GSuite Federation

Has any one set up Gsuite? We recently started using DUO. Id like Gsuite set up. My issue is we have 125 colleagues that only have iphones and ipads. I need get some feedback on how this went.

I am being told we have to turn it on for everyone at one time and all colleagues with phones will need to delete their current account on the phone and set up again. That is a support nightmare for 125 people at one time.

We have the them set up using ios mail and set up as an exchange account. That was the only want to do it several years ago.

i have also read that they wont have to delete and re add the account until their current password expires.

Any feedback from your experiences would he very helpful

Hi @nnatale,

Thanks for using Duo!

Can you explain a little bit more about how you plan to federate to G-Suite to Duo? Are you planning on using the Duo Access Gateway or Duo-hosted Single Sign-On?

Can you elaborate more about needing to delete your current account on the phone? Do you mean the Duo Mobile account that user’s add that allows them to sends push notifications to their phone? or all of your users currently using Google 2FA and not Duo?

We will use Dou hosted SAML. currently use Google 2FA and wanted to mover over to DUO. The issue is they all already have their mail accounts set up using iOS. The do not want to move to the google app. I was told that each person would have to delete and re add their mail account the day I turn on SAML. That would be a nightmare for 125+ do to on the same day.

checking in to see if you received my last reply

Hi @nnatale,

When moving from native Google login to SAML login it is expected that all users would need to reauthenticate. Google & iOS have made changes over the last few years so it is possible that they might need to remove their accounts but instead will be just prompted to log in again using the new method.

Google does not currently allow you to do a phased rolled out so cutting over is “all or nothing”.

I’d recommend communicating out to employees about the change before making it so that people are prepared for when it does happen.

I agree. But I dont know what to tell them to prepare for. Remove and re add the account or simply reauthenticate