Add Windows AD Account

[J Cracknell]

Hi

We use Google Credential Provider for Windows (GCPW)

Is there any way I can extract and update the AD Accounts information under Enhanced Desktop Security?

So my username is jcracknell and my AD login would be DOMAIN\jcracknell

Hope that makes sense.

James

[Brian Kim]

You will first want to add a custom schema if you haven't already.

https://support.google.com/a/answer/9796679?hl=en

gam create schema "Enhanced_desktop_security" field "AD_accounts" type string multivalued restricted endfield

Then you can populate the values in the new custom schema

gam csv users.csv gam update user ~username Enhanced_desktop_security.AD_accounts multivalued ~sAMAccountName

[J Cracknell]

That's brilliant but is there anyway I can do this without a CSV? As in take the username which is my case jcracknell and stick in my domain\username (both usernames for the windows domain and Google are the same)

--
You received this message because you are subscribed to a topic in the Google Groups "GAM for Google Workspace" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/google-apps-manager/9956JUoMmo0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/d5e316f8-afd6-4c95-8dde-dbb323e34565n%40googlegroups.com.

Please familiarise yourself with our email disclaimer, which includes conditions regarding communication with our school.

Please familiarise yourself with our email disclaimer, which includes conditions regarding communication with our school.

[Brian Kim]

csv or a google sheet will be needed for bulk processing.

https://github.com/taers232c/GAMADV-XTD3/wiki/Bulk-Processing

if you want to do it for a single user

gam update user jcracknell Enhanced_desktop_security.AD_accounts multivalued DOMAIN\jcracknell

[Jay Lee]

If you want to just do it for all Google users try:

gam csv users.csv gam update user ~primaryEmail Enhanced_desktop_security.AD_accounts multivalued DOMAIN\~~primaryEmail~~

Jay

You received this message because you are subscribed to the Google Groups "GAM for Google Workspace" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/CAPNmg5TmV%3D-u5X9yZgC-QJ8v1ty84vY3LcohB1j%3DSy4kaikJbw%40mail.gmail.com.

[Brian Kim]

gam print users > users.csv

sed 's/@domain.com//' users.csv - this removes @domain.com from user's email address.

then run Jay's command.

I'm sure there is a way to pipe from one command to the next, but it's always good to validate output first.

[J Cracknell]

Hi Brian

Many thanks for this - just the first command doesn't put 'primaryEmail' as a CSV heading.

I am doing this with a Window batch script so downloaded fart to remove the domain name

Apart from having to do that - it works

J.

To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/2ad98693-9261-49da-958e-ffdf98acd569n%40googlegroups.com.

[Adam Strugatch]

Would you mind sharing your final script (sanitized of course)? And any tools you needed on Windows to make it work? 

Are all your users on one domain? No sub domains?

[Avrohom Eliezer Friedman]

when we create a new user  - we always do it from GAM and this is part of the command

Enhanced_desktop_security.AD_accounts multivalued 'domain\'~~username~~

-----

Avrohom Eliezer Friedman
IT Director

Yeshiva Toras Chaim Toras Emes
305-944-5344 x222 (o)
305-494-2055 (cell)
aefri...@ytcte.org

To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/e4a9cd2e-703e-40c2-b110-2c4280e81b6en%40googlegroups.com.

[Adam Strugatch]

Avrohom,

Does your custom schema have the underscores? I see it set up two different ways in the instructions from Google. One includes underscores and one does not. 

So your csv includes your contoso.com\user info? We usually sync with GCDS, but there is literally zero google documentation on handling this with GCDS despite the fact that it says it is supported in the docs.