Remove All Shares on all drive files for suspended users
552 views
Skip to first unread message
Shaun Goodwin
May 2, 2024, 7:25:16 AM5/2/24
to GAM for Google Workspace
I'm trying to achieve something similar to:
# Remove Recently Suspended Students from All Shared Drives https://sites.google.com/jis.edu.bn/gam-commands/services/shared-team-drive#h.nwhiphvdl2n5
gam redirect csv ./SuspendedStudentsOUSharedDriveAccess.csv ou "/Suspended Students" print shareddrives fields id,name
gam redirect stdout ./DeleteSuspendedStudentsOUSharedDriveAccess.txt multiprocess redirect stderr stdout csv ./SuspendedStudentsOUSharedDriveAccess.csv gam delete drivefileacl ~id ~User
For all drive files shared by suspended users
This was what I was trying to troubleshoot
# Remove Google Drive Shares from all recently Suspended Students
$users = gam ou "/Suspended Students" print users | ConvertFrom-Csv
foreach ($user in $users) {
$userEmail = $user.User
$files = gam user $userEmail show filelist | ConvertFrom-Csv
foreach ($file in $files) {
$drivefileid = $file.drivefileid
$owneremail = $file."owners.email"
$title = $file.title
$permissions = $file.permissions
if ($owneremail -ne "owners.email") {
gam user $owneremail delete drivefileacl $drivefileid user "/Suspended Students"
}
}
}
# Remove Recently Suspended Students from All Shared Drives https://sites.google.com/jis.edu.bn/gam-commands/services/shared-team-drive#h.nwhiphvdl2n5
gam redirect csv ./SuspendedStudentsOUSharedDriveAccess.csv ou "/Suspended Students" print shareddrives fields id,name
gam redirect stdout ./DeleteSuspendedStudentsOUSharedDriveAccess.txt multiprocess redirect stderr stdout csv ./SuspendedStudentsOUSharedDriveAccess.csv gam delete drivefileacl ~id ~User
For all drive files shared by suspended users
This was what I was trying to troubleshoot
# Remove Google Drive Shares from all recently Suspended Students
$users = gam ou "/Suspended Students" print users | ConvertFrom-Csv
foreach ($user in $users) {
$userEmail = $user.User
$files = gam user $userEmail show filelist | ConvertFrom-Csv
foreach ($file in $files) {
$drivefileid = $file.drivefileid
$owneremail = $file."owners.email"
$title = $file.title
$permissions = $file.permissions
if ($owneremail -ne "owners.email") {
gam user $owneremail delete drivefileacl $drivefileid user "/Suspended Students"
}
}
}
Ross Scroggs
May 2, 2024, 10:54:23 AM5/2/24
to google-ap...@googlegroups.com
--
You received this message because you are subscribed to the Google Groups "GAM for Google Workspace" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/c572ecbb-9195-4545-8abb-a57d98e84cf2n%40googlegroups.com.
Christopher Kortmann
Jun 7, 2024, 12:44:28 PM6/7/24
to GAM for Google Workspace
I'm looking to do the same thing. My organization has a lot of suspended students with publicly shared files. We'd like to remove all shared files from all suspended users.
Is this something that was able to be easily scripted?
NOTICE: This e-mail message may contain privileged or confidential information. The information contained in this e-mail message is only for the intended recipient. If the reader of this message is not the intended recipient, you are hereby notified that you have received this message and any attached documents in error, and that any review, dissemination, distribution, or copying of this message and any attached documents is strictly prohibited. If you have received this message in error, please notify us by telephone at (631) 382-2000 immediately, delete this e-mail and destroy any copies.
Ross Scroggs
Jun 7, 2024, 1:01:40 PM6/7/24
to google-ap...@googlegroups.com
See:https://github.com/taers232c/GAM-Scripts3/blob/master/GetSharedFilePermissions.py
How are the suspended students identified? Are they in a specific OU?
Send me a Meet/Zoom inviration
Ross
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/f025d949-3024-4197-9b91-134c56bba3cdn%40googlegroups.com.
Christopher Kortmann
Jul 11, 2024, 12:34:13 PM7/11/24
to GAM for Google Workspace
Thank you for pointing me in the right direction. I've been removing permissions by grade level, but I'm running into an issue when a user has a file shared with many users.
Some of our students have files with 150 different shares. The resulting CSV is more than 1350 columns wide and the python script crashes. The error message I get is:
Traceback (most recent call last):
File "F:\GetSharedFilePermissions.py", line 49, in <module>
for row in csv.DictReader(inputFile, quotechar=QUOTE_CHAR):
File "C:\Program Files\Python312\Lib\csv.py", line 116, in __next__
row = next(self.reader)
^^^^^^^^^^^^^^^^^
_csv.Error: field larger than field limit (131072)
File "F:\GetSharedFilePermissions.py", line 49, in <module>
for row in csv.DictReader(inputFile, quotechar=QUOTE_CHAR):
File "C:\Program Files\Python312\Lib\csv.py", line 116, in __next__
row = next(self.reader)
^^^^^^^^^^^^^^^^^
_csv.Error: field larger than field limit (131072)
Any suggestions? Thank you again!
