CloudAnywhere is shipped with a Google Apps connector to help you synchronize your LDAP directory or Active Directory with Google Apps.

Google Apps provisioning

Overview

The Google connector synchronizes your Active Directory (or other source) directories with Google Apps. It provisions and deprovisions users, groups and contacts.
Passwords are synchronized in real time in a secure way.

Objects synchronized

  • Users
  • Groups
  • Contacts
  • Organizations provisioning (organizational unit mapping)
  • Real time password synchronization with respect of Google password complexity

Functionalities

  • Active Directory multi-domain and multi-forest support
  • Multi-tenant support
  • Possibility to synchronize, merge or split Google tenants
  • All available attributes are synchronized

Organizational unit synchronization

The connector synchronizes Active Directory organizational units with Google organizations.
Users can be provisioned in the root organization. Google organizations can be created on the fly.
Mapping tables are available to map existing Active Directory organizational units and Google organisations when names are not matching.

The CloudAnywhere platform offers the possibility to granularly select the accounts to be provisioned according to their group memberships, attribute values ​​etc.
Google Apps provisioning

Comparison with Google password synchronization

In Google’s solution (GAPS), every domain controller pushes passwords directly: all domain controllers must have internet access.

  • This introduces security risks.
  • No retry mechanisms.
  • No password complexity enforcement: Active Directory accepts passwords not valid on the Google side (passwords with accented characters, for example).

CloudAnywhere proceeds differently: every Active Directory securely sends passwords to the CloudAnywhere server.

  • No domain controller needs to access the internet.
  • CloudAnywhere respects Google passwords requirements.
  • When a user changes a password, if the password is not compliant with Google rules, the password is not changed.

Reset password portal

CloudAnywhere is shipped with a reset password portal for users who do not have access to a computer in Active directory and who therefore cannot change their passwords using Microsoft’s standard method.