Azure AD User Provisioning for Google Workspace wi...

Ilmaestro7 · 02-20-2023 01:46 AM

Hi,

We are in the planning phase of setting up AD User provisioning for Google Workspace. We are also planning to use Azure AD Connect to sync the same accounts to Azure AD for Single Sign On using Password Hash Sync. We do not want to use Azure AD for user provisioning as we want to sync and keep the OU structure the same from AD to GW. All documentation that I have read shows ADFS being used for SSO. Can someone either confirm that this is our only option or point me in the right direction of any documentation that shows how we can do this please?

Rgds

Lee

ajojose33333344

@Ilmaestro7 I dont know much about this but can you help me with the below details to check if i can help you with anything:

Where will the ids be initially created? on GWS or on AD?

Do you want to log in to GWS with AD or to AD with GWS

Ilmaestro7

Hi

The ID's will initially be created in AD and synced to GW using GCDS.

We actually want to log into GW with Azure AD, but to do that we would need to provision the users via Azure AD according to the official documentation.

Is there a way to sync identities to both GW and Azure AD (Using GCDS and AAD Connect) and authenticate using AAD rather than AD?

Rgds

Lee

ajojose33333344

https://support.google.com/a/answer/12032922?hl=en

ajojose33333344

have you tried the option security > SSO with third-party IDPs option in admin console

ajojose33333344

Is there a way to sync identities to both GW and Azure AD (Using GCDS and AAD Connect) and authenticate using AAD rather than AD?

Sorry i guess i was addressing something which you already know, that is Authentication using AD

Not sure about how to deal with AAD

ajojose33333344

@Ilmaestro7 Have you got the solution for it, please let me know when you do, such that we can use if for future reference.

Azure AD User Provisioning for Google Workspace with Azure AD SSO