<#
******-----------------------------------------------------------------------******
Author -> Shiv Mangal Singh
Date -> 14 th April - 2017
Description -> This Script will generate User's permission report from SharePoint online site collection through each groups with direct users permission also
Path of csv file --> $FileUrl =$FileUrl ="D:\shiv\Powershell\Report.csv"
Site Collection URL --> $siteUrl = "https://ms.connect.contoso/teashare/ht" # change the site collection name.
******-----------------------------------------------------------------------******
#>
#Import-Module ‘C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell’ -DisableNameChecking
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
# Required Parameter
$siteUrl = "https://ms.connect.contoso/teashare/ht"
$loginname = "shivsingh@contoso.com"
$FileUrl ="D:\shiv\Powershell\Report.csv"
# Get Password as secure string
Write-Host "Please enter password for $($siteUrl):"
$pwd = Read-Host -AsSecureString
# Get the Client Context & Bind the site collection
$ctx = New-Object Microsoft.SharePoint.Client.ClientContext($siteUrl)
# Authenticate and Setup Credential to connect
$ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($loginname, $pwd)
# Create header for Report in CSV file
"Site Collection `t Permission Type/ Group Name `t Login Name `t Permission " | out-file $FileUrl
# Access the Site collection
$rootWeb = $ctx.Web
# Load the Site collection
$ctx.Load($rootWeb)
$ctx.ExecuteQuery()
# Load the site group
$SiteGroup=$rootWeb.SiteGroups
$ctx.Load($SiteGroup)
# Execute Query to the server
$ctx.ExecuteQuery()
$WebRoleAssignments = $rootWeb.RoleAssignments
$ctx.Load($WebRoleAssignments)
$ctx.ExecuteQuery()
# Get direct/explicit users permission from site collection
foreach($WebRoleAssignment in $WebRoleAssignments)
{
$ctx.Load($WebRoleAssignment.Member)
$ctx.Load($WebRoleAssignment.RoleDefinitionBindings)
$ctx.ExecuteQuery()
if($WebRoleAssignment.Member.PrincipalType -eq [Microsoft.SharePoint.Client.Utilities.PrincipalType]::User)
{
Write-Host $WebRoleAssignment.Member.LoginName
#Get the Permissions assigned to user
$WebUserPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
$ctx.Load($RoleDefinition)
$ctx.ExecuteQuery()
# Exclue 'Limited Access'
if($WebUserPermissions.Name -ne "Limited Access")
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
}
# split login name
$UsersLoginName =$WebRoleAssignment.Member.LoginName.split('|')[2]
"$($rootWeb.Url)`t Direct Permission `t $($UsersLoginName) `t $($WebUserPermissions)" | Out-File $FileUrl -Append
}
}
# Ended loop direct users permission list from site
#Get users permission list from SharePoint group
foreach($grpUser in $SiteGroup)
{
try
{
$ctx.Load($grpUser)
$ctx.ExecuteQuery()
$siteuser = $grpUser.Users
$ctx.Load($siteuser)
$ctx.ExecuteQuery()
$grpWebRoleAssignment = $rootWeb.RoleAssignments.GetByPrincipal($grpUser)
foreach($WebRoleAssignment in $grpWebRoleAssignment)
{
$ctx.Load($WebRoleAssignment)
$RoleDefinitions =$WebRoleAssignment.RoleDefinitionBindings
$ctx.Load($RoleDefinitions)
$ctx.ExecuteQuery()
$WebUserPermissions=@()
foreach ($RoleDefinition in $RoleDefinitions)
{
#Excldue "Limited Access" users permission
if($RoleDefinition.Name -ne "Limited Access")
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
}
# Iterate users
foreach($user in $siteuser)
{
$ctx.Load($user)
$ctx.ExecuteQuery()
if($WebUserPermissions)
{
"$($rootWeb.Url) `t $($grpUser.Title) `t $($user.Title) `t $($WebUserPermissions)" | Out-File $FileUrl -Append
}
}
}
}
catch [System.Exception]
{
$Errormessage =$_.Exception.Message
Write-Host "Can not find the user in this SharePoint group ID" "[$Errormessage]" -ForegroundColor Cyan
}
}
#Ended users permission list from SharePoint groups
******-----------------------------------------------------------------------******
Author -> Shiv Mangal Singh
Date -> 14 th April - 2017
Description -> This Script will generate User's permission report from SharePoint online site collection through each groups with direct users permission also
Path of csv file --> $FileUrl =$FileUrl ="D:\shiv\Powershell\Report.csv"
Site Collection URL --> $siteUrl = "https://ms.connect.contoso/teashare/ht" # change the site collection name.
