Your organization is migrating infrastructure to Google Cloud and needs to provide a large number of users with access to the GCP Console. The Identity Management team wants to continue managing users using an existing on-premises Active Directory or LDAP server and maintain the existing Single Sign-On (SSO) password flow. What should you do?

Exam-Like

Manually synchronize the data in Google domain with your existing Active Directory or LDAP server.

Use Google Cloud Directory Sync to synchronize the data in Google domain with your existing Active Directory or LDAP server.

Users sign in directly to the GCP Console using the credentials from your on-premises Kerberos compliant identity provider.

Users sign in using OpenID (OIDC) compatible IdP, receive an authentication token, then use that token to log in to the GCP Console.

Google Professional Cloud Security Engineer