This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ Log in to ask a question

Secure LDAP to log into macOS with Google credentials

jstaime
New Contributor III

‎11-28-2023 07:16 AM - edited ‎11-28-2023 07:17 AM

Good Day Team, 

I really need some assistance on this one...I would normally do research and test bed this, but we have a pressing situation going on at the moment preventing this...

 

Have any of you been able to successfully implement this? 

 

https://workspaceupdates.googleblog.com/2020/12/secure-ldap-mac-os-google-login.html

 

If so, what were your challenges, success, "wish I had knowns" and so forth? 

 

Any thoughts would be appreciated!!!

 

Topics:
0 Kudos
Reply
6 REPLIES 6

rdnixon
Contributor

‎11-28-2023 07:23 AM

We use it on a limited number of devices. Works fine. Faff to setup on the machine you use to clone to start with and the Google instructions are not that clear or I recall entirely accurate. Took a morning of fiddling to get it working.

Reply

Kim_Nilsson
Admin Moderator

‎11-28-2023 08:24 AM

I got halfway, and then gave up as we, at the time, didn't have an MDM, nor do I ever want to touch new devices before the user logs in the first time. Now we have Mosyle, and just ponied up the cash for oneK12-version, so we can look into using their own Mosyle Auth 2, which will let users log into their Macs with their Workspace credentials.

An alternative I have been looking into a little is Xcreds. Cheap and can be free if you compile it yourself.

--
https://wheretofind.me/@NoSubstitute
Reply

jasoncrcsd
Contributor II

‎11-29-2023 04:15 AM

We use an MDM called Mosyle it has a google auth ability we use. I wasn;t aware we could do it with just Google. I'll have to try this if we ever get rid of our MDM

0 Kudos
Reply

jstaime
New Contributor III

‎11-30-2023 06:27 AM

Thanks everyone for your response. We are going to dig into this. Glad to know @rdnixon it is working for you. Going to do our own deep dive now. 


Thanks, 

0 Kudos
Reply

lmcadams
New Contributor II

‎12-05-2023 04:31 AM

I wanted to use this to reduce our reliance on Active Directory for a Mac Lab with JAMF, but was unsuccessful.   The JAMF implementation could not support using it for logging into/authenticated on a mac.  I was able to successfully use the secure LDAP to log in and validate with a 3rd party application.  

Hope this help!

0 Kudos
Reply

Kim_Nilsson
Admin Moderator

‎12-05-2023 07:18 AM

Yeah, the problem with Google's Secure LDAP is the same as with Google's SAML.

Google just doesn't support enough of the expected attributes for it to work with other modern secure systems.

--
https://wheretofind.me/@NoSubstitute
0 Kudos
Reply
  • © 2023 Google. All rights reserved.
  • Privacy Policy
  • Terms of Service
  • Community Guidelines