Google Apps Directory Sync (GADS), now known as Google Cloud Directory Sync (GCDS), is a software component in Google’s identity management services area. What is GADS, exactly? How does GADS fit in to your identity and access management (IAM) infrastructure today?
Before answering either of these questions, it is important to understand Google’s thought process and approach within the cloud identity management world.
Google’s IAM Tactics
Google has been competing directly against Microsoft with G Suite™ by attacking core Microsoft solutions such as Exchange®, Office and Office 365™, Windows File Server, and more. While Google has been locked in competition with Microsoft in those areas, when it comes to directory services, Google isn’t interested in being competitive. Instead, they’d rather be complementary.
Microsoft® Active Directory® is by far the most dominant identity management platform on the planet. Google has a healthy respect for AD’s dominance, so their goal wasn’t to try and shift to a cloud directory, but rather leverage an identity bridge to connect on-prem AD identities with their G Suite directory.
Google’s G Suite directory is a user management platform for their Google Apps, and the identity for a Google user is called Google Cloud Identity. Once an identity has been populated within Google, it is leveraged for Google applications and services as well as a few, select third party web applications. This identity management approach doesn’t integrate with a user’s system, network, on-prem file storage, and legacy applications. As a result, IT admins have needed to use G Suite Directory alongside Active Directory, and this is where GADS comes in.
GADS and Active Directory
GADS is the identity bridge between Active Directory and G Suite directory. It is an on-prem piece of software that is implemented effectively next to the Active Directory instance. The two are integrated together, so that any changes in AD are reflected to GADS and subsequently to Google’s identity management platform in the cloud. Active Directory is the authoritative source of the identity, and Google’s cloud directory is the slave.
The challenge for IT (Read more...)