Suggestions for using Active Directory credentials (user name/password) with Google Apps?

active-directory ldap password synchronization g-suite
6,643

Solution 1

Check out " Google Apps Directory Sync" from Google it is included in the educational version at no charge. This will only sync the acutual accounts and groups: http://googleenterprise.blogspot.com/2009/04/sync-google-apps-user-accounts-with.html

You will need to work on something like google SSO to provided access to you LDAP server for authentication.

Google Apps Marketplace has several products available that snap into place and will provide what you are looking for. Here are some examples.

Intient GConnect - http://www.google.com/enterprise/marketplace/viewListing?productListingId=4284199+8229018775854408052

SecureAuth - http://www.google.com/enterprise/marketplace/viewListing?productListingId=3806839+12543887358898980350

Hope that helps!

Solution 2

Google just released a new password sync product called "Google Apps Password Sync (GAPS)"

http://support.google.com/a/bin/answer.py?hl=en&answer=2611859&topic=2611858&ctx=topic

Solution 3

Microsoft Active Directory (MAD) supports a function called password filters. Basically these are a DLL that runs on every domain controller, when a user/admin requests a password change the filter can capture the password before MAD encrypts and stores the password in the MAD database. Lucky for you someone has already written a filter for you that works perfectly (I use it on a Windows 2003 SP1 MAD domain controller). Have a look at http://code.google.com/p/sha1hexfltr/wiki/installation

It captures the users new password whiles its plain text, creates a sha1 hash of the password and stores that in the "division" attribute in MAD. Google Apps Directory Sync (GADS) can then sync the password to Google Apps. Works for user creation and every password change post.

Good luck

Solution 4

Here is a password filter that solves the synch problem. http://code.google.com/p/sha1hexfltr/

Share:
6,643

Related videos on Youtube

Corey
Author by

Corey

Updated on September 17, 2022

Comments

  • Corey
    Corey over 1 year

    I run a small college network with approximately 150 user accounts both in my Active Directory and in Google Apps. I'm looking to link AD with G-Apps. Currently my users are required to maintain separate passwords for each. Obviously this is not really the ideal situation. I know Google provides APIs for this type of thing, but not the actual software. I've looked at a few commercial products and seem to be leaning toward Crowd (atlassian.com). I'm also interested in the ability for users to reset there own passwords or receive randomly generated passwords via TXT message. Single Sign On would be nice, but not really necessary if I simply had a way for the passwords to be synchronized.

    Optimally, when I create a user in AD, it will automatically show up in Google Apps, and when a user changes there password via Windows (or a web page if necessary) that change will be reflected in both AD and G-Apps.

    I also use Moodle, Joomla and a few other products that have the ability to authenticate against LDAP.

    I have Win2k3 DCs, and one Ubuntu webserver. I can add a server if necessary.

    Has anyone else done this, or something similar? Are there any other products or technologies I should be looking at. I tend to gravitate towards something Windows based with a GUI due to my lack of experience with Linux/CLI. I'm not a programmer, so I need something that will work out of the box (or as close as possible).

    • Corey
      Corey about 13 years
      I answered this question with a detailed description of my final solution
  • Corey
    Corey almost 15 years
    Yes, I've already looked at that, and unfortunately it does not have the ability to read the passwords held in AD, and therefore can not be used to sync passwords.
  • Corey
    Corey over 12 years
    They have now added the Google Apps feature to the stock product.
  • Corey
    Corey almost 12 years
    Google has released a password sync product called "Google Apps Password Sync (GAPS)" I put a link in my answer below.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Disabling a user's ability to change password on Active Directory
Need help setting up Google Cloud Directory Sync with AD using secure LDAP
How to use Google Apps as an OD/AD/LDAP Provider
AD LDAP No Password Required
Ldap error code 32
What are the other alternative to test a LDAP connection on linux machine
How to retrieve DirectoryEntry from a DirectoryEntry and a DN
How best to recursively query AD Group membership in ASP.NET (using vb)
Adding users to AD using LDAP
LDAP Error "User Name Not Found"