Remove shares from owned files in Google Drive

With GAT Flow, Admins can select one or multiple users of the domain and remove the shares of all the files owned by those selected users.

GAT Flow is a user management tool. It allows the Admins to onboard, offboard, and modify existing users. This can be done manually or via automated workflows. There are multiple different actions that can also be taken.

Remove shares from owned files #

A user can own millions of files in their domain, this action allows to remove all the shares of those (million) files and make them private.

This action will unshare all files that are owned by the affected user.

Navigate to Flow > Create workflow (1) > Workflow type (2)

Note: This can be done with Event or Recurring workflows too.

Fill in the details (3) for the workflow.

  • Name – enter workflow name
  • Description – enter workflow description (optional)
  • Type – select type of workflow
    • Modify – modify current users
    • Offboard – offboard and delete user accounts

Create workflow in GAT Flow

In the next stage Search for users (1) – select the users you need

  • Search for a user – pick users individually
  • Search for a group – pick a group of users
  • Search for an OU – pick an org. unit of users

Then click Proceed to actions

Searching for user when creating workflow

In the next Choose actions step, pick the actions to be taken.

Click on the + button (2) to add an Action (or ++ button to add via Action sets).

A pop-up window will be displayed, search and select Unshare-owned files (3)

Then select Scopes (4)- to choose which scopes you want to remove from the files the user owns

    • Viewer – Viewer permission on the owned files
    • Commenter – Commenter permission on the owned files
    • Editor – Editor permissions on the owned files

Select action for files share

  • Send approval request (5) – click on when the action and scopes are selected

Security officer approval #

When the request is sent, the Security officer will receive an email for the approval required.

Approval email sent to security officers

When the request is approved the workflow will be set to run.

Result #

When the workflow has run, the Admin can see the result on the Workflow (1) page.

Results of the actions

As result, all the files owned by the chosen users will become private and not shared with anyone, as they were “unshared“.

After a new scan in GAT+, you can see that the files owned by the users are private and not shared.

update repost in Gat+

Admin Log result #

Admin can also see the result in the Admin log of all the changes that happen.

Navigate to GAT+ > Configuration (1) > Admin Log (2) > Action (Permission change).

Admin Log results

Click on the Additional information > Eye icon (3) to see more details.

reverting changes if not required

The changes can be also reverted. To do that, click on Revert changes. 

Related Posts #

This website uses cookies to ensure you get the best experience on our website