Reads from your Samba4 AD and updates passwords in Google Apps Note that this solution requires you to enable "password hash userPassword schemes = CryptSHA256 CryptSHA512" in smb.conf
- add params "password hash userPassword schemes = CryptSHA256 CryptSHA512" in smb.conf
- restart samba
- Change the password of a user to synchronize (changing the password will be mandatory for all users in order to feed the new hashes)
- apt-get install git python3-googleapi python3-pycryptodome python3-peewee -y
- cd /tmp
- git clone https://github.com/sfonteneau/samba4-gaps.git
- mv samba4-gaps /opt/samba4-gaps
- mkdir /etc/gaps
- cp -f gaps.conf.template /etc/gaps/gaps.conf
- cp -f service.json.template /etc/gaps/service.json
- Configure /etc/gaps/gaps.conf
- Create a project in Google API Console and add Admin SDK permission (read/write)
- Create a JSON Config for your project in Google Developer Console (Service accounts, addkey, json)
- Install the JSON config to your samba machine in /etc/gaps/service.json
- cd /opt/samba4-gaps
- python3 gaps.py
If you are not under debian or if you do not have the packages available :
- apt-get install python3-pip
- pip3 install -r /opt/samba4-gaps/requirements.txt
show log in /var/log/samba4-gaps.log in json format
- If you are having issues with Google Permissions - you might need to add domain-wide authority to your service Delegate domain-wide authority to your service account https://developers.google.com/drive/web/delegation#delegate_domain-wide_authority_to_your_service_account