Set up synchronization between Active Directory and Google Workspace

Lord Yorwan 5 Reputation points
2024-01-16T07:33:51.0433333+00:00

Hello,

First, happy new year to all!

Let me set the scene quickly. I work for a company that uses a hybrid Azur Active Directory, but we've acquired a company using Google Workspace that we need to keep for operational reasons.

Using Active Directory AND GoogleAdmin for technicians is a source of errors, and we'd like to use Active Directory to manage everyone, even Google users, via synchronization and groups that grant licenses.

I've looked into it, I've even contacted Google support who suggested using Google Cloud Directory Sync, but I'm not sure that it really fulfils what we want to do.

To be more precise, we'd like to be able to add a user to the AD, so that this user can be added to Workspace using the e-mail address we enter in the AD. If we decide to put this user in a specific group in the AD, this will give him a license in Workspace, and of course if we remove him from the group, he'll lose his license.

Do you think this is possible, and if so, how, or are the architectures too complex and remote to allow such permessiveness?

Thank you in advance for your answers and have a nice day!

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,149 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,219 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,357 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Harpreet Singh Matharoo 7,621 Reputation points Microsoft Employee
    2024-01-16T11:02:10.1066667+00:00

    Hello @Lord Yorwan

    Thank you for reaching out to Microsoft QnA Forum. There might be 2 approaches that you can take here.

    • Approach 1: Use Google Cloud Directory Sync to Sync users from Active Directory to your Google Workspace.
    • Approach 2: Use Microsoft Entra ID Connect to Sync users from Active Directory to Microsoft Entra ID and then Configure G Suite for automatic user provisioning from Microsoft Entra ID.

    However, I assume in both these approaches you would not be able to automatically assign licenses on G Suite/Workspace. This would be managed on G Suite Admin Console using Automatic licensing for organizational units.

    User's image

    For details you can refer following documentations from Microsoft and Google:

    I hope this helps and fixes your issue. Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments