Procedure
I'm going to:
1. Get a OrgUnit from the Google Directory API
2. Read the OrgUnit and collect the required Data
3. Try to delete the OrgUnit I just collected.
This somehow results in a 404 [Not Found] Error
Please keep in mind that the DirectoryService Class I am using, is working properly.
I modified the code in this example to make it easy to read, for example: Exception handling is not included etc.
The API
using Google.Apis.Admin.Directory.directory_v1
1. Get a OrgUnit from the Google Directory API
DirectoryService directoryService = ServiceInitializers.InitializeDirectoryService();
OrgUnit oUnit = directoryService.Orgunits.List(Settings.customerId).Execute().OrganizationUnits.FirstOrDefault();
2.Read the OrgUnit and collect the required Data
string orgUnitPath = oUnit.OrgUnitPath;
3.Try to delete the OrgUnit I just collected
var orgUnitDeleteResult = directoryService.Orgunits.Delete(Settings.customerId, orgUnitPath).Execute();
The Exception
GoogleApiException was unhandled
An unhandled exception of type 'Google.GoogleApiException' occurred in Google.Apis.dll
Additional information: Google.Apis.Requests.RequestError Org unit not found [404]
My reputation isn't high enough to add a comment to get clarification before posting an answer, so I'll have to make some assumptions here.
First assumption is that you're using a service account to access the API.
Second assumption is that you've got a certificate from your Google administrative control panel and that's all in order.
I had a similar issue when I was updating user accounts through the API, and what fixed it for me was having a directory administrator account act as a delegate for the service account.
Here's the code I use to initialize my Google Directory Service.
private static DirectoryService initializeGoogleDirectoryService()
{
try
{
String serviceAccountEmail = "your_service_account_email@developer.gserviceaccount.com";
var certificate = new X509Certificate2(@"your_certificate_name.p12", "your_secret", X509KeyStorageFlags.Exportable);
// For the service account to work, a user with admin privs must be assigned as the delegate.
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(serviceAccountEmail)
{
// Change the scope here to the one you need to modify org units.
Scopes = new[] { DirectoryService.Scope.AdminDirectoryUser },
User = "administrator_account@your_google_apps_domain.com"
}.FromCertificate(certificate));
// Create the service.
var service = new DirectoryService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Your_Application_Name"
});
return service;
}
catch (Exception ex)
{
// Exception handling code below.
return null;
}
finally
{
}
}