Google Cloud Directory Sync (GCDS) is a free tool provided by Google, which is intended to automatically synchronize users, groups, domains, organizational units (OUs), and any other LDAP objects from your Microsoft Active Directory server (or OpenLDAP-compatible LDAP server) so that the data in Cloud Identity (or Google Workspace) matches the data in your LDAP server, wherever it may be, that is, on-premises or on another cloud.

Exam Tip: GCDS always performs a one-way synchronization, from your Active Directory (or LDAP) server to Cloud Identity. GCDS never updates data on your LDAP server. As a result, your Active Directory (or LDAP) server is the IdP authoritative source.