Google’s new Identity-as-a-Service solution is called Google Cloud Identity. A common question that we are hearing is whether or not you can authenticate Macs with Google Cloud Identity.
Before addressing this question, it’s important to take a step back and understand the entire IT landscape.
From Microsoft to Google and The Cloud
Historically, the identity and access management space has been dominated by Microsoft® Active Directory® (AD), and the on-prem identity provider connected user identities to predominantly Windows resources. In an all on-prem, Microsoft world, AD offered IT great control over their environment, so it grew to monopolize the directory services market.
Then the workplace transformed. Users gravitated toward using Mac and Linux systems. Web-based applications replaced conventional software. And the cloud removed the need for on-prem infrastructure.
Google played a major role in the proliferation of these new, non-Microsoft resources. But while G Suite (formerly Google Apps) attacked Microsoft head-on when it came to Exchange, Windows File Server, Office, and more – Google never directly took aim at Active Directory.
So, is Google Cloud Identity an Alternative to AD?
Unfortunately, no, Google Cloud Identity can’t replace Active Directory. Google Cloud Identity is really a user management system for Google Apps, Google Cloud Platform, and for a few, select web applications. This is why you can’t authenticate Macs with Google Cloud Identity natively. With Google Cloud Identity, it’s just not possible to manage systems in your environment.
Authenticate Macs with a Cloud Identity Provider
The good news is that by integrating a next generation IDaaS platform called Directory-as-a-Service® (DaaS) with G Suite Directory you can leverage Google Cloud Identity credentials for Macs.
Authenticating Google identities to Mac systems starts by placing a lightweight agent on all of your Mac devices. Next, through the cloud identity provider, local user accounts are created on the Mac devices. Then, these local user accounts are tied to the Google Cloud Identities that have been integrated and are being managed in the cloud by DaaS. Now from one central location, it’s possible for IT to authenticate Macs with Google Cloud Identity.
Extend Google Cloud Identities to all IT Resources
Authenticating G Suite users to their systems is just the beginning. With our virtual identity provider, it’s also possible to run tasks, execute commands, set policies, and conduct audit logging. In addition to comprehensive system management, our identity bridge can extend your Google Cloud Identities to LDAP and SAML enabled applications, remote servers, and networks via RADIUS. Google Cloud Identities gain frictionless access to IT resources, and IT achieves powerful control over the users and Mac, Linux, and Windows systems in their environment.
Furthermore, with our DaaS and G Suite integration, you no longer have to have Active Directory. If you must retain AD, then you can bridge your AD credentials to be the same ones for Google Cloud and for your Macs. To learn more about our AD Bridge, consider watching this whiteboard video or reading about how to extend AD identities to unbound AD resources.
If you are ready to learn more about how to implement our cloud identity provider, drop us a note. We also encourage you to sign up for a free demo or discover how you can authenticate Macs with Google Cloud Identity by signing up for a free account. Your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud