This repository has been archived by the owner on Mar 1, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
Home
Cat™ edited this page Aug 31, 2020
·
5 revisions
Few things about Team Drive Manager
- Go to the Google Developer Console
- Create a new API Project
- Name it as you want in this tutorial I name it "TeamdriveManager"
- After its created select it
- Click on "Enable APIs"
- Enable the
Google Drive API
- Enable the
Admin SDK
- Enable the
Identity and Access Management (IAM) API
- Enable the
Cloud Resource Manager API
- Enable the
Service Management API
- Enable the
IAM Service Account Credentials API
- Enable the
- Click on "Credentials"
- "Create Credentials"
- "Service Account Key"
- Create a new Service Account
- As name you should use "TeamdriveManager-Impersonate"
- Don't select a Role
- As Type select JSON
- When asked say "Create without Role"
- You will now download a JSON File. DONT LOSE THE JSON FILE!
- Click on "Manage Service Accounts"
- click on the mail address of the Service Account
- Click Edit in the Top
- Click on "Show Domain-wide delegation"
- Enable "Enable G Suite Domain-wide Delegation"
- As Product name just use the Project name again
- Press Save
- copy the Client ID to notepad.exe or so
- Go to the Admin Console (admin.google.com/YOURDOMAIN)
- Go into "Security" (or use the search bar)
- Select "Show more" and then "Advanced settings"
- Select "Manage API client access" in the "Authentication" section
- In the "Client Name" field enter the service account’s "Client ID"
- In the next field, "One or More API Scopes", enter the following
https://www.googleapis.com/auth/admin.directory.group,https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/drive,https://www.googleapis.com/auth/service.management
- assign
- group - Assign all users from the config to the corresponding TeamDrives by using Groups
- address - Assign an address to a specified teamdrive
- serviceaccount - Assign all ServiceAccounts from the projects defined in the config to the configured Group
- combinations
- project_accounts_keys - Creates a project, creates and fills it with 100 accounts and provides the keys for it
- regenerate_keys - Re-creates service accounts for a project
- create
- teamdrive - Create a Teamdrive
- project - Create a project
- serviceaccount - Create a service account
- group - Create a group
- delete
- project - Delete selected projects
- serviceaccount - Delete all service accounts from a project
- generate
- rclone - Generate an rclone config
- list
- teamdrive - List all Teamdrives
- group - List all groups
- project - List al projects
- serviceaccount - List all service accounts
Creates 100 service accounts, project ID must be unique, non-existent and must consist of alphanumeric characters:
TeamDriveManager --concurrency 5 combinations project_accounts_keys new-project-name-xxx
TeamDriveManager create teamdrive "teamdrive-name"
TeamDriveManager combinations regenerate_keys
{
"ServiceAccountFile": "/full/path/to/impersonation/file.json",
"ServiceAccountFolder": "/full/path/to/service/accounts/directory/",
"Impersonate": "administrator@domain.tld",
"Organization": "organization_ID",
"Domain": "domain.tld",
"Projects": [
"project-1",
"project-2",
"project-3"
],
"ServiceAccountGroup": "serviceaccounts",
"TeamDriveConfig": {
"NamePrefix": "SomePrefix",
"GlobalUsers": {
"organizer": {
"user@domain.tld": "me"
}
},
"BlackList": null,
"GroupAssignments": [
{
"TeamDriveName": " : Videos",
"GroupAddresses": {
"organizer": "xxxxxxxxxxxxxxxxxxxx"
}
},
{
"TeamDriveName": " : Music",
"GroupAddresses": {
"organizer": "xxxxxxxxxxxxxxxxxxxx"
}
}
]
}
}
PANI[0000] Error listing projects: Get https://cloudresourcemanager.googleapis.com/v1/projects?alt=json&prettyPrint=false: oauth2: cannot fetch token: 400 Bad Request
Response: {
"error": "invalid_request",
"error_description": "Invalid impersonation \u0026quot;sub\u0026quot; field."
}
Value for "Impersonate" in config.json
has to be like user@domain.tld
PANI[0000] open "/wrong/path/to/the/file/teamdrive-impersonation-file.json": no such file or directory
panic: (*logrus.Entry) (0xb7c4a0,0xc0002bca80)
Wrong path, check it again.
PANI[0000] unexpected end of JSON input
panic: (*logrus.Entry) (0xb7c4a0,0xc0002c6a80)
JSON file is corrupted
time="2019-12-06T21:53:57+01:00" level=panic msg="read E:\service-accounts\: Referensen (handle) är felaktig."
panic: (*logrus.Entry) (0xb6a7e0,0xc00024c7e0)
Path to where save the service accounts credentials is wrong.