pwm
GAM
pwm | GAM | |
---|---|---|
16 | 72 | |
878 | 2,596 | |
-0.1% | - | |
6.2 | 9.5 | |
5 months ago | over 2 years ago | |
Java | Python | |
GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pwm
- Adding LDAP to your self-hosted SSO setup
- How do you help WFH users who forgot their password and can't get into their laptop?
-
What Open Source Projects Do You Use In Your District?
PWM-Project -- Self service password reset.
- AD question
-
Free/Inexpensive option for Self Service AD Password Resets?
Checkout PWM: https://github.com/pwm-project/pwm
-
Google Password Sync from AD
It is called pwm. It is an ldap chai application. I had a developer write the google plugin for the external connector config. https://github.com/pwm-project/pwm
-
Had a hell of a time getting Keycloak/Mariadb/OpenLDAP SSO Docker Compose stack running. Finally got it and did a write-up. Hope it helps someone!
been struggling with pwm and FreeIpa the last few days (wrapping my head around schema changes cuz i was to lazy too create a separate database)... i'm going to give the a good look at your write up.. it's very much appreciated
-
Assistance installing pwm using docker.io on Ubuntu 18.04.
As the title suggests I've hit a roadblock while trying to bring a password management server on Ubuntu using Docker. The software is called PWM and near the end of the instructions for the docker installation, it asks me to run this command docker create --name mypwm pwm/pwm-webapp -p '8443:8443' -v '/config:/home/user/pwm-config
-
Centralized user management, I did a small comparison but I need to decide which one to pick
Use PWM for self-serve password management stuff, works against AD, LDAP, more
-
Passwort Self-Service für Microsoft AD
Wir haben PWM hier laufen. Läuft 1a.
GAM
-
What Open Source Projects Do You Use In Your District?
GAM and GAMADV-XTD3 -- Command line tool for managing G Suite. Allows me to run scripts to manage accounts. Very useful for setting student photos on their G Suite accounts. Great tool for any G Suite admin.
-
Remove shares to external non owner users
#!/usr/bin/env python2 """ # Purpose: For a Google Drive User(s), show all drive file ACLs for files shared with users outside of your account. # Note: This script can use Basic or Advanced GAM: # https://github.com/jay0lee/GAM # https://github.com/taers232c/GAMADV-XTD3 # Usage: # 1: Get users in account # $ Basic: gam print users > accountusers.csv # $ Advanced: gam redirect csv ./accountusers.csv print users # 2: Get ACLs for all files, if you don't want all users, replace all users with your user selection in the command below # $ Basic: gam all users print filelist id title permissions owners > filelistperms.csv # $ Advanced: gam config auto_batch_min 1 redirect csv ./filelistperms.csv multiprocess all users print filelist fields id,title,permissions,owners.emailaddress # 3: From that list of ACLs, output a CSV file with headers "Owner,driveFileId,driveFileTitle,permissionId,role,emailAddress" # that lists the driveFileIds and permissionIds for all ACLs with the non-account users # (n.b., driveFileTitle, role, and emailAddress are not used in the next step, they are included for documentation purposes) # $ python GetSharedWithNonAccountUsersDriveACLs.py accountusers.csv filelistperms.csv deleteperms.csv # 4: Inspect deleteperms.csv, verify that it makes sense and then proceed # 5: Delete the ACLs # $ gam csv deleteperms.csv gam user "~Owner" delete drivefileacl "~driveFileId" "~permissionId" """ import csv import re import sys FILE_NAME = 'name' ALT_FILE_NAME = 'title' QUOTE_CHAR = '"' # Adjust as needed LINE_TERMINATOR = '\n' # On Windows, you probably want '\r\n' PERMISSIONS_N_TYPE = re.compile(r"permissions.(\d+).type") if (len(sys.argv) > 3) and (sys.argv[3] != '-'): outputFile = open(sys.argv[3], 'wb') else: outputFile = sys.stdout outputCSV = csv.DictWriter(outputFile, ['Owner', 'driveFileId', 'driveFileTitle', 'permissionId', 'role', 'emailAddress'], lineterminator=LINE_TERMINATOR, quotechar=QUOTE_CHAR) outputCSV.writeheader() if (len(sys.argv) > 2) and (sys.argv[2] != '-'): inputFile = open(sys.argv[2], 'rbU') else: inputFile = sys.stdin accountUsers = set("[email protected]") usersFile = open(sys.argv[1], 'rbU') for row in csv.DictReader(usersFile, quotechar=QUOTE_CHAR): accountUsers.add(row['primaryEmail']) usersFile.close() for row in csv.DictReader(inputFile, quotechar=QUOTE_CHAR): for k, v in row.iteritems(): mg = PERMISSIONS_N_TYPE.match(k) if mg and v == 'user': permissions_N = mg.group(1) if row.get('permissions.{0}.deleted'.format(permissions_N)) == 'True': continue emailAddress = row['permissions.{0}.emailAddress'.format(permissions_N)] if row['permissions.{0}.role'.format(permissions_N)] != 'owner' and emailAddress not in accountUsers: outputCSV.writerow({'Owner': row['owners.0.emailAddress'], 'driveFileId': row['id'], 'driveFileTitle': row.get(FILE_NAME, row.get(ALT_FILE_NAME, 'Unknown')), 'permissionId': 'id:{0}'.format(row['permissions.{0}.id'.format(permissions_N)]), 'role': row['permissions.{0}.role'.format(permissions_N)], 'emailAddress': emailAddress}) if inputFile != sys.stdin: inputFile.close() if outputFile != sys.stdout: outputFile.close()
-
What Open Source Projects Are You Using?
GAM - Google Workspace. I don't know what I'd do without this.
-
Google as email server
use GAM to share and accept on users behalf https://github.com/jay0lee/GAM It's incredibly powerful and it's all command line.
-
Syncing Google Workspace Users with Microsoft AD
GAM If you have not yet have the pleasure of using GAM, I would highly recommend trying it out -- it's not exactly pertinent to this post, but if you've not used it, it's amazing, and a huge time saver when trying to manage Google sometimes.
-
Has anyone had any experience working tech jobs for K-12 schools? What should I expect? What skills should I brush up on?
It's easy enough to stumble through, and Google provides training online. Also, look into GAM, https://github.com/jay0lee/GAM. Best tool you can ever use.
-
Transfer User inc all data from one Workspace account to another
We had to do this a couple years ago when we moved ~500 accounts from one Workspace tenant to another. We used MigrationWiz and GAM to make it less painful, but it still wasn't the prettiest thing ever. If we had to do it over again we'd probably use Google Workspace Migrate which wasn't an option back then.
-
Clean Up Inactive Google Accounts
GAM is probably your best bet. You can run a query for suspended accounts and move them to a specified OU. You can also run a query for users with last logon time equal to whatever and then move those accounts.
-
Offboarding Google Workspace User
If it's a very regular process / procedure, you may want to look at https://github.com/jay0lee/GAM
-
Workspace account - change primary domain
Do check out GAM, it might do it (not all at Google know about this tool): https://github.com/jay0lee/GAM/releases
What are some alternatives?
self-service-password - Web interface to change and reset password in an LDAP directory
GAMADV-XTD3 - Command line tool to manage Google Workspace
lldap - Light LDAP implementation
PSGSuite - Powershell module for Google / G Suite API calls wrapped in handy functions. Authentication is established using a service account via P12 key to negate the consent popup and allow for greater handsoff automation capabilities
authelia - The Single Sign-On Multi-Factor portal for web apps
gdown - Google Drive Public File Downloader when Curl/Wget Fails
passcore - A self-service password management tool for Active Directory
ImapSync - Imapsync is an IMAP transfers tool. The purpose of imapsync is to migrate IMAP accounts or to backup IMAP accounts. IMAP is one of the three current standard protocols to access mailboxes, the two others are POP3 and HTTP with webmails, webmails are often tied to an IMAP server. Upstream website is
OpenDJ
got-your-back - Got Your Back (GYB) is a command line tool for backing up your Gmail messages to your computer using Gmail's API over HTTPS. [Moved to: https://github.com/GAM-team/got-your-back]
pac4j - Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Google-rank-tracker - SEO: Python script + shell script and cronjob to check ranks on a daily basis