Shared Drives

Find Shared Drive ID from Name

gam user <Admin Email Addesss> show teamdrives query "name='<Name of Team Drive>'" asadmin

Make a note of the Shared Drive ID

Add Group to Shared Drive

Change the role as required. Permission types can be seen here.

gam user <Admin Email Addesss> add drivefileacl <Shared Drive ID> group <Group Email Address> role reader asadmin

Change the role accordingly

• organizer = Manager

• contentmanager = fileorganizer = Content manager

• writer = Contributor

• commenter = Commenter

• reader = Viewer

To add a new user

gam add drivefileacl <Team Drive ID> user <new organizer email address> role organizer

To update an existing user

gam user <Existing Shared Drive Organizer User Email> update drivefileacl <Team Drive ID> <User Email Address> role contentmanager

Include the excludetrashed option otherwise, files in the Bin will be restored and appear in the new drive folders.

gam user <User Email Address> copy drivefile <Source Shared Drive ID> excludetrashed recursive copytopfolderpermissions false copyfilepermissions false copysubfolderpermissions false teamdriveparentid <Destination Shared Drive ID> newfilename "<New Folder Name>"

Check the files are all copied

gam user <User Email Address> print filelist select teamdriveid <Shared Drive ID> todrive tdtitle "File list"

To create a new Shared Drive folder for a user

gam user <User Email Address> create teamdrive "<Shared Drive Name>" adminmanagedrestrictions true asadmin

New Folder

gam user <User Email Address> create drivefile drivefilename "<Folder Name>" mimetype gfolder parentid <Shared Drive Parent Folder ID>

Add User to Shared Drive

gam add drivefileacl <Team Drive ID> user <New User Email Address> role organizer

Shared Drive Permissions

Change the role as required.

• organizer = Manager

• contentmanager = fileorganizer = Content manager

• writer = Contributor

• commenter = Commenter

• reader = Viewer

Using Team Drive Name

Use format microsoft before targetfolder to save in Microsoft format.

gam user <User Email Address> get drivefile teamdrive "<Team Drive Name>" allfiles targetfolder "<Folder Name>"

Using Team Drive ID

gam user <User Email Address> get drivefile teamdriveid "<Team Drive ID>" allfiles targetfolder "<Folder Name>"

User

Delete an external email address from share access to Shared Drive folder.

gam user <Manager Email Address> delete drivefileacl <FolderID> <External Email address>

Remove User from Shared Drive

gam delete drivefileacl <SharedDriveID> <User Email Address>

Delete the files from a Shared Drive Bin.

gam user <Organizer Email Address> empty drivetrash teamdriveid <Shared Drive ID>

For a single user and Team Drive

Show the Total file counts and breakdown

gam user <Team Drive Organiser Email> show filecounts select teamdriveid <Team Drive ID>

For Multiple Users and Team Drives

Make a CSV file TeamDrives.csv with two columns: organiser,id

gam redirect csv ./TeamDriveFileCounts.csv multiprocess csv TeamDrives.csv gam user "~organiser" print filecounts select teamdriveid "~id"

Remove a file from a Shared Drive

Using the File. This will remove all files with the same name.

gam user <User Email Address> delete drivefile teamdrive "<Shared Drive Name>" teamdrivefilename "<File Name>" purge

Remove All Files and Folders from All Shared Drive

First, you must add yourself as an organizer to each drive you want to delete so that you have permission to remove the files and folders from the shared drive. To run this on all the shared drives, then you need a CSV of all the Shared drives

gam print teamdrives <Path to CSV>

then 

gam csv <Path to CSV> gam add drivefileacl ~id user <Admin Email Address> role organizer 

Next, remove all files from the shared folders

gam csv <Path to CSV> gam user <Admin Email Address> delete drivefile teamdrive ~name all_files

After files are all removed, you can now remove folders (Folders need to be empty first before they can be removed)

gam csv <Path to CSV> gam user <Admin Email Address> delete drivefile teamdrive ~name all_folders

All the Shared Drive folders can then be removed with

gam csv <Path to CSV> gam user <Admin Email Address> delete teamdrive ~id

This command will give you the name of a Shared Drive.

To find the name of a Shared Drive User, run the print drivefileacls command against the <Shared Drive ID>

gam user <Shared Drive User> info teamdrive <Shared Drive ID>

Single Shared Drive

Showing just the display name & role

gam print drivefileacls <Shared Drive ID> oneitemperrow fields displayname,role todrive

Shared Drives only with External Managers

Before running this command, create the SharedDrives.csv file.

gam config csv_output_row_filter "permissions:count>0" redirect csv ./ExternalSharedDrives.csv  multiprocess csv SharedDrives.csv gam print drivefileacls '~id' showtitles fields id,emailaddress,role role organizer pm role organizer domainlist "<Domain 1, Domain 2" em pma skip pmselect todrive

Shared Drive Roles

Change <Role> to viewer|commenter|contributor|contentmanager|manager as required.

gam user <User Email Address> print drivefileacls <Folder ID> pm role "<Role>" em oneitemperrow todrive

Everything on a Shared Drive

gam user <User Email Address> print filelist select teamdrive "<Shared Drive Name>" fields id,name,modifiedtime todrive

Or, using the <Shared Drive ID>

gam user <User Email Address> print filelist select teamdriveid <Shared Drive ID> todrive tdtitle "File list"

Everything in a folder on a Shared Drive

gam user <User Email Address> print filelist select teamdrive "<Shared Drive Name>" teamdrivefilename "<Shared Drive Folder Name>" fields id,name,modifiedtime todrive

Or using the <Folder ID>

gam user <User Email Address> print filelist select id <Folder ID> todrive

Files shared from an external account to a user in your Domain

gam config csv_output_row_filter "owners.0.emailAddress:regex:<External Email Address>" user <Domain User Email> print filelist fields id,name,owners.emailaddress showownedby others todrive

Shared Drive(s) containing a specific Folder

gam user <User Email Address> print filelist corpora onlyshareddrives query "name = '<Folder Name>'" fields id,name,driveid showdrivename excludetrashed todrive

Add the filepath option to see the full path to the <Folder Name> however, if the user does not have permission to view the Shared Drive, it will be excluded from the final results.

Individual Shared Folders

Use this command to show folders which do not have inherited share permissions. Filter the results to show lines where permission.domain is not your Domain and use the FolderID in the command to remove external users.

gam user <Manager Email Address> print filelist select teamdriveid <Shared Drive ID> fields id,name,mimetype,basicpermissions showmimetype gfolder pm inherited false em pmfilter oneitemperrow filepath todrive

Shortcuts

gam user <User Email Address> print filelist select teamdriveid <Shared Drive ID> showmimetype gshortcut fields id,name,mimetype,shortcutdetails,webviewlink todrive

Files Not Owned by User in Users Folder

Find the files not owned by the user in their folder and subfolders

gam config csv_output_header_drop_filter "^owners$" redirect csv ./ExternallyOwnedFiles.csv user <User Email Address> print filelist select <Folder ID> showownedby others fields id,name,owners.emailaddress,webviewlink filepath todrive

For a File Name

gam user <User Email Address> print filepath teamdrivefilename "<File Name>"

For a FolderID

gam user <User Email Address> print filepath teamdriveid <Folder ID>

All Shared Drives

One file, all Shared drives and all users

gam print teamdriveacls oneitemperrow todrive

User

Shared drives with roles for each drive

gam print teamdriveacls user <User Email Address> fields role todrive

User is the Organizer

gam print teamdriveacls user <User Email Address> role organizer todrive

Containing inc starting with

Regex options

•  ^ to denote 'starting with'

• .* 0 or more characters between text

• .+ 1 or more characters between text

gam config csv_output_row_filter "name:regex:^<Text to Search>.*<Text to Search>" print teamdrives todrive

Enclose the <Text to Search> in ' if the text contains characters, such as /, that may cause issues with the gam command.

Examples

"name:regex:photo" - names which contain 'photo'

"name:regex:^photo" - names starting with 'photo'

"name:regex:photo.*s" - names where there is 0 or more characters between 'photo' & 's'

"name:regex:photo.+s" - names where these is 1 or more character between 'photo' & 's' (so excludes photos & photoshoot)

Show OUs

Use the asadmin option to show the OU of the Shared Drives.

gam user <User Email Address> print teamdrives asadmin todrive

Name Contains

gam print teamdrives query "name contains '<Part of Name>'" todrive

The shareddrives option deals with the settings of the actual shared drive, rather that the settings for the user.

All Shared Drives

gam print shareddrives todrive

Drives a user is the Organizer

gam user <User Email Address> print shareddrives role organizer todrive

OU

Create a Google Sheet of the Shared Drives where the Organizer is in an OU.

gam config auto_batch_min 1 redirect csv ./UserTeamDrives.csv multiprocess redirect stdout - multiprocess redirect stderr stdout ou </Path/To/OU> print shareddrives fields id,name role organizer todrive

User

Print the Shared Drives a user is a direct member of, not via group membership

gam print shareddriveacls pm type user emailaddress <User Email Address> em oneitemperrow todrive

Not in Domain

Shared Drives which are shared with users outside the domain.

gam print shareddriveacls pm type user notdomain <Your Domain> em oneitemperrow

To remove a user from Shared Drives, the GAM command needs to be run as a manager (organizer) of the Shared Drive. I have not worked out how to obtain this info more efficiently but the following process will work.

List of Shared Drives

Show all the Shared Drives a user has access to. Edit this file to show the id of the Team Drives you want to remove the user from and save as CSV, eg shared-drive-ids.csv

gam user <User Email Address> print teamdrives todrive tdtitle "<Drive File Name>"

Shared Drive Organizers

Unfortunatley this command will create a gSheet for each Shared Drive. Copy and paste organizer emails into the CSV

gam csv shared-drive-ids.csv gam print drivefileacls ~id todrive

Remove User

gam csv shared-drive-ids.csv gam user ~organizer delete drivefileacl ~id <User Email Address>

Remove Users in OU from All Shared Drives

First create a CSV file with all the users and the corresponding Shared Drive IDs.

gam redirect csv ./OUSharedDriveAccess.csv ou '</Path/To/OU>' print shareddrives fields id,name

The process this data.

gam redirect stdout ./DeleteOUSharedDriveAccess.txt multiprocess redirect stderr stdout csv ./OUSharedDriveAccess.csv gam delete drivefileacl ~id ~User

It is better to add users via groups so that when the members of that group change, so does the access to the  Team Drive.

Find the Team Drive ID.

If you know the Shared (Team) Drive name use

gam user <User Email Address> print filelist select teamdrive "<Folder Name>" fields id,name,driveid showmimetype gfolder

If you do not know the name, then this command will create a file of all the Team Drives and their IDs

gam print teamdrives todrive

Get a CSV file containing all the users and their Team Drive Permissions

gam redirect csv ./TeamDriveMembers.csv print drivefileacls <Team Drive ID> oneitemperrow

Or, to save directly to Google Drive

gam print drivefileacls <Team Drive ID> oneitemperrow todrive

Test removing the users by role

Using the TeamDriveMembers.csv file create above, run this command to remove users who have reader, member or viewer roles.

gam csv ./TeamDriveMembers.csv matchfield permission.role "(reader)|(member)|(viewer)" gam info drivefileacl ~id  id:~~permission.id~~

Delete the Users by role

Change info to delete to remove the members.

gam csv ./TeamDriveMembers.csv matchfield permission.role "(reader)|(member)|(viewer)" gam delete drivefileacl ~id  id:~~permission.id~~

Remove an Individual User

gam user <Shared Drive Manager Email> delete drivefileacl <Shared Drive ID> <User Email To Delete>

Download, Print & Copy

This option (Viewers and commenters can see the option to download, print, and copy) is found in the share settings > cog. To toggle this option, note that true = unticked &  false = ticked. By default the option is ticked (false) so to prevent use the true flag.

