Google Apps Directory Sync (GADS), now known as Google Cloud Directory Sync (GCDS), is a software component in Google’s identity management services area. What is GADS, exactly? How does GADS fit in to your identity and access management (IAM) infrastructure today?
Before answering either of these questions, it is important to understand Google’s thought process and approach within the cloud identity management world.
Google’s IAM Tactics
Google has been competing directly against Microsoft with G Suite™ by attacking core Microsoft solutions such as Exchange®, Office and Office 365™, Windows File Server, and more. While Google has been locked in competition with Microsoft in those areas, when it comes to directory services, Google isn’t interested in being competitive. Instead, they’d rather be complementary.
Microsoft® Active Directory® is by far the most dominant identity management platform on the planet. Google has a healthy respect for AD’s dominance, so their goal wasn’t to try and shift to a cloud directory, but rather leverage an identity bridge to connect on-prem AD identities with their G Suite directory.
Google’s G Suite directory is a user management platform for their Google Apps, and the identity for a Google user is called Google Cloud Identity. Once an identity has been populated within Google, it is leveraged for Google applications and services as well as a few, select third party web applications. This identity management approach doesn’t integrate with a user’s system, network, on-prem file storage, and legacy applications. As a result, IT admins have needed to use G Suite Directory alongside Active Directory, and this is where GADS comes in.
GADS and Active Directory
GADS is the identity bridge between Active Directory and G Suite directory. It is an on-prem piece of software that is implemented effectively next to the Active Directory instance. The two are integrated together, so that any changes in AD are reflected to GADS and subsequently to Google’s identity management platform in the cloud. Active Directory is the authoritative source of the identity, and Google’s cloud directory is the slave.
The challenge for IT admins with the GADS approach is two fold. One, there is an issue of running a separate piece of software and managing that on-prem. More IT organizations are shifting their infrastructure to the cloud, so having more solutions on-prem, and frankly more moving parts, isn’t ideal. In fact, it is expected that by 2025, 72% of IT organizations utilizing G Suite will run 100% of their IT infrastructure in the cloud.
In addition to wanting to avoid any more on-prem solutions, the second, perhaps more fundamental issue, is that many IT organizations are shifting away from Active Directory. This is largely due to the fact that AD no longer provides IT organizations with efficient and effective user management.
The good news is that there is an alternative to GADS and Active Directory that makes it much easier for IT admins to completely shift to the cloud. JumpCloud® Directory-as-a-Service® is a cloud directory that effectively replaces Active Directory and eliminates the need for GADS.
An Active Directory and GADS Alternative
JumpCloud’s identity management solution is completely cloud-based and does not require any on-prem software or hardware. Additionally, JumpCloud enables you to eliminate Active Directory because our independent approach makes it possible to connect users to all of their IT resources regardless of location, provider, protocol, and platform. This means you’ll be able to give your users one set of credentials that are tied to their system, applications, file storage and networks.
JumpCloud’s independent approach also means this directory service adapts to your environment, including environments that are heavily integrated with G Suite. Our G Suite integration leverages a deep, OAuth based API that makes it possible to provision, deprovision, and manage G Suite users from JumpCloud. Because JumpCloud is a full fledge directory service, IT admins are also able to extend G Suite identities to all of the IT resources used in their environment. This means a user’s Google username and password is the same one they use to connect to the WiFi, to login to their Mac system, to access servers in AWS, and much more.
By implementing JumpCloud Directory-as-a-Service, IT organizations will be able to move their IAM infrastructure to the cloud, users will enjoy seamless access to their IT resources, and IT admins will have an easier time securely managing their end users.
Find Out More
Have more thoughts related to the what is GADS question? Feel free to reach out to us. We’d be happy to walk you through why you don’t even need GADS when you use JumpCloud Directory-as-a-Service. Need to do some testing before you’re convinced? Consider signing up for a free account. Your first ten users are free forever, and our entire platform is available to provide an extensive test environment.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud