This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Automatically moving some users to new ou

Posted on 09-12-2022 07:18 AM
byounis
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM
I am looking for a way to move users automatically if the user title is a manager or his email@zxy.com.
 
yes, I can move it manually, but I have 300 users who need to be moved and keeps updating.
yes, I can do it with CSV but also this is done manually every day to update.
 
so I am looking if there are any scripts to run with gam or tasks that can do this.
 
every day at 8 am task will run to check the main OU and move any users matching the search result to the new OU.
 
Thanks 
0 3 1,078
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
goldyarora
Staff
Reply posted on --/--/---- --:-- AM

Though you may leverage apps script with time based trigger to do that, but am curious to understand your use case for it, are you trying to based time based access restrictions?

if yes, context aware access with date/time based policy would be a better option.

0 Likes

Posted on --/--/---- --:-- AM
byounis
Bronze 1
Bronze 1
In response to goldyarora
Reply posted on --/--/---- --:-- AM

Thanks @goldyarora ,

i have a synced OU with no application access , nothing on google identity provider , this OU sync from AD, there are many automation attached to this OU, so I can't move any users from the local OU in AD.

The google support team asked me to create new OU on google and try to move any user that required email access because under google I disabled any application for that OU.

now I need a script or automation to look for user's end with @zxd.com domain and move the user to new ou so they can access the email and auto licenses.

Thanks

0 Likes

Posted on --/--/---- --:-- AM
goldyarora
Staff
In response to byounis
Reply posted on --/--/---- --:-- AM

I understand, though apps script can do that with time based trigger e.g run moveFunction every morning automatically at 8 a.m as you need (later part of this video shows how to leverage time based triggers in apps script https://youtu.be/IFecKxi3WN4) but moves from orgUnit may take sometime in propagation. 

If you are on context aware access supported subscription, you may better leverage date time based access policy (https://cloud.google.com/access-context-manager/docs/time-and-date-conditions) which might say if the user is trying to access this specific app or apps (e.g Gmail) between this to this time, then allow or don't allow access.

Top Labels in this Space
Top Solution Authors
View all