Update your Bookmarks to https://sites.google.com/view/gam--commands/home
By default GAM will/may copy files from the Bin. To avoid this you can add excludetrashed on the end of the command.
gam user <Admin Email Addesss> show teamdrives query "name='<Name of Team Drive>'" asadmin
Make a note of the Shared Drive ID
Change the role as required. Permission types can be seen here.
gam user <Admin Email Addesss> add drivefileacl <Shared Drive ID> group <Group Email Address> role reader asadmin
Change the role accordingly
organizer = Manager
contentmanager = fileorganizer = Content manager
writer = Contributor
commenter = Commenter
reader = Viewer
gam add drivefileacl <Team Drive ID> user <new organizer email address> role organizer
gam user <Existing Shared Drive Organizer User Email> update drivefileacl <Team Drive ID> <User Email Address> role contentmanager
Include the excludetrashed option otherwise, files in the Bin will be restored and appear in the new drive folders.
gam user <User Email Address> copy drivefile <Source Shared Drive ID> excludetrashed recursive copytopfolderpermissions false copyfilepermissions false copysubfolderpermissions false teamdriveparentid <Destination Shared Drive ID> newfilename "<New Folder Name>"
gam user <User Email Address> print filelist select teamdriveid <Shared Drive ID> todrive tdtitle "File list"
gam user <User Email Address> create teamdrive "<Shared Drive Name>" adminmanagedrestrictions true asadmin
gam user <User Email Address> create drivefile drivefilename "<Folder Name>" mimetype gfolder parentid <Shared Drive Parent Folder ID>
gam add drivefileacl <Team Drive ID> user <New User Email Address> role organizer
Change the role as required.
organizer = Manager
contentmanager = fileorganizer = Content manager
writer = Contributor
commenter = Commenter
reader = Viewer
Use format microsoft before targetfolder to save in Microsoft format.
gam user <User Email Address> get drivefile teamdrive "<Team Drive Name>" allfiles targetfolder "<Folder Name>"
gam user <User Email Address> get drivefile teamdriveid "<Team Drive ID>" allfiles targetfolder "<Folder Name>"
Delete an external email address from share access to Shared Drive folder.
gam user <Manager Email Address> delete drivefileacl <FolderID> <External Email address>
gam delete drivefileacl <SharedDriveID> <User Email Address>
Delete the files from a Shared Drive Bin.
gam user <Organizer Email Address> empty drivetrash teamdriveid <Shared Drive ID>
Show the Total file counts and breakdown
gam user <Team Drive Organiser Email> show filecounts select teamdriveid <Team Drive ID>
Make a CSV file TeamDrives.csv with two columns: organiser,id
gam redirect csv ./TeamDriveFileCounts.csv multiprocess csv TeamDrives.csv gam user "~organiser" print filecounts select teamdriveid "~id"
Using the File. This will remove all files with the same name.
gam user <User Email Address> delete drivefile teamdrive "<Shared Drive Name>" teamdrivefilename "<File Name>" purge
First, you must add yourself as an organizer to each drive you want to delete so that you have permission to remove the files and folders from the shared drive. To run this on all the shared drives, then you need a CSV of all the Shared drives
gam print teamdrives <Path to CSV>
then
gam csv <Path to CSV> gam add drivefileacl ~id user <Admin Email Address> role organizer
Next, remove all files from the shared folders
gam csv <Path to CSV> gam user <Admin Email Address> delete drivefile teamdrive ~name all_files
After files are all removed, you can now remove folders (Folders need to be empty first before they can be removed)
gam csv <Path to CSV> gam user <Admin Email Address> delete drivefile teamdrive ~name all_folders
All the Shared Drive folders can then be removed with
gam csv <Path to CSV> gam user <Admin Email Address> delete teamdrive ~id
This command will give you the name of a Shared Drive.
To find the name of a Shared Drive User, run the print drivefileacls command against the <Shared Drive ID>
gam user <Shared Drive User> info teamdrive <Shared Drive ID>
Showing just the display name & role
gam print drivefileacls <Shared Drive ID> oneitemperrow fields displayname,role todrive
Before running this command, create the SharedDrives.csv file.
gam config csv_output_row_filter "permissions:count>0" redirect csv ./ExternalSharedDrives.csv multiprocess csv SharedDrives.csv gam print drivefileacls '~id' showtitles fields id,emailaddress,role role organizer pm role organizer domainlist "<Domain 1, Domain 2" em pma skip pmselect todrive
Change <Role> to viewer|commenter|contributor|contentmanager|manager as required.
gam user <User Email Address> print drivefileacls <Folder ID> pm role "<Role>" em oneitemperrow todrive
gam user <User Email Address> print filelist select teamdrive "<Shared Drive Name>" fields id,name,modifiedtime todrive
Or, using the <Shared Drive ID>
gam user <User Email Address> print filelist select teamdriveid <Shared Drive ID> todrive tdtitle "File list"
gam user <User Email Address> print filelist select teamdrive "<Shared Drive Name>" teamdrivefilename "<Shared Drive Folder Name>" fields id,name,modifiedtime todrive
Or using the <Folder ID>
gam user <User Email Address> print filelist select id <Folder ID> todrive
gam config csv_output_row_filter "owners.0.emailAddress:regex:<External Email Address>" user <Domain User Email> print filelist fields id,name,owners.emailaddress showownedby others todrive
gam user <User Email Address> print filelist corpora onlyshareddrives query "name = '<Folder Name>'" fields id,name,driveid showdrivename excludetrashed todrive
Add the filepath option to see the full path to the <Folder Name> however, if the user does not have permission to view the Shared Drive, it will be excluded from the final results.
