Google SA errors

Right now I have 3 accounts setup with rclone

GDrive is my normal google business domain account with a single user. This works perfectly.

Team01 is a service account I setup, this is not working at all. I set this up as a Team Drive account and gave it the correct Folder information

Team02 is a 2nd service account I setup. This account I did NOT assign it to a Team Drive merely to the main account itself.

It works but only the service account can see the files. If I try and view the files via the web browser they do not appear.


type = drive
scope = drive
token = {access_token&;ya29.YADA-YADA-YADA-YADA;token_type;Bearer;refresh_token"1-YADA-YADA-YADAexpiry;2019-03-11T23:56:51.704339-07:00}
team_drive = 0ALfgYTQ5zuvTUk9PVA

type = drive
client_id = 123456789012345678901
scope = drive
service_account_file = teamloaders-Team01-0Y0A0D214Ada.json
team_drive = 0ALfgYTQ5zuvTUk9PVA

type = drive
client_id = 012345678901234567890
scope = drive
service_account_file = teamloaders-Team02-Y0A0D214YAda.json

You will notice the the GDrive account and the Team01 account use the same folder name, yet Team01 says it cannot see it.

By default service accounts get their own hidden area. If you want to see the files of a user then you’ll need to use --drive-impersonate - you can put impersonate = in the config file too.

I did the impersonate, as you can see in the logs, and still I cannot see the files.

If I try and do the impersonate for the Team Drive account it throws errors back at me.

Team01 user is tied to Team Drive, it gives the error message of:
Failed to copy: googleapi: Error 404: File not found: 0ALfgYTQ5zuvTUk9PVA

Team02 user is tied to the My Drive impersonate uploads the file but I cannot see them.

Maybe I am doing impersonate wrong? A I supposed to impersonate the Main Google Business account user? GDrive is my official account. A little confused on the impersonate flags.

I’m not 100% sure how team drives an impersonate interact…

@Animosity022 - you use service accounts don’t you - is this something you have knowlege of?

From what I think, the impersonate needs to be given permissions in the API console. I’m by no means an expert on the service accounts and I’ve tested with 1.46 and I can see it does work for me.

rclone lsd TestGD: --drive-impersonate
          -1 2018-06-07 10:05:06        -1 Arq Backup Data
          -1 2019-02-28 09:42:12        -1 backup
          -1 2017-06-09 09:59:43        -1 media

I’m not using a team drive.

I stepped through the docs on how to set it up for the service account. Can you give some more details on how you granted permissions?

As soon as I get it working correctly I will post back, just got home so going to do more tinkering with it.

I think the problem is the interaction between service accounts and team drives but I don’t know enough about it to say for sure!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.