GAM Use Project is failing
967 views
Skip to first unread message
Noah Davey
Mar 3, 2020, 2:18:08 AM3/3/20
to GAM for G Suite
Hey Guys,
Tried to join an existing GAM project created by a colleague. Using the command "gam use project ..." and following the relevant prompts
He is the project owner and he has made me a project owner as well. All the API's are enabled. Still unable to access. Please see the attached photo for our error message
"ERROR: 400: Invalid service account email (None). - 400"
The project already has a service account
Any help would be appreciated
Cheers
Jonathan M
Mar 4, 2020, 6:18:30 PM3/4/20
to GAM for G Suite
That's impossible and can't be done.
+KimNilsson
Mar 6, 2020, 8:39:20 AM3/6/20
to GAM for G Suite
@Noah,
did you really set all necessary values?
Do note that the wiki is for GAMADV-XTD3. I don't know how much of that is compatible with regular GAM.
Jacob Nance
Apr 23, 2020, 5:08:50 PM4/23/20
to GAM for G Suite
Also attempting to connect to an existing project on a team where another admin has already setup GAM and getting the same error. Do I need Advanced GAM for this to work?
Ross Scroggs
Apr 23, 2020, 5:18:22 PM4/23/20
to google-ap...@googlegroups.com
Jacob,
If there is already a GAM instance set up, just get the client_secrets.json, oauth2service.json and oauth2.txt from the other admin.
--
You received this message because you are subscribed to the Google Groups "GAM for G Suite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/23c29616-72bf-4fa9-8e81-b00ba7f23e72%40googlegroups.com.
Jacob Nance
Apr 23, 2020, 5:22:20 PM4/23/20
to GAM for G Suite
We need to maintain unique client logins & logs for accountability & security reasons. We can't share a login.
Could we use the same key and use individual client secrets to access it?
Could we use the same key and use individual client secrets to access it?
On Thursday, April 23, 2020 at 4:18:22 PM UTC-5, Ross Scroggs wrote:
Jacob,If there is already a GAM instance set up, just get the client_secrets.json, oauth2service.json and oauth2.txt from the other admin.
On Apr 23, 2020, at 2:08 PM, Jacob Nance <jacob...@pmi-ops.org> wrote:
Also attempting to connect to an existing project on a team where another admin has already setup GAM and getting the same error. Do I need Advanced GAM for this to work?
On Tuesday, March 3, 2020 at 1:18:08 AM UTC-6, Noah Davey wrote:Hey Guys,Tried to join an existing GAM project created by a colleague. Using the command "gam use project ..." and following the relevant promptsHe is the project owner and he has made me a project owner as well. All the API's are enabled. Still unable to access. Please see the attached photo for our error message"ERROR: 400: Invalid service account email (None). - 400"The project already has a service accountAny help would be appreciatedCheers--
You received this message because you are subscribed to the Google Groups "GAM for G Suite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-manager+unsub...@googlegroups.com.
Ross Scroggs
Apr 23, 2020, 5:24:22 PM4/23/20
to google-ap...@googlegroups.com
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/04b32025-503c-49f6-9862-d98f2e0dc4df%40googlegroups.com.
Jay Lee
Apr 23, 2020, 6:01:58 PM4/23/20
to google-ap...@googlegroups.com
Agreed, if you share the project then one admin could create or reset the other admin's service account or keys. Go with two projects.
Jay
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/23c29616-72bf-4fa9-8e81-b00ba7f23e72%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "GAM for G Suite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/04b32025-503c-49f6-9862-d98f2e0dc4df%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "GAM for G Suite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/BECEE59D-9896-4791-AD54-AA7E55DFC4A1%40gmail.com.
Jacob Nance
Apr 23, 2020, 6:02:41 PM4/23/20
to GAM for G Suite
I was succesfully able to authenticate to an existing project via the following steps using standard gam:
Install GAM via the bash command
bash <(curl -s -S -L https://git.io/install-gam) -l
Answer No to creating a profile
Answer No to creating a project
Go to your existing GAM GCP project in a web browser
Create new OAuth credentials
Download JSON of new credentials
Copy this file to gam directory (probably ~/bin/gam/) as `client_secrets.json`
run `gam oauth create` (from directory if no alias)
`c` to continue
Enter your g suite admin email
Open the provided url in a browser
Login with your g suite account and allow permissions for gam
Copy the verification code back into the terminal
Test that gam works `gam info domain`
On Thursday, April 23, 2020 at 4:24:22 PM UTC-5, Ross Scroggs wrote:
Jacob,
Then you need to create a new project.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/04b32025-503c-49f6-9862-d98f2e0dc4df%40googlegroups.com.
Ross Scroggs
Apr 23, 2020, 6:09:33 PM4/23/20
to google-ap...@googlegroups.com
Jacob,
You can also add a new service account the same way.
In the existing project, go to manage service accounts, create a new key, rename the downloaded file and oauth2service.json
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/cc1f1d68-eceb-4f5b-bd04-b4fe4c698b3e%40googlegroups.com.
Kim Nilsson
Apr 23, 2020, 7:03:19 PM4/23/20
to Google Apps Manager
Hmmm, isn't it only the authentication that decides what admin user the admin audit log refers to? Regardless of who created the project or service account?
Or must all three things, project, service account and authentication be done by the same person for the audit log to report the correct admin, meaning who actually "changed a user's password" or whatever?
Reply all
Reply to author
Forward
0 new messages