Working with Google Cloud Identity to Enable Easy LDAP-based Identity as a Service

Written by Alexander Shapero on Oct 11, 2018

Managing user identities across an enterprise is a huge security challenge. Traditionally, companies did this in on-premises environments with tools like Microsoft Active Directory (AD) and the lightweight directory access protocol (LDAP). However, as more and more companies make the transition to the cloud, they are also looking to adopt cloud-based authentication systems. Enter Identity as a Service, or IDaaS.

What is LDAP anyway?

Let’s back up and define what LDAP is. At a high level, LDAP is an open source application protocol that enables IT administrators to query and modify information organized in a directory information tree that’s stored in an LDAP database. Developed in 1993 by computer scientists at the University of Michigan, LDAP soon became the industry standard and the foundation for AD. It is commonly used to provide a central location to store usernames and passwords, where applications and services connect to validate users’ credentials.

The cloud changes everything

It’s a gross understatement to say that much has changed since the 90’s. Enterprises are migrating their infrastructure, apps and data to hyperscale clouds at a rapid rate. In addition, users are now working on-the go from multiple devices, and SaaS and mobile apps are now just as critical as core legacy Windows-based apps. Enabling users to securely and easily access all types of applications is imperative. However, up until recently, IT administrators were forced to maintain separate identity management systems, which is not only time-consuming, but extremely expensive. This is why a comprehensive IDaaS system is now necessary to manage and secure these complex and dispersed environments.

To address this challenge, Google Cloud launched its IDaaS solution, Cloud Identity, earlier this year, which enables IT administrators to manage users, devices and applications from a single web-based console. At Google Cloud Next 2018 in London, the company also announced secure LDAP to enable users to log into both SaaS platforms like G-Suite and traditional LDAP-based applications hosted on-premises with the same credentials. Secure LDAP also simplifies management since IT administrators can manage security and identity policies from multiple domains through a single interface.

Where itopia fits in

As a trusted Google Cloud Technology Partner, the team at itopia was honored to be chosen as one of the first partners to test and validate secure LDAP, specifically for deploying and managing GPU-accelerated Linux-based virtual graphics workstations. With secure LDAP, IT administrators can sync on-premises AD environments with their Google Cloud-based directories to enable seamless and secure access to all applications, and unified identity management. Our engineering team has also put together a step-by-step guide for our customers on how to configure Google Cloud Identity LDAP on Ubuntu 16.04 for user logins. itopia Cloud Automation Stack (CAS) will be automating the new IDaaS feature on Google Cloud in the very near future. Stay tuned!