One question that we continue to hear is whether or not you can authenticate Windows® systems with a Google® Cloud Identity. While you can leverage Google Cloud Identity to manage user access to Windows-based servers located within GCP (Google Cloud Platform), the question here is really about Windows end user systems (laptops and desktops) that are not located within GCP.
Unfortunately, it would appear that the two tech titans are more interested in competition than cooperation. Consequently, IT admins often need a third-party identity bridge to connect the two, but that might actually be more beneficial to the overall organization depending upon the platform of choice. Let’s take a closer look below.
Overview of the Problem Space
Google first entered the IDaaS (Identity-as-a-Service) space with introduction of G Suite™ Directory, which is essentially the core identity provider (IdP) for Google Apps. Originally, Google identities were effectively built from the apps and resources that the user leveraged within the Google ecosystem. While effective for Google identities, it was difficult for IT admins to manage all of their user’s identities as they essentially had a number of identity siloes to coordinate.
Recently, Google changed their approach to identity management by effectively decoupling the core user identity from G Suite Directory to create their Google Cloud Identity management solution. Ultimately, the goal was to make it easier for an organization to connect to Google’s cloud services, especially Google Compute Engine.
However, Google Cloud Identity only addresses one small part (i.e., the Google angle) of the overarching challenges that organizations face when it comes to managing their IT infrastructure. This is demonstrated by the fact that Google identities can connect to Windows-based servers within GCP, but not end user systems and resources located outside of GCP. Thus, leaving a gap for IT admins to bridge with their own devices.
Similarly, the same can be said for Microsoft equivalent solutions. The on-prem Active Directory® (AD) platform, as well as the cloud-based Azure® AD, are highly tailored for Windows-based IT resources—leaving Google on (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/auth-windows-google-cloud-identity/