Use this command to show folders which do not have inherited share permissions. Filter the results to show lines where permission.domain is not your Domain and use the FolderID in the command to remove external users.
gam user <Manager Email Address> print filelist select teamdriveid <Shared Drive ID> fields id,name,mimetype,basicpermissions showmimetype gfolder pm inherited false em pmfilter oneitemperrow filepath todrive
gam user <User Email Address> print filelist select teamdriveid <Shared Drive ID> showmimetype gshortcut fields id,name,mimetype,shortcutdetails,webviewlink todrive
Find the files not owned by the user in their folder and subfolders
gam config csv_output_header_drop_filter "^owners$" redirect csv ./ExternallyOwnedFiles.csv user <User Email Address> print filelist select <Folder ID> showownedby others fields id,name,owners.emailaddress,webviewlink filepath todrive
Other MIME types by file category can be application|audio|font|image|message|model|multipart|text|video.
gam user <Manager Email Address> print filelist select teamdriveid <Shared Drive ID> showmimetype category audio,video fields id,name,mimetype,webviewlink todrive
gam user <User Email Address> print filepath teamdrivefilename "<File Name>"
gam user <User Email Address> print filepath teamdriveid <Folder ID>
One file, all Shared drives and all users
gam print teamdriveacls oneitemperrow todrive
Shared drives with roles for each drive
gam print teamdriveacls user <User Email Address> fields role todrive
gam print teamdriveacls user <User Email Address> role organizer todrive
Regex options
^ to denote 'starting with'
.* 0 or more characters between text
.+ 1 or more characters between text
gam config csv_output_row_filter "name:regex:^<Text to Search>.*<Text to Search>" print teamdrives todrive
Enclose the <Text to Search> in ' if the text contains characters, such as /, that may cause issues with the gam command.
Examples
"name:regex:photo" - names which contain 'photo'
"name:regex:^photo" - names starting with 'photo'
PhotographsPhotographyPhotosPHotos"name:regex:photo.*s" - names where there is 0 or more characters between 'photo' & 's'
Art Photosmedia photoshootPhotographsPhotosPHotosWinter Camp 2019 PhotosY11 French Class PhotosYear 6 Photographs 2019-20"name:regex:photo.+s" - names where these is 1 or more character between 'photo' & 's' (so excludes photos & photoshoot)
PhotographsYear 6 Photographs 2019-20Use the asadmin option to show the OU of the Shared Drives.
gam user <User Email Address> print teamdrives asadmin todrive
gam print teamdrives query "name contains '<Part of Name>'" todrive
The shareddrives option deals with the settings of the actual shared drive, rather that the settings for the user.
gam print shareddrives todrive
gam user <User Email Address> print shareddrives role organizer todrive
Create a Google Sheet of the Shared Drives where the Organizer is in an OU.
gam config auto_batch_min 1 redirect csv ./UserTeamDrives.csv multiprocess redirect stdout - multiprocess redirect stderr stdout ou </Path/To/OU> print shareddrives fields id,name role organizer todrive
Print the Shared Drives a user is a direct member of, not via group membership
gam print shareddriveacls pm type user emailaddress <User Email Address> em oneitemperrow todrive
Shared Drives which are shared with users outside the domain.
gam print shareddriveacls pm type user notdomain <Your Domain> em oneitemperrow
To remove a user from Shared Drives, the GAM command needs to be run as a manager (organizer) of the Shared Drive. I have not worked out how to obtain this info more efficiently but the following process will work.
Show all the Shared Drives a user has access to. Edit this file to show the id of the Team Drives you want to remove the user from and save as CSV, eg shared-drive-ids.csv
gam user <User Email Address> print teamdrives todrive tdtitle "<Drive File Name>"
Unfortunatley this command will create a gSheet for each Shared Drive. Copy and paste organizer emails into the CSV
gam csv shared-drive-ids.csv gam print drivefileacls ~id todrive
gam csv shared-drive-ids.csv gam user ~organizer delete drivefileacl ~id <User Email Address>
First create a CSV file with all the users and the corresponding Shared Drive IDs.
gam redirect csv ./OUSharedDriveAccess.csv ou '</Path/To/OU>' print shareddrives fields id,name
The process this data.
gam redirect stdout ./DeleteOUSharedDriveAccess.txt multiprocess redirect stderr stdout csv ./OUSharedDriveAccess.csv gam delete drivefileacl ~id ~User
It is better to add users via groups so that when the members of that group change, so does the access to the Team Drive.
