1

It looks like something has recently changes with the Provisioning API when getting a user account: https://developers.google.com/google-apps/provisioning/#retrieving_users_experimental

previously, if you specified an address that was an Alias/Nickname, not a user, you got a 1301 error. Now it returns results for the primary user. Here's what GAM shows:

Verify that admin2@ is an alias of admin:

C:\gam>gam info alias admin2
send: 'GET https://apps-apis.google.com/a/feeds/alias/2.0/jay.powerposters.org/a
dmin2@jay.powerposters.org HTTP/1.1\r\nAccept-Encoding: identity\r\nHost: apps-a
pis.google.com\r\nContent-Type: application/atom+xml\r\nAuthorization: OAuth rea
lm="", oauth_nonce="xxx", oauth_timestamp="xxx", oauth_consumer_key=
"xxxx", oauth_signature_method="HMAC-SHA1", oa
uth_version="1.0", oauth_token="xxx"
, oauth_signature="xxx"\r\nUser-Agent: Google App
s Manager 2.54 / jay@ditoweb.com (Jay Lee) / Python 2.7.3 final / Windows-7-6.1.
7601-SP1 AMD64 / GData-Python 2.0.14+20110902+custom_mods\r\n\r\n'
reply: 'HTTP/1.1 200 OK\r\n'
header: Content-Type: application/atom+xml; charset=UTF-8
header: Expires: Thu, 15 Nov 2012 21:57:50 GMT
header: Date: Thu, 15 Nov 2012 21:57:50 GMT
header: Cache-Control: private, max-age=0, must-revalidate, no-transform
header: Vary: Accept, X-GData-Authorization, GData-Version
    header: GData-Version: 1.0
    header: Last-Modified: Thu, 15 Nov 2012 21:57:50 GMT
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
 Alias Email: admin2@jay.powerposters.org
 User Email: admin@jay.powerposters.org

Get "user" alias2:

C:\gam>gam info user admin2
send: 'GET https://apps-apis.google.com/a/feeds/user/2.0/jay.powerposters.org/ad
min2@jay.powerposters.org HTTP/1.1\r\nAccept-Encoding: identity\r\nHost: apps-ap
is.google.com\r\nContent-Type: application/atom+xml\r\nAuthorization: OAuth real
m="", oauth_nonce="xxx", oauth_timestamp="xxx", oauth_consumer_key="
xxx", oauth_signature_method="HMAC-SHA1", oau
th_version="1.0", oauth_token="xxx",
 oauth_signature="xxx"\r\nUser-Agent: Google Apps Man
ager 2.54 / jay@ditoweb.com (Jay Lee) / Python 2.7.3 final / Windows-7-6.1.7601-
SP1 AMD64 / GData-Python 2.0.14+20110902+custom_mods\r\n\r\n'
reply: 'HTTP/1.1 200 OK\r\n'
header: Content-Type: application/atom+xml; charset=UTF-8
header: Expires: Thu, 15 Nov 2012 21:59:32 GMT
header: Date: Thu, 15 Nov 2012 21:59:32 GMT
header: Cache-Control: private, max-age=0, must-revalidate, no-transform
header: Vary: Accept, X-GData-Authorization, GData-Version
header: GData-Version: 1.0
header: Last-Modified: Thu, 15 Nov 2012 21:59:32 GMT
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
User: admin2@jay.powerposters.org
First Name: Admin+
Last Name: USER
Is an admin: true
Has agreed to terms: true
IP Whitelisted: false
Account Suspended: false
Must Change Password: false

This new behavior breaks GAM commands like "gam whatis " since that command relied on getting the 1301 when trying to access the address as a user. I can imagine other apps that functioned similarly also broke.

Jay

Jay Lee
  • 13,415
  • 3
  • 28
  • 59

0 Answers0