" class="nav-category">Career
This widget could not be displayed.
  • IT Topics
  • This widget could not be displayed.
  • Repo
  • This widget could not be displayed.
  • This widget could not be displayed.
  • ">MSPs
    This widget could not be displayed.
  • Community News
  • cancel
    Showing results for 
    Search instead for 
    Did you mean: 
    JCDavid
    Iron II
    Iron II

    Google provides optionality in how its customers manage users and endpoints. In fact, it recommends JumpCloud for organizations that are migrating from a standalone Active Directory instance. 

    JumpCloud provides single sign-on (SSO) to all of your resources from web apps to network devices. It also includes cross-OS device management and built-in options for patch management and remote access. 

    Simply put, Google and JumpCloud are better together.

    Demo Overview

    There are two main integration options: use a pre-built OAuth2 integration that’s included in JumpCloud’s open directory, or use a SAML connector.

    To be honest, you’ll get the most out of JumpCloud if you do both. For instance, it becomes possible to adopt phishing-proof modern authentication and a zero trust security strategy built around your assets. Admins save time by doing their tasks in a single interface and users gain a consistent experience for accessing all their JumpCloud and Google Workspace resources. 

    We’re focused on the pre-built method for this walkthrough, because you’ll be able to keep Google as your source of truth and pick a few lucky “volunteers” without affecting production.

    Prerequisites

    Not every step here is necessary to complete this tutorial. However, if you want to experience your evaluation of this (and other) feature as if you’re implementing the product, we recommend the following:

    1. Complete the following walkthroughs (or have set up your instance with the appropriate assets on your own):
      1. Creating JumpCloud Admins
      2. Creating Groups 101 
      3. Google WorkSpace account with the appropriate administrative rights and licenses to authorize the directory synchronization.

    Demo Walkthrough

    Are you a visual learner? Try this simulation instead!

    Step 1: Create a Directory Integration

    • Use the left-hand navigation menu to select Cloud Directories
    • Hit the plus ( + ) sign and select Google WorkSpace from the dropdown menu
    • Name the directory and hit authorize sync, which will redirect you to Google.

    new-google-directory

    Resources: Google Workspace Sync

     

     

    Step 2: Authorizing the Sync

    • Log in as a super admin that has a strong, static password (changing passwords will break the sync)
    • Allow access for JumpCloud to manage the provisioning of users on your domain; you’ll then be redirected back to JumpCloud’s admin console.

    access-google

    Resources: Google Workplace Integration Overview, Sync User Attributes with Google Workspace, FAQ: Google Workspace Directory Integration, Troubleshoot: Google Workspace Integration

     

    Step 3: Select and Activate Users

    • Select the users that you want to import. JumpCloud will become the password authority for those users once they login to the JumpCloud User Portal. JumpCloud manages the user and updates Google when changes to attributes or passwords are made. 
    • Users won’t be ready to manage until their user state is set to ‘active’.

    Users will continue to log into Google WorkSpace directly, using Google’s MFA. Actions such as adding or suspending users can be performed in either platform, because it’s a directory sync.

    directory-details-attribute-mapping

     Here’s a few more activities for your testing:

    • Export JumpCloud user into WorkSpace
    • Sync attributes and passwords
    • provision/deprovision a user

    This tutorial will show you how to do it all.

    Bonus Simulations

    Simulation: User Portal Password Reset

    Final Results

    JumpCloud is now available to manage Google users. The open directory platform makes it possible for WorkSpace users to coexist with Active Directory or Entra ID identities, or even users from another IdP like Okta. All of your users will be managed from one location.

    Setting up a SAML integration will make JumpCloud the default IdP. Your users will be redirected from Google to JumpCloud for access to resources, including WorkSpace, and can be assigned to managed devices. We didn’t do that today to avoid any global changes.

    Get prepped now

    Download the admin app to test out on-the-go features such as password resets.

     

    You Might Like

    New to the site? Take a look at these additional resources:

    Community created scripts

    Keep up with Product News

    Read our community guidelines

    Ready to join us? You can register here.