I have to sync account information across 3 different platforms. I wrote a password script that will update a users account information in LDAP, our Student Information System, and in gmail (for edu). I had no issues with older migration api, but that is going away in the coming months.
I wrote a new library to use oauth2 and the adminSDK to manage my user accounts. Im using a service account and specifying a superadmin account to preform account creations and password updates. This works perfectly fine with normal accounts. However, it seems that I cannot reset my own password (Im an admin).
So far the things that my library can do are: search, create, update, and delete NON-ADMIN accounts. Things that do not work: promote an account to admin, undelete an account, change admin account information (password for example).
Changing admin account info results in: "Not Authorized to access this resource/api" error.
Is there any way to get around this issue? If not, this severely cripples my ability to use the new API to manage my users. well, the admin users anyway. I need it to work for all users, even the hand full of administrators. I simply don'y see the point of a service account impersonating an admin, and then does not have all the proper rights to change account info on all accounts, especially when the previous API allowed it.
please advise.
I can also provide my library for anyone interested in using it.
-Jerry
