<#
******-----------------------------------------------------------------------******
Author -> Shiv Mangal Singh
Date -> 6th June - 2017
Description -> This Script will check the users permission from multiple site collections through CSV file as site collection and users parameter
Path of csv file->$FileUrl = "D:\contosoMW_Team\Shiv\PS\Report_6May2017.CSV"
Site Collection Name and users name -->$SiteandUsersData = Import-Csv "D:\contosoMW_Team\Shiv\PS\SiteandUsersData.csv"
******-----------------------------------------------------------------------******
#>
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
# Read All Site Collections name & users from SiteandUsersData.csv file
$SiteandUsersData = Import-Csv "D:\contosoMW_Team\Shiv\PS\SiteandUsersData.csv"
$FileUrl = "D:\contosoMW_Team\Shiv\PS\Report_6May2017.CSV"
#Write CSV- TAB Separated File) Header
"URL `t Title `t PermissionType `t Permissions `t LoginName `t Email" | out-file $FileUrl
#Loop throuh all Site collection level
foreach($sitename in $SiteandUsersData)
{
$site = Get-SPSite $sitename.Url
Write-Host $sitename.Users
#Loop throuh all Sub Sites
foreach($Web in $site.AllWebs)
{
if($Web.HasUniqueRoleAssignments -eq $True)
{
write-host $Web.URL -ForegroundColor Red
#Iterate through all SPRoleAssignments on the web
foreach($WebRoleAssignment in $Web.RoleAssignments )
{
#Is it a User Account?
if($WebRoleAssignment.Member.userlogin -eq $sitename.Users)
{
$WebUserPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
if($RoleDefinition.Name -ne "Limited Access")
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
#Send the Data to Log file
"$($Web.Url) `t $($Web.Title)`tDirect Permission `t$($WebUserPermissions) `t$($WebRoleAssignment.Member.LoginName)`t$($WebRoleAssignment.Member.Email)" | Out-File $FileUrl -Append
}
}
#Its a SharePoint Group, So search inside the group and check if the user is member of that group
else
{
foreach($user in $WebRoleAssignment.member.users)
{
#Check if the search users is member of the group
if($user.LoginName -eq $sitename.Users)
{
#Get the Group's Permissions on site
$WebGroupPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
if($RoleDefinition.Name -ne "Limited Access")
{
$WebGroupPermissions += $RoleDefinition.Name +";"
}
}
#Send the Data to Log file
"$($Web.Url) `t $($Web.Title)`t Member of $($WebRoleAssignment.Member.Name) Group `t$($WebGroupPermissions) `t$user `t$($user.Email)" | Out-File $FileUrl -Append
}
}
}
}
} # if
}
}
******-----------------------------------------------------------------------******
Author -> Shiv Mangal Singh
Date -> 6th June - 2017
Description -> This Script will check the users permission from multiple site collections through CSV file as site collection and users parameter
Path of csv file->$FileUrl = "D:\contosoMW_Team\Shiv\PS\Report_6May2017.CSV"
Site Collection Name and users name -->$SiteandUsersData = Import-Csv "D:\contosoMW_Team\Shiv\PS\SiteandUsersData.csv"
******-----------------------------------------------------------------------******
#>
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
# Read All Site Collections name & users from SiteandUsersData.csv file
$SiteandUsersData = Import-Csv "D:\contosoMW_Team\Shiv\PS\SiteandUsersData.csv"
$FileUrl = "D:\contosoMW_Team\Shiv\PS\Report_6May2017.CSV"
#Write CSV- TAB Separated File) Header
"URL `t Title `t PermissionType `t Permissions `t LoginName `t Email" | out-file $FileUrl
#Loop throuh all Site collection level
foreach($sitename in $SiteandUsersData)
{
$site = Get-SPSite $sitename.Url
Write-Host $sitename.Users
#Loop throuh all Sub Sites
foreach($Web in $site.AllWebs)
{
if($Web.HasUniqueRoleAssignments -eq $True)
{
write-host $Web.URL -ForegroundColor Red
#Iterate through all SPRoleAssignments on the web
foreach($WebRoleAssignment in $Web.RoleAssignments )
{
#Is it a User Account?
if($WebRoleAssignment.Member.userlogin -eq $sitename.Users)
{
$WebUserPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
if($RoleDefinition.Name -ne "Limited Access")
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
#Send the Data to Log file
"$($Web.Url) `t $($Web.Title)`tDirect Permission `t$($WebUserPermissions) `t$($WebRoleAssignment.Member.LoginName)`t$($WebRoleAssignment.Member.Email)" | Out-File $FileUrl -Append
}
}
#Its a SharePoint Group, So search inside the group and check if the user is member of that group
else
{
foreach($user in $WebRoleAssignment.member.users)
{
#Check if the search users is member of the group
if($user.LoginName -eq $sitename.Users)
{
#Get the Group's Permissions on site
$WebGroupPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
if($RoleDefinition.Name -ne "Limited Access")
{
$WebGroupPermissions += $RoleDefinition.Name +";"
}
}
#Send the Data to Log file
"$($Web.Url) `t $($Web.Title)`t Member of $($WebRoleAssignment.Member.Name) Group `t$($WebGroupPermissions) `t$user `t$($user.Email)" | Out-File $FileUrl -Append
}
}
}
}
} # if
}
}
No comments:
Post a Comment