Files

gam user <Manager Email> update drivefile <File ID> copyrequireswriterpermission true

Move Folder

Shared (Team) Drives cannot be moved into other Shared (Team) Drives. Folders within Shared (Team) Drives can be moved into Shared (Team) Drives.

gam user <User Email Address> update drivefile <Shared Drive Folder ID> parentid <Shared Drive ID>

Download, Print & Copy

This option (Viewers and commenters can see the option to download, print, and copy) is found in the share settings > cog. To toggle this option, note that true = unticked &  false = ticked. By default the option is ticked (false) so to prevent use the true flag.

gam user <Manager Email> update teamdrive <Shared Drive ID> copyrequireswriterpermission true

Name change

Change the name of a Team Drive

gam user <User Email Address> update teamdrive <Team Drive ID> name "<New Name>"

Theme

Run gam show teamdrivethemes to get the <ThemeID Name>, for example abacus, bok_choy, flags. Th

gam user <User Email Address>  update teamdrive teamdriveid <Shared Drive ID> themeid <ThemeID Name>

Content Manager Share Folder settings

Use the sharingFoldersRequiresOrganizerPermission option to toggle this setting. Setting this option to true will only allow Organizers to change the sharing permissions. 

gam update teamdrive <Shared Drive ID> sharingFoldersRequiresOrganizerPermission [true or false]

Get Shared Drive ID from Name & a user

gam user <Existing Shared Drive User Email> show teamdrives matchname "<Exact Team Drive Name>"

From the resulting info look for Shared Drive ID: 0AXXXXXXXXXXXXXVA

List Shared Drive Users

CSV of Users

gam redirect csv ./TeamDriveMembers.csv print drivefileacls <Shared Drive ID> oneitemperrow

Google Sheet of users.

gam print drivefileacls <Shared Drive ID> oneitemperrow todrive

Edit Google Sheet or CSV & Upload

Change the User Email heading to email and the Permissions heading to newrole for ease of the command below. Then edit the new role accordingly. Save as newroles.csv.

• organizer = Manager

• contentmanager = fileorganizer = Content manager

• writer = Contributor

• commenter = Commenter

• reader = Viewer

Update Permission

By CSV

gam csv <New Roles>.csv gam user <Shared Drive Manager Email> update drivefileacl <Drive ID> ~email role ~newrole

By Google Sheet

gam csv gsheet <Sheet Owner Email> <File ID> '<Sheet Name>' gam user <Shared Drive Manager Email> update drivefileacl <Drive ID> ~email role ~newrole

Delete Users

CSV

gam csv <Delete Users>.csv gam user <Shared Drive Manager Email> delete drivefileacl <Shared Drive ID> ~email

Google Sheet

The permission.emailAddress is the email address field for the users. Make sure you remove the Shared Drive Manager (organizer) Email from the Google Sheet otherwise this user will get removed and the following command iterations will fail.

gam csv gsheet <Sheet Owner Email> <File ID> '<Sheet Name>' gam user <Shared Drive Manager (organizer) Email> delete drivefileacl <Shared Drive ID> ~permission.emailAddress

Folder Permission

Google Sheet

Add users to a folder within a Shared Drive. Change the role as required.

gam csv gsheet <Sheet Owner Email> <File ID> '<Sheet Name>' gam user <Shared Drive Manager (organizer) Email> add drivefileacl <Drive Folder ID> user ~permission.emailAddress role viewer

Update File Name inside users Drives

This will update the file name of files inside a users Drive, from a CSV file (update.csv), which contains the user, fileID and NewFileName

gam csv update.csv gam user ~user update drivefile id ~fileID newfilename ~NewFileName

Find out the Team Drives with no Managers

Team Drives without Organizers means that they cannot be fully managed, deleted, if no longer needed.

gam print teamdrives query "organizerCount = 0"

Adding an User (Manager) to a Team Drive

gam add drivefileacl <Team Drive ID> user <new organizer email address> role organizer

Show all the Team Drive details (to get names and IDs)

gam print teamdrives todrive