Many of today’s IT organizations leverage G Suite™ or Google Compute Engine as a major part of their day-to-day operations. Unfortunately, with many still relying on Microsoft® Active Directory® (AD) for their source of truth for identities, connecting to these non-Windows, Google Cloud Identity-based resources becomes a challenge. Given that these Google resources are so mission critical, IT admins are searching for an AD alternative to use with Google cloud solutions. A key issue they are struggling with is whether they can use Google Cloud Identity with OpenLDAP™.
Multiple Approaches to One Question
Google solutions have met Microsoft head on, opposing Office in the productivity space and Azure® in Infrastructure-as-as-Service. Despite this, the Alphabet subsidiary has been reticent to fully challenge Active Directory in identity management. While Google is continuing to evolve their identity management offerings, Cloud Identity primarily acts as a user management platform for G Suite, GCE, and a select few web applications. The question arises, for organizations looking to leverage more than just that select few of applications, how to best apply Google Cloud Identities to LDAP applications.
There are a few approaches to this question. One is a matter of whether Google Cloud Identities can natively be exposed via LDAP altogether. Google recently announced an early version of this capability. Given its infant status, however, the capability may be limited in its abilities to federate Google Cloud Identities to all of an organization’s LDAP resources.
Another approach is, if you have an on-prem OpenLDAP server, it can be synced with Google much like Active Directory is with GCDS (Google Cloud Directory Sync). While this is a fairly straightforward answer, in practice, the process is more involved. Server implementation and management is becoming a hassle in this cloud-forward, serverless age. With a plate piled high with work to be done, the last thing IT admins need is more on their to-do lists.
Google Cloud LDAP
In fact, Google’s focus on GCDS as the link between on-prem directory services such as LDAP and AD still grounds organizations on-prem trying to become more cloud-forward. Unfortunately for (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/google-cloud-identity-openldap/