With Google Apps Single Sign-On support, Directory Server can become an identity provider for your Google Apps domain. This allows users to log into Google Apps services (such as Gmail or Google Calendar) using their accounts and passwords stored on Directory Server, eliminating the need for users to remember another set of accounts and passwords.
If Google 2-step verification is enabled for your Google Apps administrator account, please use your application-specific password instead. For more information, see Google's support documentation.