Suggestions for using Active Directory credentials (user name/password) with Google Apps?

Solution 1:

Check out " Google Apps Directory Sync" from Google it is included in the educational version at no charge. This will only sync the acutual accounts and groups: http://googleenterprise.blogspot.com/2009/04/sync-google-apps-user-accounts-with.html

You will need to work on something like google SSO to provided access to you LDAP server for authentication.

Google Apps Marketplace has several products available that snap into place and will provide what you are looking for. Here are some examples.

Intient GConnect - http://www.google.com/enterprise/marketplace/viewListing?productListingId=4284199+8229018775854408052

SecureAuth - http://www.google.com/enterprise/marketplace/viewListing?productListingId=3806839+12543887358898980350

Hope that helps!

Solution 2:

Microsoft Active Directory (MAD) supports a function called password filters. Basically these are a DLL that runs on every domain controller, when a user/admin requests a password change the filter can capture the password before MAD encrypts and stores the password in the MAD database. Lucky for you someone has already written a filter for you that works perfectly (I use it on a Windows 2003 SP1 MAD domain controller). Have a look at http://code.google.com/p/sha1hexfltr/wiki/installation

It captures the users new password whiles its plain text, creates a sha1 hash of the password and stores that in the "division" attribute in MAD. Google Apps Directory Sync (GADS) can then sync the password to Google Apps. Works for user creation and every password change post.

Good luck

---

Solution 3:

Google just released a new password sync product called "Google Apps Password Sync (GAPS)"

http://support.google.com/a/bin/answer.py?hl=en&answer=2611859&topic=2611858&ctx=topic