If you know the Shared (Team) Drive name use
gam user <User Email Address> print filelist select teamdrive "<Folder Name>" fields id,name,driveid showmimetype gfolder
If you do not know the name, then this command will create a file of all the Team Drives and their IDs
gam print teamdrives todrive
gam redirect csv ./TeamDriveMembers.csv print drivefileacls <Team Drive ID> oneitemperrow
Or, to save directly to Google Drive
gam print drivefileacls <Team Drive ID> oneitemperrow todrive
Using the TeamDriveMembers.csv file create above, run this command to remove users who have reader, member or viewer roles.
gam csv ./TeamDriveMembers.csv matchfield permission.role "(reader)|(member)|(viewer)" gam info drivefileacl ~id id:~~permission.id~~
Change info to delete to remove the members.
gam csv ./TeamDriveMembers.csv matchfield permission.role "(reader)|(member)|(viewer)" gam delete drivefileacl ~id id:~~permission.id~~
gam user <Shared Drive Manager Email> delete drivefileacl <Shared Drive ID> <User Email To Delete>
This option (Viewers and commenters can see the option to download, print, and copy) is found in the share settings > cog. To toggle this option, note that true = unticked & false = ticked. By default the option is ticked (false) so to prevent use the true flag.
gam user <Manager Email> update drivefile <File ID> copyrequireswriterpermission true
Shared (Team) Drives cannot be moved into other Shared (Team) Drives. Folders within Shared (Team) Drives can be moved into Shared (Team) Drives.
gam user <User Email Address> update drivefile <Shared Drive Folder ID> parentid <Shared Drive ID>
This option (Viewers and commenters can see the option to download, print, and copy) is found in the share settings > cog. To toggle this option, note that true = unticked & false = ticked. By default the option is ticked (false) so to prevent use the true flag.
gam user <Manager Email> update teamdrive <Shared Drive ID> copyrequireswriterpermission true
Change the name of a Team Drive
gam user <User Email Address> update teamdrive <Team Drive ID> name "<New Name>"
Run gam show teamdrivethemes to get the <ThemeID Name>, for example abacus, bok_choy, flags. Th
gam user <User Email Address> update teamdrive teamdriveid <Shared Drive ID> themeid <ThemeID Name>
Use the sharingFoldersRequiresOrganizerPermission option to toggle this setting. Setting this option to true will only allow Organizers to change the sharing permissions.
gam update teamdrive <Shared Drive ID> sharingFoldersRequiresOrganizerPermission [true or false]
gam user <Existing Shared Drive User Email> show teamdrives matchname "<Exact Team Drive Name>"
From the resulting info look for Shared Drive ID: 0AXXXXXXXXXXXXXVA
CSV of Users
gam redirect csv ./TeamDriveMembers.csv print drivefileacls <Shared Drive ID> oneitemperrow
Google Sheet of users.
gam print drivefileacls <Shared Drive ID> oneitemperrow todrive
Change the User Email heading to email and the Permissions heading to newrole for ease of the command below. Then edit the new role accordingly. Save as newroles.csv.
organizer = Manager
contentmanager = fileorganizer = Content manager
writer = Contributor
commenter = Commenter
reader = Viewer
By CSV
gam csv <New Roles>.csv gam user <Shared Drive Manager Email> update drivefileacl <Drive ID> ~email role ~newrole
By Google Sheet
gam csv gsheet <Sheet Owner Email> <File ID> '<Sheet Name>' gam user <Shared Drive Manager Email> update drivefileacl <Drive ID> ~email role ~newrole
CSV
gam csv <Delete Users>.csv gam user <Shared Drive Manager Email> delete drivefileacl <Shared Drive ID> ~email
Google Sheet
The permission.emailAddress is the email address field for the users. Make sure you remove the Shared Drive Manager (organizer) Email from the Google Sheet otherwise this user will get removed and the following command iterations will fail.
gam csv gsheet <Sheet Owner Email> <File ID> '<Sheet Name>' gam user <Shared Drive Manager (organizer) Email> delete drivefileacl <Shared Drive ID> ~permission.emailAddress
Google Sheet
Add users to a folder within a Shared Drive. Change the role as required.
gam csv gsheet <Sheet Owner Email> <File ID> '<Sheet Name>' gam user <Shared Drive Manager (organizer) Email> add drivefileacl <Drive Folder ID> user ~permission.emailAddress role viewer
This will update the file name of files inside a users Drive, from a CSV file (update.csv), which contains the user, fileID and NewFileName
gam csv update.csv gam user ~user update drivefile id ~fileID newfilename ~NewFileName
Team Drives without Organizers means that they cannot be fully managed, deleted, if no longer needed.
gam print teamdrives query "organizerCount = 0"
gam add drivefileacl <Team Drive ID> user <new organizer email address> role organizer
gam print teamdrives todrive