About G Suite Password Sync

G Suite Password Sync (GSPS) automatically keeps your users' passwords in sync with their Microsoft® Active Directory® passwords. Whenever a user's Active Directory password is changed, GSPS immediately pushes the change to their managed Google Account.

Important: GSPS never changes Active Directory passwords; it only syncs Active Directory password changes to your organization's Google Account.

GSPS is available to G Suite and Cloud Identity administrators.

Before you begin

GSPS system requirements

If you have the legacy free edition of G Suite, upgrade to G Suite Basic to get this feature. 

To use GSPS, you'll need:

Note: GSPS currently doesn't support Additional LSA Protection with Secure Boot. 

Set up your domain controllers
  • GSPS must be installed on all domain controllers.
  • Domain controllers need an internet connection to connect to the following sites/ports:


    Purpose URL Port number
    Authentication https://accounts.google.com
    API access https://www.googleapis.com 443
    Certificate Revocation Lists / Online Certificate Status Protocol http://crl.geotrust.com/crls/secureca.crl


    Note: The certificate authority URLs can change at any point. For the most recent list of CRL/OCSP URLs, review the certificate information of the above API and Authentication hosts.

Download GSPS 

Download the correct MSI for your server's architecture:

Restart the server

Always restart the server after installing or upgrading GSPS. 


See step-by-step instructions on how to Set up G Suite Password Sync.

Was this helpful?
How can we improve it?