This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Accessing Google Managed Active Directory GUI from a Joined Linux VM & Integration with HSM/KMS

Posted on 03-04-2025 04:38 AM
Rahulll
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I have set up a Google Managed Active Directory (GMAD) and successfully joined a Linux VM to the domain. I need guidance on how to access the GMAD graphical user interface (GUI) from the joined Linux VM.

Specifically, I would like to know:

  1. Whether GMAD provides a web-based or remote GUI management interface.
  2. Steps to access and manage GMAD from a Linux-based environment.
  3. Any prerequisites or additional configurations required on the joined Linux VM.
  4. Whether Google Managed AD can be integrated with Hardware Security Modules (HSM) or Google Cloud Key Management Service (KMS) for enhanced security and key management.

I would appreciate any documentation or best practices related to this.

Thank you.

0 2 109
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
greb
Staff
Reply posted on --/--/---- --:-- AM

Hi @Rahulll,

Welcome to Google Cloud Community!

I appreciate the detailed questions, regarding your Google Managed Active Directory (GMAD) setup. and I’d be happy to provide guidance on accessing and managing GMAD from your Linux VM.

Here’s a quick rundown of your questions:

  1. There is no web interface for GMAD Management GUI. The preferred method is to use a Windows VM that has RSAT tools installed, and then connect to the Linux VM remotely using RDP.
  2. GMAD can be managed from Linux, but authentication is done through SSSD or Winbind. Control of the Active Directory is possible only from Windows machines. Some management is possible via PowerShell Core, and LDAP commands can also be run on the Linux machine, but the majority of the operations have to be performed from Windows.
  3. Because your Linux VM is domain joined, check that SSSD/Winbind is enabled and your account has appropriate access permissions. Make sure relevant firewall rules for LDAP, Kerberos, and SMB traffic are also in place.
  4. Although GMAD does not work directly with Google Cloud HSM or KMS, sensitive AD data can be encrypted using Cloud KMS and Kerberos security can be handled by Cloud HSM.

If you’re looking for enhanced security for AD credentials, consider customer-managed encryption keys (CMEK) and Cloud HSM for key storage.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

0 Likes

Posted on --/--/---- --:-- AM
Rahulll
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Thanks For your reply @greb 

I would like know that is there any specific integration process or steps to integrate MS ADCS(Google managed)  with Cloud HSM/KMS  

0 Likes
Top Labels in this Space