Google Apps has added the ability to synchronize and manage passwords between Microsoft Active Directory and Google Apps. This allows an organization’s password policy to be used for Google Apps accounts. The new method moves away from additional user attributes in an LDAP environment to use something called Google Apps Password Sync (GAPS).
Google Apps for Business, Education, or Government customers can set this up if they are the Google Apps Administrator and a Domain Admin for AD. GAPS synchronizes AD passwords to Google Apps, in the one-direction only. It is available with a 32-bit or 64-bit installer for a 2003 or 2008 (assumedly R2 is included in there) Active Directory. GAPS is installed on all domain controllers in your environment and passes the encrypted password information to Google Apps immediately following a password change.
Additionally, Google Apps has also introduced an additional setting to require your Google Apps account to use 2-step verification (using a password and a code from their phone).