Date and Month display

Friday, April 2, 2021

Export the Full control, permission type and modified date, across sub sites on SharePoint online Site collection

<#*****-----------------------------------------------------------------------******

Author          -> Shiv Mangal Singh

Date            -> 3rd April - 2021

Description     -> This Script will generate the Full control, permission type and modified date, across sub sites on SharePoint online Site collection.

******-----------------------------------------------------------------------******#

##Variables 

$SiteURL = "https://contososmstomar93.sharepoint.com/sites/PowerAppsSMS"

$FileUrl = "D:\PowerShell\Report\SubSites_Report.csv"


#Connect to Site  Collection

Connect-PnPonline -Url $SiteURL -UseWebLogin

 

#Get the web

$Site = Get-PnPWeb


# Create header for Report in CSV file

"Site Url `t Site Modified `t SharePoint Group/ Direct Permission `t GroupUser/ User `t PermissionType `t PermissionLevel " | out-file $FileUrl


#Get the Webs/ sub sites

 $Web = Get-PnPSubWebs -Recurse -Includes RoleAssignments, LastItemModifiedDate


# Loop through each sub sites 

foreach($Subsite in $Web)

{

foreach($RoleAssignment in $Subsite.RoleAssignments)

{

    #Get the Permission Levels assigned and Member

    Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member

     

    #Get the Full control permission Level

    $PermissionLevels = ($RoleAssignment.RoleDefinitionBindings | Select -ExpandProperty Name | Where { $_ -eq "Full Control"} ) -join ","

     

    #Leave Principals with no Permissions

    If($PermissionLevels.Length -eq 0) 

    {

    Continue

    }

 

 #Check direct permissions

    $PermissionType = $RoleAssignment.Member.PrincipalType

 

 #Get SharePoint group members

    If($PermissionType -eq "SharePointGroup")

    {

        #Get Group Members

        $GroupMembers = Get-PnPGroupMembers -Identity $RoleAssignment.Member.LoginName

                   

        #Leave Empty Groups

        If($GroupMembers.count -eq 0)

        { 

        Continue 

        }

        $GroupUsers = ($GroupMembers | Select -ExpandProperty LoginName | Where { $_ -ne "SHAREPOINT\system"}) -join "; "

   

   # Send the Data to Report file, from SharePoint Group

    "$($Subsite.Url) `t $($Subsite.LastItemModifiedDate) `t $($RoleAssignment.Member.Title) `t $($GroupUsers) `t $($PermissionType) `t $($PermissionLevels)" | Out-File $FileUrl -Append

    }


   else

     {

     # Send the Data to Report file, from direct user permission

  

      "$($Subsite.Url) `t $($Subsite.LastItemModifiedDate) `t Direct Permission `t $($RoleAssignment.Member.LoginName) `t $($PermissionType) `t $($PermissionLevels)" | Out-File $FileUrl -Append

     }

    }

    }