Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- Created by:
- Chris Fadell (chris.fadell@bettercloud.com)
- BetterCloud, 2019
- BetterIT Slack Community
- DISCLAIMER: Sample scripts in this guide are not supported under any BetterCloud, Inc. (“BetterCloud”) support program or service and shall be deemed “Beta Services” under any Master Subscription Agreement or any other services agreement entered into with BetterCloud. The sample scripts are provided AS IS without representation or warranty of any kind, whether express or implied. BetterCloud disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. By using a sample script, you acknowledge and agree: (a) that the entire risk arising out of the use or performance of the sample scripts and documentation remains with you: and (b) that in no event shall BetterCloud, its employees, officers, directors, contractors or agents, or anyone else involved in the creation, production, or delivery of the scripts, be liable for any loss, costs, or damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of or relating to the performance, use of, or inability to use the sample scripts or documentation, even if BetterCloud has been advised of the possibility of such damages.
- */
- //Initation Notes
- //You must enable Resources>Advanced Google Services>Admin Directory API and Group Settings API
- //Must name the Speadsheet associated with this script "Log Sheet"
- //Must replace sheetId in Global variables with the document ID of the Google sheet in the URL in line 9
- //Must create a processing group that users will be added to check membership against to iniate this script (this can be done as part of your offboarding workflow in BetterCloud) in line 11
- //Global Variables
- var sheetId = "SHEET ID GOES HERE";
- var sheet = SpreadsheetApp.openById(sheetId);
- var groupEmail = "PROCESSING GROUP GOES HERE"; //replace with the group email you'd like to add users to to process this user change
- function createGroup(){
- var groupMembers = retrieveUsersInGroup(); //retrieves users in the group
- if (groupMembers){ //if there are members in the group run the function
- for (var i = 0; i < groupMembers.length; i++){
- var name = AdminDirectory.Users.get(groupMembers[i]).name.fullName; //retrieves user's full name for group creation
- var userEmail = AdminDirectory.Users.get(groupMembers[i]).primaryEmail; //retrieves user's email address
- var aliases = AdminDirectory.Users.Aliases.list(groupMembers[i]).aliases; //retrieves user's alias
- var managerEmail = retrieveManager(groupMembers[i]); //retrieves user's manager
- if (aliases){ //if the user has aliases
- removeAliases(groupMembers[i], aliases[0].alias); //removes first alias
- var group = createGroupFromAlias(aliases[0].alias, name); //creates group from first alias
- updateGroupSettings(group.email); //updates group's settings
- addManagerToGroup(managerEmail, group.email); //adds manager to group
- }
- else{
- log("User: " + groupMembers[i] + " does not have any aliases. Unable to run create group function.") //if the user doesn't have any aliases, log it
- }
- var aliases = AdminDirectory.Users.Aliases.list(groupMembers[i]).aliases; //retrieves user's remaining aliases
- if (aliases){ //if the user has aliases
- for (var k = 0; k < aliases.length; k++){ //loops through all aliases
- var alias = aliases[k].alias; //sets the alias
- try{
- AdminDirectory.Users.Aliases.remove(groupMembers[i], alias); //removes the alias from the user
- log("REMOVE USER ALIAS", "SUCCESS", "Removed alias: " + alias + " from user: " + groupMembers[i]);
- }
- catch(e){
- log("REMOVE USER ALIAS", "FAILURE", "Failed to removed alias: " + alias + " from user: " + groupMembers[i] + ". Failure:" + e);
- }
- try{
- AdminDirectory.Groups.Aliases.insert({"alias": alias}, group.email); //adds the user alias as a group alias
- log("ADD GROUP ALIAS", "SUCCESS", "Added group alias: " + alias + " to group: " + group.email);
- }
- catch(e){
- log("ADD GROUP ALIAS", "FAILURE", "Failed to added group alias: " + alias + " to group: " + group.email + ". Failure:" + e);
- }
- }
- removeUserFromGroup(groupEmail, userEmail); //removes user from workflow group
- }
- }
- }
- else{
- Logger.log("No members in group");
- }
- }
- function retrieveUsersInGroup(){
- var members = AdminDirectory.Members.list(groupEmail);
- if (members.members){
- var emailArray = [];
- for (var i = 0; i < members.members.length; i++){
- var email = members.members[i].email
- emailArray.push(members.members[i].email);
- }
- }
- return emailArray
- }
- function removeAliases(user, alias){
- try{
- AdminDirectory.Users.Aliases.remove(user, alias);
- log("REMOVE USER ALIAS", "SUCCESS", "Removed alias: " + alias + " from user: " + user)
- }
- catch(e){
- log("REMOVE USER ALIAS", "FAILURE", "Failed to remove alias: " + alias + " from user " + user+". Failure: " + e)
- }
- }
- function createGroupFromAlias(alias, groupName){
- try{
- var group = AdminDirectory.Groups.insert({"email": alias, "name": "Forwarding - " + groupName, "description": "This group handles all email forwarding for the terminated user " + groupName}); //Forwarding - First Name Last Name
- log("CREATE GROUP", "SUCCESS", "Created group: " + alias);
- }
- catch(e){
- log("CREATE GROUP", "FAILURE", "Failed to created group: " + alias + ". Failure:" + e);
- }
- return group
- }
- function addManagerToGroup(managerEmail, groupEmail){
- try{
- AdminDirectory.Members.insert({"email": managerEmail, "role": "OWNER"}, groupEmail);
- log("ADD MANAGER TO GROUP", "SUCCESS", "Added manager: " + managerEmail + " to group: " + groupEmail);
- }
- catch(e){
- log("ADD MANAGER TO GROUP", "FAILURE", "Failed to add manager: " + managerEmail + " to group: " + groupEmail + ". Failure:" + e);
- }
- }
- function removeUserFromGroup(groupEmail, userEmail){
- try{
- AdminDirectory.Members.remove(groupEmail, userEmail);
- log("REMOVE USER FROM GROUP", "SUCCESS", "Removed user: " + userEmail + " from group: " + groupEmail);
- }
- catch(e){
- log("REMOVE USER FROM GROUP", "FAILURE", "Failed to remove user: " + userEmail + " from group: " + groupEmail + ". Failure:" + e);
- }
- }
- function log(operation, status, fullLog){
- var date = new Date();
- sheet.getSheetByName("Log Sheet").insertRowBefore(2);
- sheet.getRange("A2:D2").setValues([[date.toISOString(),operation, status, fullLog]]);
- }
- function retrieveManager(groupMember){
- var relations = AdminDirectory.Users.get(groupMember).relations;
- for (var i = 0; i < relations.length; i++){
- if (relations[i].type == "manager"){
- var managerEmail = relations[i].value;
- break;
- }
- }
- return managerEmail
- }
- function updateGroupSettings(groupEmail){
- try{
- AdminGroupsSettings.Groups.patch({"showInGroupDirectory":false,"whoCanModerateMembers": "NONE", "whoCanLeaveGroup":"NONE_CAN_LEAVE","isArchived":true}, groupEmail);
- log("UPDATE GROUP SETTINGS", "SUCCESS", "Updated group settings for group: " + groupEmail);
- }
- catch(e){
- log("UPDATE GROUP SETTINGS", "FAILURE", "Failed to updated group settings for group: " + groupEmail + " " + e);
- }
- }
Add Comment
Please, Sign In to add comment