Avoiding Google Captcha's on your network

Your network may generate captcha'a if Google things you are sending too many duplicate requests to them. The end result of this can be Google search stops working or if you use a cloud-based filtering service (like Securly for us) - then your ability to proxy Google searches gets revoked for a time.

There are lots of reasons this can happen - malware, use of services like vpns and the tor network. These things should be within your control to manage/block. However, it turns out that one of the key factors is what you put in the Chrome policy "Omnibox Search Provider Suggest URL". I recently got the following string from Securly who got it from Google:

{google:baseURL}complete/search?output=chrome&q={searchTerms}

Now, why didn't I think to put that in......

So out policy looks like:

If you use the setting suggested in the list of Chromium policies, this apparently generates multiple duplicate requests. Since modifying this policy we have had zero issues.

Comments

Delete a specific email using GAM

If a user send an inappropriate email to a loads of people or get stung by some sort of email exploit you can quickly delete the email from all of the recipients using a GAM command. Step 1 - get the email header Go into Google Vault and search for the offending user or someone known to have got the message. Click show details and grab the email ID. This will be a long string of characters followed by @mail.gmail.com Step 2 - find out who has the email Go into Google Vault and find the original message sent by the offending user. Look at the details to see who got it. Copy the list and dump it into a spreadsheet. Clean up to just a list of emails with a column header 'mail'. Save as a csv file. Step 3 - delete messages with GAM Put your CSV file in your GAM folder - this e.g. assumes its called mail.csv Run: gam csv mail.csv gam user ~mail delete messages query rfc822msgid: MESSAGEIDHERE doit The alternative nuke option is: gam all users delete messages query rf

Adding subdomains to G Suite

This is how I add subdomains (so basically new schools) to out G suite setup. I've got these steps documented on a scruffy set of notes that I've now got in Keep - so time to document them - for myself as much as anyone else! Steps in order (roughly) Add the new domain Verify the new domain Add MX records to hosting Add SPF record for Google to hosting Turn on email authentication Add DMARC record to hosting Setup custom Directory and restrict students OU to this. Create an admin quarantine for the domain. Configure SPAM setting for the domain. Turn on and off services as appropriate. Map a blank Google Site to the naked domain - if required. Setup some basic groups - allstaff, allusers (for directory) and students with appropriate permissions. Deploy custom wallpapers. So the steps in a bit of detail: Add the new domain & Verify ownership Click on Domains in the admin console: Add/remove domains followed by "add a domain" At this

My favorite GAM commands - well a few of them at least!

Where would be without GAM? Paying for expensive syncing tools or doing tedious manual tasks in the admin console. GAM can automate most things you might want to do in G Suite. So these are a few of my favourite commands - one I use either as part of a batch file - or just standalone. There are loads more - but these are ones that are used daily. Classroom Create a spreadsheet of all your domains classes - gam print courses todrive Create a spreadsheet of a teacher's classes: gam print courses teacher fred@mydomain.com todrive Bulk create classes: gam csv classes.csv gam create course alias ~alias name ~alias section ~subject teacher ~teacher status ACTIVE where classes.csv is a list of classes you want to make. Add teachers: gam csv teachers.csv gam course ~alias add teacher ~teacher Add students: gam csv students.csv gam course ~alias add teacher ~student Sync Students (in this example to a group - but could be an ou/csv file) gam csv groups.csv gam course ~g

IT Ideas

Search This Blog