Ross Scroggs
Jul 11, 2024, 1:08:50 PM7/11/24
to google-ap...@googlegroups.com
Send me a Meet/zoom invitation and I'll help.
Ross
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/128e093f-525e-4f0e-90e9-c25b13cb108fn%40googlegroups.com.
Ross Scroggs
Jul 11, 2024, 1:24:29 PM7/11/24
to google-ap...@googlegroups.com
Christopher,
Try this; it does the work of the script in a single command
gam config auto_batch_min 1 redirect csv ./filelistperms.csv multiprocess ou "/Path/to/OU" print filelist fields id,title,basicpermissions,mimetype pm not role owner em pmfilter oneitemperrow
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/128e093f-525e-4f0e-90e9-c25b13cb108fn%40googlegroups.com.
Christopher Kortmann
Jul 12, 2024, 1:34:58 PM7/12/24
to GAM for Google Workspace
Ross:
I figured out what the issue was. There was a file being shared with a 499 character title. I was able to purge that file manually, and re-run the scripts successfully.
Thank you for your help!
Best,
Chris
Michael Hess
Sep 5, 2024, 3:50:54 PM9/5/24
to GAM for Google Workspace
Hi Ross, I tried this command, but received this error on everything:
Getting all Drive Files/Folders that match query ('me' in owners) for {emailaddress1}
Getting all Drive Files/Folders that match query ('me' in owners) for {emailaddress2}
Getting all Drive Files/Folders that match query ('me' in owners) for {emailaddress3}
User: {emailaddress1}, Not Printed: Active session is invalid. Error code: 4 Drive SDK API access disabled
User: {emailaddress2}, Not Printed: Active session is invalid. Error code: 4 Drive SDK API access disabled
User: {emailaddress3}, Not Printed: Active session is invalid. Error code: 4 Drive SDK API access disabled
All users are in fact suspended, as I'm trying to remove their private drive shares.
I've ran your script for Team/Shared drive permission removal for suspended users (thank you!!!) and that worked without error.
Any thoughts? Do I need to unsuspend, then run this, then suspend each user?
Ross Scroggs
Sep 5, 2024, 4:02:50 PM9/5/24
to google-ap...@googlegroups.com
The suspended users must be in an OU with Drive disabled, thus you can't run commands to process their files.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/009bde26-4ee0-4c7e-b905-9675447533c7n%40googlegroups.com.
Michael Hess
Sep 5, 2024, 4:03:59 PM9/5/24
to GAM for Google Workspace
Nevermind, I had Drive disabled for that OU, DOH!
Michael Hess
Sep 5, 2024, 4:17:11 PM9/5/24
to GAM for Google Workspace
Ninja!
cat deleteperms.csv
Owner,driveFileId,driveFileTitle,mimeType,permissionId,role,type,emailAddress,domain,allowFileDiscovery
So I have a huge filelistperms.csv now, but when I run python3 GetSharedFilePermissions.py filelistperms.csv deleteperms.csv, I get nothing but the file header:
filelistperms.csv sample:
Owner,id,name,mimeType,permission.allowFileDiscovery,permission.deleted,permission.displayName,permission.domain,permission.emailAddress,permission.id,permission.role,permission.type
us...@xyz.com,1AlW4SK7O2OpEF0K3FJZkasdffakezTZH0f_FQzKB9V9jSA8Q,FY2017 some name,application/vnd.google-apps.spreadsheet,,False,someuser,gmail.com,some...@gmail.com,1221331154369
6958352,writer,user
Owner,id,name,mimeType,permission.allowFileDiscovery,permission.deleted,permission.displayName,permission.domain,permission.emailAddress,permission.id,permission.role,permission.type
us...@xyz.com,1AlW4SK7O2OpEF0K3FJZkasdffakezTZH0f_FQzKB9V9jSA8Q,FY2017 some name,application/vnd.google-apps.spreadsheet,,False,someuser,gmail.com,some...@gmail.com,1221331154369
6958352,writer,user
cat deleteperms.csv
Owner,driveFileId,driveFileTitle,mimeType,permissionId,role,type,emailAddress,domain,allowFileDiscovery
Ross Scroggs
Sep 5, 2024, 4:19:15 PM9/5/24
to google-ap...@googlegroups.com
Send me a Meet/Zoom invitation and I'll help.
Ross
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/8e9716bf-9a2c-4b8a-adb6-10196e82781en%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages