Google™ recently announced how to support LDAP with Google Cloud Identity. Google’s aim with building this capability is to expand the usefulness of their cloud identities and enable them to authenticate to LDAP-based applications in addition to G Suite™, GCP, and other Google services. In order to understand the impact for IT organizations, we need to take a step back and understand what Google Cloud Identity is and what Google’s intentions are with it.
Infrastructure Requires Identity Management
The Google Cloud Identity story doesn’t begin with identity management at all. Google’s interest in the overall business space has been to create infrastructure platforms such as G Suite™ and Google Compute Engine™ (GCE). Identity management has largely been a means to an end. What we mean by that is Google Cloud Identity is a way to make it easier to adopt Google’s cloud platforms. With one identity across their services, it is much easier to utilize Google’s offerings. We all hate having to sign up for multiple services and juggle identities and their associated passwords.
To that end, G Suite integrates with on-prem LDAP and Microsoft®Active Directory® (MAD or AD) servers. In general, the viewpoint has been to extend on-prem identity providers to sync with G Suite directory, which is effectively a user management system to G Suite, Google Cloud Platform™ services, and a limited selection of SAML and LDAP-based applications. But, that solution leaves out a lot of resources that users leverage every day.
LDAP with Google Cloud Identity is not Full Featured
Unfortunately, the concept of authenticating and managing systems, on-prem and cloud servers (e.g. AWS®, Azure®), on-prem data centers, file servers (Samba and NAS appliances, Dropbox™), WiFi through RADIUS, and more are really outside of the concept of Google Cloud Identity, which goes back to Google’s intentions. Google seems interested in competing with Office 365™ and AWS, but hasn’t seemed all that interested in picking a fight with Active Directory. As a result, IT admins are left with a productivity platform in the cloud and their identity management (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/ldap-google-cloud-identity-support/