About G Suite Password Sync
G Suite Password Sync (GSPS) automatically keeps your users' passwords in sync with their Microsoft® Active Directory® passwords. Whenever a user's Active Directory password is changed, GSPS immediately pushes the change to their managed Google Account.
Important: GSPS never changes Active Directory passwords; it only syncs Active Directory password changes to your organization's Google Account.
GSPS is available to G Suite and Cloud Identity administrators.
Before you beginGSPS system requirements
If you have the legacy free edition of G Suite, upgrade to G Suite Basic to get this feature.
To use GSPS, you'll need:
- Microsoft Windows® Server 2008, 2012, 2016 or later
- Microsoft Active Directory DS (not AD LDS)
Note: GSPS currently doesn't support Additional LSA Protection with Secure Boot.
- GSPS must be installed on all domain controllers.
- Domain controllers need an internet connection to connect to the following sites/ports:
Purpose URL Port number Authentication https://accounts.google.com
443 API access https://www.googleapis.com 443 Certificate Revocation Lists / Online Certificate Status Protocol http://crl.geotrust.com/crls/secureca.crl
Note: The certificate authority URLs can change at any point. For the most recent list of CRL/OCSP URLs, review the certificate information of the above API and Authentication hosts.
Download the correct MSI for your server's architecture:
Restart the server
Always restart the server after installing or upgrading GSPS.
See step-by-step instructions on how to Set up G Suite Password Sync.