In certain environments it might be helpful to using an existing Active Directory with its application groups to be accessible through Google SSO.

For this case Google has its GCDS (Google Cloud Directory Sync) tool that can be run on a Windows (AD) environment.

Here a basic guide:

  1. Goto the following website and download GCDS on a machine that has access to the Active Directory controller

    More Information:

  2. Install GCDS
    Java is required

  3. Configure GCDS
    Configure connection to Active Directory (LDAP) and configure Base-DN and filters if needed

  4. Simulate the sync so that you are sure it synchronizes the right users and groups

  5. Synchronize and apply changes if the simulation is successful

  6. If you have your authentication configured to be Google SSO (SSO Integration), you can now see und use the syncronized groups in your apps restrictions: