The Secure LDAP service provides a simple and secure way to connect your LDAP-based applications and services to Cloud Identity or Google Workspace. Admins can now specify which attributes they’d like to make available for the LDAP Client:
- System attributes: Default user attributes that are available for all user accounts—for example, Email, Phone, and Address. Note that you can't disable this option.
- Public custom attributes: Custom user attributes that are marked as visible to the organization.
- Private custom attributes: Custom user attributes that are marked as visible only to the user and administrators. Use caution when using private custom attributes, as you're exposing private information to the LDAP client.
Admins and end users
Why it’s important
LDAP clients are in the secure LDAP service, which enables users to access traditional LDAP-based apps and IT infrastructure using their Google Workspace credentials. This new feature gives admins more control over the connections your LDAP-based applications and services interact with Google Workspace and Cloud Identity services.
Custom attribute naming requirements and guidelines:
- Names for custom attributes can contain only alphanumeric text and hyphens.
- There should be no duplicate attribute names across all custom schemas.
- If the custom attribute name matches with an existing system attribute, we will return the system attribute value.
Important: If attribute names don't adhere to the above guidelines, the attribute values in question are excluded from the LDAP response.
- Rapid Release and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) May 5, 2021
- Available to Google Workspace Enterprise Standard, Enterprise Plus, Education Fundamentals, and Education Plus, G Suite Enterprise, and Cloud Identity Premium customers
- Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Frontline, and Nonprofits, as well as G Suite Basic and Business customers