This repository offers Bash scripts that simplify user management in Google Workspace using GAM and GAMADV-XTD3 command-line tool, automating tasks like onboarding, offboarding, and updates for consistent and efficient administration.
- GAMADV-XTD3: Ensure that GAMADV-XTD3 is installed and configured on your machine.
- Bash: The scripts are designed to run in a Bash shell environment.
-
Onboarding Script (
onboard.sh):- Creates new user accounts.
- Sets up email signatures and group memberships.
- Adds employment details and calendar events.
-
Offboarding Script (
offboard.sh):- Resets passwords and clears recovery options.
- Transfers Drive and Calendar data.
- Configures email forwarding and auto-replies.
- Removes users from groups and hides from the GAL.
-
Reporting Script (
print.sh):- Generates various reports on users, groups, aliases, admins, calendars, and resources.
-
Install Dependencies: Ensure that all required tools and dependencies are installed and updated. This includes GAM and GAMADV-XTD3, which can be installed using the following commands:
bash <(curl -s -S -L https://gam-shortn.appspot.com/gam-install) bash <(curl -s -S -L https://raw.githubusercontent.com/taers232c/GAMADV-XTD3/master/src/gam-install.sh)
-
Clone the Repository:
git clone https://github.com/grace-bible/GAM-boarding-scripts.git
-
Configure
config.env:- Create a
config.envfile with necessary environment variables such asGAM,GAM3,LOG_DIR,SIG_FILE,CC_HR,BDAY_CAL, andUPDATE_INTERVAL_DAYS.
# This is a configuration file for onboarding and offboarding scripts # Path to the GAM and GAMADV-XTD3 executable GAM=$HOME/bin/gam/gam GAM3=$HOME/bin/gamadv-xtd3/gam # Directory for storing logs LOG_DIR=/path/goes/here # Path to the email signature template file SIG_FILE=/path/goes/here TEMP_PASS=$(openssl rand -base64 12) # Email addresses to notify of onboarding [email protected] # Your staff birthday calendar ID [email protected] # Last update date for GAM and GAMADV-XTD3 GAM_LAST_UPDATE="2000-01-01" # Update interval in days UPDATE_INTERVAL_DAYS=7
- Create a
./onboard.sh (-h) [<onboard_first_name> <onboard_last_name> <onboard_user> <manager_email_address> <recovery_email> <campus> <job_title> <birthday>]Options:
-h: Print the help message.
Arguments:
onboard_first_name: User's first name.onboard_last_name: User's last name.onboard_user: New domain email for the user.manager_email_address: User's manager email.recovery_email: Personal email for the onboarding user.campus: Assigned campus (AND, SW, CRK, MT, SYS).job_title: User's official job title (optional).birthday: User's birthday (YYYY-MM-DD) for the company birthday calendar (optional).
onboard.sh Script Flowchart:
flowchart TD
A[Start Onboarding Script] --> B{Check Arguments}
B --> |Arguments Provided| C[Set Variables from Arguments]
B --> |Arguments Missing| D[Prompt User for Input]
C --> E[Confirm Inputs]
D --> E[Confirm Inputs]
E --> F[Whiptail Menu]
F --> |create_user| G[Create User Account]
F --> |add_birthday| H[Add Birthday to Calendar]
F --> |get_info| I[Print User Info]
F --> |update_info| J[Update User Info]
F --> |view_signature| K[Print Email Signature]
F --> |set_signature| L[Configure Email Signature]
F --> |add_groups| M[Add User to Groups]
F --> |update_marriage| N[Update User Identity]
G --> O[Add Employment Start Date]
O --> P[Email Credentials to User]
P --> Q[Log User Info]
L --> R{View Signature?}
R --> |Yes| K
R --> |No| S[Skip Viewing Signature]
S --> Q
H --> Q
I --> Q
J --> Q
K --> Q
M --> Q
N --> Q
Q --> T[End Logging]
T --> U[Return to Initial Directory]
U --> V[Script Ends]
./offboard.sh (-h) [<offboard_user> <receiving_user>]Options:
-h: Print the help message.
Arguments:
offboard_user: User email for the offboarding user.receiving_user: User email for the receiving user of any transfers.
offboard.sh Script Flowchart:
flowchart TD
A[Start Offboarding Script] --> B{Check Arguments}
B --> |Arguments Provided| C[Set Variables from Arguments]
B --> |Arguments Missing| D[Prompt User for Input]
C --> E[Confirm Inputs]
D --> E[Confirm Inputs]
E --> F[Whiptail Menu]
F --> |unsuspend| G[Unsuspend User Account]
F --> |get_info| H[Log User Info]
F --> |reset_password| I[Generate Random Password]
F --> |reset_recovery| J[Erase Recovery Options]
F --> |set_endDate| K[Set Employment End Date]
F --> |deprovision| L[Deprovision User]
F --> |remove_directory| M[Remove from GAL]
F --> |forward_emails| N[Forward Emails and Delegate Access]
F --> |set_autoreply| O[Configure Email Autoreply]
F --> |transfer_drive| P[Transfer Google Drive]
F --> |transfer_calendar| Q[Transfer Google Calendars]
F --> |remove_groups| R[Remove from Groups]
F --> |remove_drives| S[Remove from Shared Drives]
F --> |set_org_unit| T[Move User to Inactive OU]
G --> U[Continue Offboarding Tasks]
H --> U
I --> U
J --> U
K --> U
L --> U
M --> U
N --> U
O --> U
P --> U
Q --> U
R --> U
S --> U
T --> U
U --> V{Suspend User?}
V --> |Yes| W[Suspend User]
V --> |No| X[Skip Suspension]
W --> Y[End Logging]
X --> Y
Y --> Z[Return to Initial Directory]
Z --> AA[Script Ends]
./print.sh- Both onboarding and offboarding scripts include interactive whiptail TUI menus for selecting and executing tasks.
- Ensure that
config.envis correctly configured with all required paths and settings. - Review and test the scripts in a controlled environment before deploying them in production.
- Both scripts will regularly check for updates to GAM and GAMADV-XTD3 to ensure compatibility with the latest Google Workspace APIs.
- Feel free to submit issues and pull requests to improve functionality and compatibility.
This project is licensed under the MIT License.