How can change the sharing option ON - domain name to OFF - specific people using GAM?
64 views
Skip to first unread message
Gabriel Fantana
Jul 29, 2019, 5:51:07 AM7/29/19
to GAM for G Suite
Hello,
I have a large number of files and folders that are shared by using the option "ON - domain name".
I need to change the sharing option to "OFF - specific people"
Because their large number it is very annoying to do them manually. Can it be done by using GAM? Is it safe? I can't afford to delete any sharing right, to modify or mix it.
Can you give me a code that solves my problem? (or some clues)
Thank you in advance!
+KimNilsson
Jul 29, 2019, 8:20:40 AM7/29/19
to GAM for G Suite
We recently did this in one organisation.
As it says, check the deleteperms.csv file to make sure it (only) has the ACLs you wish to remove.
In our case we also had a lot of files shared to Anyone Without Link. So Ross helped us set up a combined GAMADV-XTD3 syntax for grabbing both types at once into a single file, which then could be filtered with aforementioned script and it's cousin. We added the time bit just to make sure we got a visibly complete process run and no hidden crash, since it had to gather data from thousands of users. As you can see, we also based the scope of users on a list of OUs where staff reside, so we didn't have to touch student data. Note that this command doesn't work with regular GAM.
Using GAMADV-XTD3, though regular GAM also works.
But, to make it easier on you, you should grab an extra script.
Add your organisation's domain/s as the DOMAIN_LIST values.
Also set DESIRED_ALLOWFILEDISCOVERY = 'True'
Depending on version of GAM read the instructions on how to create the filelistperms.csv file.
Run the filter command script, like this.
python GetSharedWithDomainDriveACLs.py filelistperms.csv deleteperms.csvAs it says, check the deleteperms.csv file to make sure it (only) has the ACLs you wish to remove.
Then delete those ACLs.
gam csv deleteperms.csv gam user "~Owner" delete drivefileacl "~driveFileId" "~permissionId"In our case we also had a lot of files shared to Anyone Without Link. So Ross helped us set up a combined GAMADV-XTD3 syntax for grabbing both types at once into a single file, which then could be filtered with aforementioned script and it's cousin. We added the time bit just to make sure we got a visibly complete process run and no hidden crash, since it had to gather data from thousands of users. As you can see, we also based the scope of users on a list of OUs where staff reside, so we didn't have to touch student data. Note that this command doesn't work with regular GAM.
time gam config auto_batch_min 1 redirect csv ./filelistperms.csv multiprocess csvdatafile ous_ns StaffOUs.csv:OU print filelist showmimetype not gsite id title permissions pm type domain withlink false em pm type anyone withlink false em pmm orReply all
Reply to author
Forward
0 new messages