No announcement yet.

Allow user to log on to Windows 7 Pro (AD) with their G-Suite credentials?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Allow user to log on to Windows 7 Pro (AD) with their G-Suite credentials?


    I was wondering if this is possible, at all...

    I'm the IT-guy at a school. Our students and teachers use a variety of platforms, programs and apps. Most of our users create a profile for each app, with a username and password. Luckilly, most of those apps allow them to log in with their G-Suite (Google Apps).

    I make sure every user has an account on our Active Directory, so they can log into the computers, have the right permissions, see the right printers/shares etc. We have a network policy server, which also works as a radius server, allowing users to log into the wifi with their active directory credentials using WPA2-Enterprise. To make this happen we have two domain controllers, one is a server 2008, the other is a server 2008R2. The network policy server/radius is also a server 2008R2.

    On top of that, we have G-Suite for Education for every teacher and student. In order to limit the amount of credentials users need to remember, it would be superb if they could use their G-suite e-mail and password to log into active directory (on a Windows 7 Pro client, maybe even their mobile devices with WPA2-Enterprise). Is this even remotely possible, or are these the fevered dreams of a mad man?

    Thanks in advance!

  • #2
    From a quick it would appear you can do something:

    I haven't looked at the process in detail, though, and I would suggest you research it a lot more thoroughly than my 30 seconds!
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      This method as I understand it is syncing ldap to google (the kind of opposite of what the OP has asked) but achieves exactly what your looking to do - single sign on\one set or creds.

      I've used it and it works well.