Google Apps - Password Sync -- LDAP or Active Directory -- SSO Easy
Since SAML (what Google uses for SSO) needs a browser in order function properly, alternative clients such as mobile devices can't leverage SAML SSO. Therefore, traditional authentication mechanisms (e.g. user idpassword) are required. This becomes a challenge when SSO is enabled within Google because password management by the user within the web UI is disabled.
To allow access for alternative clients, a password needs to be created in Google Apps.
SSO Easy has two options available through its EasyConnect Single Sign On solution for doing this:
1) Allow the user to set a password in Google
The Google Password Updater will allow the user to create a "set and forget" password in Google (an alternative option is to have the Google Password Updater generate a mixed-case alphanumeric random password of a configurable length and strength on behalf of the user). This password is then pushed to Google via the Google API. This method eases password resets for users – they can simply generate a new password at any time in a self-service model.
2) Synchronize AD passwords with Google
When a user goes through the SSO process to access the web based Google Apps, their Active Directory / AD or LDAP password will automatically be sync with Google.
Tags: Google Apps Active Directory Sync
, Google Apps LDAP Sync
, Google Apps Password Sync
, Google LDAP Sync
, Google Password Sync