Can I Replace Active Directory with Google IdP?

google idp

Microsoft® Active Directory® is the most popular identity and access management (IAM) platform in the world. Introduced in 1999, it quickly became the standard identity provider (IdP) for organizations. With the shift to the cloud, IT admins are wondering if they can replace Active Directory with Google IdP.

If you are looking for a cloud IdP that still maintains a lot of the functions you are used to with Active Directory, Google IdP is not the solution you are looking for. In order to understand why, we need to take a closer look at what Google is doing and what it’s not doing.

Google’s Playbook

google idp

Google has been on the front-end of the cloud transformation with their introduction of Google Apps (now called G Suite) and Google Cloud Platform (GCP). G Suite® has become one of the most popular SaaS solutions on the planet, and according to a report by Blissfully, G Suite even has the most market share compared to any other SaaS product. While Google challenged Microsoft Exchange, Windows File Server, and Office by creating G Suite, they were reticent to attack Active Directory. With the recent introduction of Google IdP, does that signal a change in their cloud identity management intentions? The short answer is no.

Can’t Replace Active Directory with Google IdP

G Suite Google Identity Management Challenges

You really can’t replace Active Directory with Google IdP because it can’t do the same things that AD can. Active Directory’s intent is to be the core identity provider for an organization and that includes their Windows systems, applications, file servers, and networks. Google’s G Suite Directory – which is effectively their IdP – is focused on being the user management platform for Google Apps and services along with a few, select web applications via SAML and OAuth.

In fact, Google actually works with Active Directory. Using Google Cloud Directory Sync (formerly called Google Apps Directory Sync) IT can bridge AD and Google IdP. Active Directory remains the core identity provider, while IT can manage user access to G Suite. However, this solution requires additional hardware, software, and integration. (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/replace-active-directory-google-idp/

Natalie Bluhm

Natalie is a writer for JumpCloud, an Identity and Access Management solution designed for the cloud era. Natalie graduated with a degree in professional and technical writing, and she loves learning about cloud infrastructure, identity security, and IT protocols.

natalie-bluhm has 172 posts and counting.See all posts by natalie-bluhm