Using AzureAD as Identity Provider for Google Workspace
HTML-код
- Опубликовано: 8 сен 2024
- In a mixed license environment where there is a considerable Microsoft footprint, it may make sense to use existing Microsoft infrastructure that you have at disposal. In this video, we show you how to set up Single Sign-On (SSO) using AzureAD as the identity provider for Google Workspace.
cloud.google.c...
cloud.google.c...
docs.microsoft...
Workspace Admins Info
View the Google Workspace Admins Public Calendar of upcoming events: calendar.googl...
Add it to your list of calendars via email: c_1mf3t6md93b0k8s2v3c5obmjgo@group.calendar.google.com
Get access to the Shared drive with documents from this event and other past events along with the collection of Community Docs. Workspace Admins Community Comment Access Group: groups.google....
To access the Workspace Admins [Public] shared drive, be sure to join the group above first: drive.google.c...
Google Workspace Recap podcast discussing each weeks new feature releases: workspacerecap...
C2C Global, The Independent Google Cloud Community: www.c2cglobal....
Google Cloud Community, The official Google Cloud Community: www.googleclou...
thank you! i needed to set this up for my organization and this video helped me a lot!
Thanks
great video thanks for posting. will this setup also handle password reset and how will that work? i.e. can an user reset password in google and will that sync back to AD and vice versa?
My guess would be no but I'd like to be proven wrong. I've been told SAML doesn't sync password information. You'd need a SCIM system to do that which I'm not sure Google supports
Disclaimer: I'm not an expert on this. Just learning as I go.
Correct. AD directory writeback is not supported. Google does support SCIM but only for account creation in Entra ID. GCDS/Directory Sync is one way synchronization from AD to Google.
Hey mate, thanks for the video. When I click on Authorize I am being prompted to choose a google account and then instead of granting access and test the connectivity I am simply logged into the Google Cloud. Any idea why?
Does your Google account have necessary admin privileges? If you are setting up provisioning, Microsoft will include the scopes that it's requesting in OAuth consent. If your account does not have those, we have seen some odd behaviours.
Thanks for the great video. i have a question when you enable the SSO on Google, every user will be unable to login, unless they are assigned to the Connector on Azure?, or will the unassigned users will be able to login the traditional way and the users with the connector will use the SSO?
You can now use partial SSO/SSO profile to exclude users from having to use SSO.
How about the other way around?
ruclips.net/video/LjsVO7ApYJ4/видео.html this video explains the process.
Brilliant, thank you... Do you have a video that shows how to configure azure identity provider for gcp workload identity federation?
Did you got any step i tried with steps given in gcp documentation it wasn't working
Haven't had a need to configure it but I would start with Google cloud documentation.
cloud.google.com/iam/docs/workforce-sign-in-azure-ad