endpoint compliance and security capabilities. Here\u2019s a brief overview of JumpCloud\u2019s features that are helpful for SMEs.<\/p>\n\n\n\nGCDS and Active Directory<\/h2>\n\n\n\n
Active Directory Doesn\u2019t Meet Modern Requirements<\/h2>\n\n\n\n
\n
Google\u2019s IAM Pathway<\/h2>\n\n\n\n