Google Workspace Administration Project

Introduction

Effective administration of a digital workplace is crucial for organizational efficiency, security, and scalability. This project demonstrates a comprehensive setup and management of a Google Workspace environment for a mock company, `sanjaytech.io`.

Problem Statement

As organizations grow, manually managing users and enforcing security policies becomes inefficient and error-prone. This project addresses these challenges by creating a scalable Workspace architecture where security is granularly applied and user onboarding is automated.

Key Objectives

  • Structure the organization using distinct Organizational Units (OUs).
  • Implement department-specific security and data-sharing policies.
  • Automate user onboarding with GAM (Google Apps Manager) and scripting.
  • Enforce foundational device security for mobile and desktop endpoints.

Project Analysis

This project centers on the core pillars of modern IT administration: structure, security, and automation. By segmenting users into `HR` and `Engineering` OUs, we can move away from a one-size-fits-all security model and apply nuanced policies where they matter most.

Design Details

  • Workspace Configuration: Established `HR` and `Engineering` OUs under the `sanjaytech.io` domain via the Admin Console.
  • User and Group Provisioning: Created test users and corresponding Google Groups (`hr-team@` and `engineering@`) to simulate a real departmental structure.
  • Policy Implementation: Enforced 2FA for the Engineering OU, set strict Drive sharing rules for HR, and applied mobile device policies (screen lock, blocking rooted devices).

Automation with GAM (Google Apps Manager)

The true power of this project is showcased in its use of automation. By scripting the onboarding process with GAM, we transition from manual, error-prone "click-ops" to a reliable, repeatable, and scalable workflow. The `gam-onboard.sh` script serves as a real-world example of how to handle batch user creation efficiently.

Automation Scripting Details

The `gam-onboard.sh` script was designed to parse a CSV file. For each row, it executes three GAM commands to:

  1. Create a new user with a specified name, password, and OU assignment.
  2. Add that new user to their designated departmental Google Group.
  3. Assign a `SendAs` email alias to the user's Gmail account.

Implementation Results and Discussion

The project was executed successfully, resulting in a well-structured and secure Google Workspace environment. The automated onboarding script functioned as designed, proving the viability of this approach for scalable user management. The application of distinct policies at the OU level was also successful, demonstrating the ability to enforce a stricter security posture for one team while applying data-centric controls for another.

Conclusion

This Google Workspace Administration project effectively demonstrates the key competencies required to manage a modern digital workplace. By successfully building a departmental hierarchy, applying tailored policies, and scripting the user onboarding process, this project proves a deep understanding of both the strategic principles and the practical, hands-on skills necessary for effective Google Workspace management.

Link to the Project