Pricing  Get Quote
 
 

How to configure single sign-on for G Suite

ADSelfService Plus supports Active Directory (AD)-based single sign-on (SSO) for G Suite (Google apps) and any other SAML-enabled application. Upon enabling G Suite SSO in ADSelfService Plus, all users have to do is simply log in to their Windows machines using their AD domain credentials. Once logged in, users can securely sign-in to G Suite in one click without having to enter their username and password again.

Benefits of enterprise SSO

 

Supports custom SAML applications

Any application that supports SAML 2.0 protocol for authentication can be configured for SSO with ADSelfService Plus.

 

One-click logout

All SAML-based applications connected to ADSelfService Plus are points of logout. When users initiate a logout from the service provider, they are also logged out from ADSelfService Plus, and vice versa.

 

Easy to deploy and administer

SSO can be rolled out for some or all users based on their domain, OU, or group membership.

ADSelfService Plus' G Suite SSO capabilities

ADSelfService Plus supports both Identity Provider (IdP) and Service Provider (SP)-initiated SSO for G Suite.

IdP-initiated SSO for G Suite: Users need to log in to the ADSelfService Plus self-service portal first, and then click on the G Suite icon on the Applications dashboard to access G Suite and its services.

SP-initiated SSO for G Suite: Users can access their G Suite domain via a URL or bookmark. They will automatically be redirected to the ADSelfService Plus portal for login. Once they've signed on, they'll be automatically redirected and logged in to the G Suite portal and services.

Secure SSO for CRM, education, IT management apps, and more.

SSO app catalog

Follow the step-by-step guide given below for G Suite SSO

Before you begin

Download and install ADSelfService Plus if you haven’t already.

Configuring your Active Directory domain in ADSelfService Plus

With ADSelfService Plus, you can use the existing AD credentials of users for authentication during SSO. So, first you need to configure an AD domain in ADSelfService Plus to enable SSO for G Suite.

ADSelfService Plus will try to automatically add all the domains that it can discover in your network. If your domains are automatically added, skip to Step 9; otherwise, follow Steps 1-8 to add them manually.

  1. Launch the ADSelfService Plus web console and log in using admin credentials.
  2. Click the Domain Settings link available on the top-right corner of the application.
  3. An Add Domain Details window will appear.
  4. In the Domain Name field, enter the name of the domain you want to add.
  5. In the Add Domain Controllers field, click Discover. ADSelfService Plus will try to automatically discover the domain controllers associated with the domain.
  6. If the domains are not auto-discovered, then enter the domain controller name in the field provided, and click Add.

    sso-configured-domains

  7. You can leave the authentication fields empty if you're not going to use the end user self-service features of ADSelfService Plus.
  8. Back in the Add Domain Details window, click Add to complete adding the domain in ADSelfService Plus.

    sso-add-domain-controller

Getting the SAML SSO details from ADSelfService Plus.

  1. Go to the Application tab > Add Applications.
  2. Select G Suite from the applications displayed.
  3. Click Download SSO Certificate in the top-right corner of the screen
  4. In the pop-up that appears, copy the Login URL, Logout URL, Change Password URL, and download the SSO certificate by clicking the Download SSO Certificate button.

    download-the-sso-certificate

Configuring SSO settings in G Suite

  1. Log in to G Suite with administrator credentials.
  2. Select Setup Single Sign-On (SSO) option from the Security tab.

    single-sign-on-gsuite-configuration

  3. Select the Setup SSO with third party identity provider check box.
  4. In the Sign-in page URL, enter the Login URL value from Step 12.
  5. In the Sign-out page URL, enter the Logout URL value from Step 12.
  6. In the Change Password URL, enter the Change Password URL value from Step 12.
  7. In the Verification certificate field, click Choose File and upload the SSO certificate you downloaded in Step 12.

    gsuite-sso-third-party-identity-provider-configuration

  8. Click Save.

Adding your G Suite domain in ADSelfService Plus and enabling SSO.

  1. Now, switch back to ADSelfService Plus' admin portal.
  2. Go to the Application tab.
  3. Enter the Application Name and Description.
  4. Select Enable Single Sign-On.

    g-suite-enable-single-sign-on

  5. Enter the Domain Name of your G Suite account. For example, if you use johndoe@gsuite.com to log in to G Suite, then gsuite.com is the domain name.
  6. Click Add Application.

Your users can now log into their G Suite/Google Apps accounts automatically using single sign-on.

Need some help? Get help from our support team, and set up SSO in minutes.

Contact us.

How SSO helps with regulatory compliance.

Download the e-book now.
Highlights

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by

A single pane of glass for complete self service password management