Authenticate Windows® with Google® Cloud Identity

One question that we continue to hear is whether or not you can authenticate Windows® systems with a Google® Cloud Identity. While you can leverage Google Cloud Identity to manage user access to Windows-based servers located within GCP (Google Cloud Platform), the question here is really about Windows end user systems (laptops and desktops) that are not located within GCP. 

Unfortunately, it would appear that the two tech titans are more interested in competition than cooperation. Consequently, IT admins often need a third-party identity bridge to connect the two, but that might actually be more beneficial to the overall organization depending upon the platform of choice. Let’s take a closer look below. 

Overview of the Problem Space

Google first entered the IDaaS (Identity-as-a-Service) space with introduction of G Suite Directory, which is essentially the core identity provider (IdP) for Google Apps. Originally, Google identities were effectively built from the apps and resources that the user leveraged within the Google ecosystem. While effective for Google identities, it was difficult for IT admins to manage all of their user’s identities as they essentially had a number of identity siloes to coordinate. 

Recently, Google changed their approach to identity management by effectively decoupling the core user identity from G Suite Directory to create their Google Cloud Identity management solution. Ultimately, the goal was to make it easier for an organization to connect to Google’s cloud services, especially Google Compute Engine. 

However, Google Cloud Identity only addresses one small part (i.e., the Google angle) of the overarching challenges that organizations face when it comes to managing their IT infrastructure. This is demonstrated by the fact that Google identities can connect to Windows-based servers within GCP, but not end user systems and resources located outside of GCP. Thus, leaving a gap for IT admins to bridge with their own devices.

Similarly, the same can be said for Microsoft equivalent solutions. The on-prem Active Directory® (AD) platform, as well as the cloud-based Azure® AD, are highly tailored for Windows-based IT resources—leaving Google on (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/auth-windows-google-cloud-identity/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 184 posts and counting.See all posts by vince-lujan