Google Secure LDAP

Again, we're not talking about using Stunnel for SMTP. We're talking about using Stunnel (per Google) to setup an External Address Book, using Google Cloud Directory (Google Secure LDAP). Per Google setup instructions: if the device that is accessing Google Secure LDAP CANNOT store the necessary authentication certificate, than Stunnel must be used to access a device that CAN store said certificate.

This is a brand new TASKalfa 6054ci and while it does have the ability to store both Device Certificates AND Root Certificates, I see no way to enable/choose those certificates for the LDAP protocol. You can enable them for OTHER protocols, but that is NOT helpful for this particular application.

There are OTHER solutions to this problem, such as using PaperCut and MyQ (both applications that allow for the storage of the authentication certificate), but I'm simply trying to find out if we can avoid using either application and connect to Google Secure LDAP directly. It would appear as though that is not YET possible, without additional configuration and network gymnastics.

Unlike Google drive, Google Secure LDAP is not free. In order to use Google Secure LDAP you need to have a Premium Google Workspace account and not just a Gmail workspace. Once you have a paid subscription to Google Workspace, Google support will supply you with the necessary device certificate for TLS to use. Just like LDAP on a domain file server it merely it authenticates users who are already registered Workspace users.

The primary objective was to save a few steps and connect multiple MFPs to a directory that has already been setup, no fuss no muss. PaperCut would've been the go-to should they want to restrict/track user access, but they do not need nor want that ability. The customer was informed during a video conference call that we can simply export a current .CSV file via KM Net Viewer to all devices and that will accomplish what they would like to accomplish with less headaches and configuration.