-
Notifications
You must be signed in to change notification settings - Fork 3
/
termUser.extended
executable file
·74 lines (74 loc) · 4.5 KB
/
termUser.extended
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/bash
INPUT=~/gam-data/userterm.csv
TEMP=~/gam-data/orgname.csv
OLDIFS=$IFS
IFS=,
timestamp=$(date +%Y-%m-%d@%I:%M%p)
[ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 99; }
while read userEmail userFirst userLast managerEmail managerPhone
do
dateStamp=_departed_$(date +%Y%m%d)
~/bin/gam/gam info user $userEmail | grep "Path:" > $TEMP
line="$(head -1 $TEMP)"
line="${line#'Google Org Unit Path: '}"
if [ -z "$1" ]
then
echo -e "\e[91m\e[7mALERT:\e[0m To be used only for termination procedure"
echo -e "to process changes use \e[91m./termUser doit\e[0m"
echo -e "---[ \e[93m\e[1mPREVIEW of Changes \e[0m]--- "
echo -e "\e[1mUnsuspend: \e[0m$userEmail"
echo -e "\e[1mDelegate to: \e[0m$managerEmail ($managerPhone)"
echo -e "\e[1mVacation Responder: \e[0m"
echo -e " $userFirst $userLast is no longer with IEEE, please contact $userFirst's manager at"
echo -e " <$managerEmail> or by telephone at $managerPhone. \n\n Thank You. \n IEEE Support."
echo -e "\e[36mRemove from All Groups\e[0m"
echo -e "\e[36mRemove mobile devices\e[0m"
echo -e "\e[36mMove from $line to /EXEMPT/Departed Staff Hold Extended\e[0m"
echo -e "\e[36mSet Departed & Date $(date +%Y-%m-%d)"
echo -e "---[ \e[93m\e[1mPREVIEW END \e[0m]--"
echo
else
if [ "${1^^}" == "DOIT" ]
then
echo -e "---[ \e[93m\e[1mTermination Process for User \e[36m$userFirst $userLast \e[0m]---\e[32m"
echo -e "\e[36m- Unsuspending User\e[0m"
echo "* $timestamp * $userEmail - Termination Process Start" >> ~/gam-data/gam-data.log
~/bin/gam/gam update user $userEmail suspended off
echo "* $timestamp * $userEmail - unsuspended" >> ~/gam-data/gam-data.log
~/bin/gam/gam update user $userEmail Status.Status Departed Status.Date $(date +%Y-%m-%d) Status.OU $line
echo "* $timestamp * $userEmail - Status set to Departed on $(date +%Y-%m-%d)" >> ~/gam-data/gam-data.log
echo -e "\e[36m- Remove from All Groups\e[0m"
~/bin/gam/gam user $userEmail delete groups
echo "* $timestamp * $userEmail - all groups removed" >> ~/gam-data/gam-data.log
echo -e "\e[36m- Move to Proper ORG\e[0m"
~/bin/gam/gam update user $userEmail org "/EXEMPT/Departed Staff Hold Extended"
echo "* $timestamp * $userEmail - Moved to Departed Staff Hold Extended" >> ~/gam-data/gam-data.log
echo -e "\e[36m- Delegate access to Manager\e[0m"
~/bin/gam/gam user $userEmail delegate to $managerEmail
echo "* $timestamp * $userEmail - Delegated email to $managerEmail" >> ~/gam-data/gam-data.log
echo -e "\e[36m- Set Vacation Message\e[0m"
~/bin/gam/gam user $userEmail vacation on subject "$userFirst $userLast is no longer with the IEEE:" message "$userFirst $userLast is no longer with the IEEE, please contact $userFirst's manager by email at <$managerEmail> or by telephone at $managerPhone. \n\n Thank You, \n IEEE Support." startdate $(date +%Y-%m-%d) enddate 2099-12-30
echo "* $timestamp * $userEmail - Set vacation responder to $managerEmail ($managerPhone)" >> ~/gam-data/gam-data.log
~/bin/gam/gam calendar $userEmail add editor $managerEmail
~/bin/gam/gam user $managerEmail add calendar $userEmail selected true hidden false
~/bin/gam/gam create datatransfer $userEmail gdrive $managerEmail privacy_level shared,private
echo -e "\e[36m- Randomize Password for $newEmail\e[0m"
~/bin/gam/gam update user $userEmail password random
echo "* $timestamp * $userEmail - Password Randomized" >> ~/gam-data/gam-data.log
echo -e "\e[36m- Deprovision $newEmail\e[0m"
~/bin/gam/gam user $userEmail deprovision
echo "* $timestamp * $userEmail - Revoked all App Passwords, 2 Factor, and OAuth tokens" >> ~/gam-data/gam-data.log
echo -e "\e[36m- Dump Mobile Phones\e[0m"
~/bin/gam/gam print mobile query "email:$userEmail" >> ~/gam-data/tmp.mobile-data.csv
echo -e "\e[36m- Wipe Account from All Mobile Devices\e[0m"
~/bin/gam/gam csv ~/gam-data/tmp.mobile-data.csv gam update mobile ~resourceId action account_wipe
rm ~/gam-data/tmp.mobile-data.csv
echo "* $timestamp * $userEmail - Mobile Devices Wiped" >> ~/gam-data/gam-data.log
echo "* $timestamp * $userEmail - Termination Process Complete" >> ~/gam-data/gam-data.log
echo -e "\e[0m---[ \e[93m\e[1m Termination Process Complete for \e[36m$userFirst $userLast \e[0m]---"
echo
echo "Please log into Admin Console and reset sign in cookies for $userEmail"
fi
fi
done < $INPUT
IFS=$OLDIFS