Simple Account / Disable based on group access
47 views
Skip to first unread message
David Marchbanks
Aug 23, 2012, 7:08:19 AM8/23/12
to google-app...@googlegroups.com
I was recently asked to make a program that will handle group inheritance to activate or disable accounts based on group membership.
So with a little research I wrote this program in C# to disable any account on a particular domain that is not a member of a group. This will also travel through other groups recursively that are a member of the main group.
You need to reference the Google API SDK when compiling and modify the information in the main function for your domain. It will dump out who has been disabled and who has been enabled per user, and give a count of each change.
I hope this can be of help to someone and maybe Google will implement this idea server side someday.
David Marchbanks
Aug 23, 2012, 7:09:04 AM8/23/12
to google-app...@googlegroups.com
/*
*
* The purpose of this program is to disable any account that is not a member of the
* group ActiveStudents. This program only affects students due to domain name login url.
*
* There are no paramaters to set.
*
* This application was written by David Marchbanks 2012.
*
* */
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Google.GData.Apps;
using Google.GData.Client;
using Google.GData.Extensions;
using Google.GData.Apps.Groups;
namespace Google_AccountDisables {
class Program {
private static String[] GetUsers(AppsService service, string GroupId) {
List<String> ret = new List<String>();
foreach (MemberEntry member in service.Groups.RetrieveAllMembers(GroupId).Entries) {
if (member.MemberType.CompareTo("Group") == 0) {
foreach (String v in GetUsers(service, member.MemberId)) {
ret.Add(v);
}
} else {
ret.Add(member.MemberId);
}
}
return ret.ToArray();
}
static void Main(string[] args) {
String domain = "<domain>";
String username = "<admin user>";
String password = "<password>";
String Group = "GroupName";
List<String> Users = new List<String>();
int Enabled = 0;
int Disabled = 0;
int Managed = 0;
AppsService service = new AppsService(domain,username,password);
foreach (GroupEntry group in service.Groups.RetrieveAllGroups().Entries) {
if (group.GroupName.CompareTo(Group) == 0) {
foreach (String v in GetUsers(service, group.GroupId))
Users.Add(v);
}
}
foreach (UserEntry user in service.RetrieveAllUsers().Entries) {
Managed++;
bool inGroup = false;
foreach (String v in Users) {
if (v.Contains(user.Login.UserName)) {
inGroup = true;
break;
}
}
try {
if (inGroup) {
user.Login.Suspended = false;
service.UpdateUser(user);
Console.WriteLine("Enabled: " + user.Login.UserName);
Enabled++;
} else
if (!user.Login.Suspended) {
user.Login.Suspended = true;
service.UpdateUser(user);
Console.WriteLine("Suspended: " + user.Login.UserName);
Disabled++;
}
} catch (Exception ex) {
Console.WriteLine("Error on " + user.Login.UserName);
Console.WriteLine(ex.Message);
}
}
Console.WriteLine("Disabled: " + Disabled + ", Enabled: " + Enabled + ", Managed: "+Managed);
Console.WriteLine("DONE");
}
}
}
Reply all
Reply to author
Forward
0 new messages