Google Suite, also known as Google Workspace, is many people’s go to cloud-based productivity suite. G-Suite is a collection of collaboration tools and software that organizations can use to increase efficiency in their organization.
Many organizations are interested in leveraging their G-Suite with their LDAP solution for authentication. In this article, we’re going to see if using LDAP with Google Apps / G-Suite is a viable solution.
Can I Use G-Suite With LDAP?
Yes, you can authenticate G-Suite users with LDAP. The problem is that G-Suite wasn’t really meant to export identities or leverage LDAP to create a directory service. It can be difficult to configure and you can’t use your existing LDAP authorization setup for applications like Wi-Fi and VPN.
Luckily, there are plenty of LDAP alternatives that can actually be much more beneficial to security and user experience. Google Apps / G-Suite allows you to create SAML applications so outside applications can request information from your directory. SAML was created primarily to modernize authentication and adapt the growing cloud-based networking trend. SAML connects the RADIUS to (typically cloud) directories to authenticate users for any service that supports it.
SAML Authentication with Google Apps / G-Suite?
SAML is a useful authentication protocol that uses a Single-Sign-On (SSO) format that creates a seamless authentication experience, which you can easily use to enable secure WPA2-Enterprise Wi-Fi.
By syncing your G-Suite with SecureW2, the JoinNow onboarding software communicates with G-Suite, granting trust to the end user and issuing a certificate. The client can then present the certificate to the RADIUS server to be authenticated and authorized for secure network access.
SecureW2 has innovated on this classic RADIUS infrastructure with the introduction of Dynamic Cloud RADIUS, a feature suite that enhances certificate-based WPA2-Enterprise. Instead of relying on static certificates to restrict user access, the RADIUS server can now talk to cloud IDPs (like G-Suite) at the moment of authentication to make runtime-level policy decisions, on top of having ultra-secure certificate authentication.
Instead of managing multiple certificates per user and revoking and reissuing them every time permissions change, you can enforce user segmentation and other group policies based on a user’s status in G-Suite. In addition to providing an extra layer of security, it’s more user friendly as users can keep the same certificate for years.
Industry First Dynamic RADIUS With G-Suite
Using SecureW2, your organization can have a top of line Dynamic Cloud RADIUS-backed network fully functional in a matter of hours. You can fully utilize your G-Suite directory while being able to make policy changes on the fly without any lapse in security.
We easily consolidate our PKI with any network environment to eliminate any headaches usually associated with integration. We have affordable solutions for organizations of all sizes; check out our pricing here to see if we can be of service.
*** This is a Security Bloggers Network syndicated blog from SecureW2 authored by Eytan Raphaely. Read the original post at: https://www.securew2.com/blog/use-google-with-ldap/