Is Google™ LDAP a viable identity provider (IdP) for organizations? The simple answer is no. Google LDAP, along with Google Cloud™ Identity, isn’t enough to serve as a replacement for Microsoft® Active Directory® (MAD or AD). AD simply controls too much at the system level. But, an LDAP offering that can leverage Google credentials can be useful. The success of Google Apps™ (now G Suite™) ensures that many users probably already have Google Cloud identities. This means that a solution that could extend those identities to more than just LDAP-based applications and Google’s stable of applications would be great.
In order to completely understand the benefits of a Google LDAP approach, we need to step back and understand the market. Over a decade ago, Google decided to get into the productivity suite business by offering solutions for hosted email and Microsoft Office®-like applications. Google’s goal was to attack Microsoft at their core—the Office productivity suite.
Interestingly, Google at the time—and still yet—wasn’t interested in challenging Active Directory, the core identity provider for organizations. Instead, the idea was to leave the complicated directory solution on-prem, but move from Exchange and Office to Google Apps (G Suite). The strategy worked brilliantly, and there are now millions of organizations who have moved away from on-prem Office software and onto G Suite. As a matter of fact, over time, IT organizations have started to see their Windows®-centric environment shift to G Suite, Amazon Web Services® (AWS®), Mac®/Linux® systems, web applications, and more. Now, the desire is to replace AD on-prem, so all of these new resources can work together in harmony.
Google and LDAP for User Management
Google’s G Suite Directory and Cloud Identity Management solutions are really focused on being a user management solution for Google applications and now for some SAML and LDAP-based applications. The challenge is that in order to replace Active Directory, IT organizations need a solution that’s more comprehensive than what Google is offering. They need to be able to manage users (Read more...)