******-----------------------------------------------------------------------******
#>
#Import-Module ‘C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell’ -DisableNameChecking
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
# Required Parameter
$siteUrl = "https://ms.connect.contoso/teashare/ht"
$loginname = "shivsingh@contoso.com"
$FileUrl ="D:\shiv\Powershell\Report.csv"
# Get Password as secure string
Write-Host "Please enter password for $($siteUrl):"
$pwd = Read-Host -AsSecureString
# Get the Client Context & Bind the site collection
$ctx = New-Object Microsoft.SharePoint.Client.ClientContext($siteUrl)
# Authenticate and Setup Credential to connect
$ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($loginname, $pwd)
# Create header for Report in CSV file
"Site Collection `t Permission Type/ Group Name `t Login Name `t Permission " | out-file $FileUrl
# Access the Site collection
$rootWeb = $ctx.Web
# Load the Site collection
$ctx.Load($rootWeb)
$ctx.ExecuteQuery()
# Load the site group
$SiteGroup=$rootWeb.SiteGroups
$ctx.Load($SiteGroup)
# Execute Query to the server
$ctx.ExecuteQuery()
$WebRoleAssignments = $rootWeb.RoleAssignments
$ctx.Load($WebRoleAssignments)
$ctx.ExecuteQuery()
# Get direct/explicit users permission from site collection
foreach($WebRoleAssignment in $WebRoleAssignments)
{
$ctx.Load($WebRoleAssignment.Member)
$ctx.Load($WebRoleAssignment.RoleDefinitionBindings)
$ctx.ExecuteQuery()
if($WebRoleAssignment.Member.PrincipalType -eq [Microsoft.SharePoint.Client.Utilities.PrincipalType]::User)
{
Write-Host $WebRoleAssignment.Member.LoginName
#Get the Permissions assigned to user
$WebUserPermissions=@()
foreach ($RoleDefinition in $WebRoleAssignment.RoleDefinitionBindings)
{
$ctx.Load($RoleDefinition)
$ctx.ExecuteQuery()
# Exclue 'Limited Access'
if($WebUserPermissions.Name -ne "Limited Access")
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
}
# split login name
$UsersLoginName =$WebRoleAssignment.Member.LoginName.split('|')[2]
"$($rootWeb.Url)`t Direct Permission `t $($UsersLoginName) `t $($WebUserPermissions)" | Out-File $FileUrl -Append
}
}
# Ended loop direct users permission list from site
#Get users permission list from SharePoint group
foreach($grpUser in $SiteGroup)
{
try
{
$ctx.Load($grpUser)
$ctx.ExecuteQuery()
$siteuser = $grpUser.Users
$ctx.Load($siteuser)
$ctx.ExecuteQuery()
$grpWebRoleAssignment = $rootWeb.RoleAssignments.GetByPrincipal($grpUser)
foreach($WebRoleAssignment in $grpWebRoleAssignment)
{
$ctx.Load($WebRoleAssignment)
$RoleDefinitions =$WebRoleAssignment.RoleDefinitionBindings
$ctx.Load($RoleDefinitions)
$ctx.ExecuteQuery()
$WebUserPermissions=@()
foreach ($RoleDefinition in $RoleDefinitions)
{
#Excldue "Limited Access" users permission
if($RoleDefinition.Name -ne "Limited Access")
{
$WebUserPermissions += $RoleDefinition.Name +";"
}
}
# Iterate users
foreach($user in $siteuser)
{
$ctx.Load($user)
$ctx.ExecuteQuery()
if($WebUserPermissions)
{
"$($rootWeb.Url) `t $($grpUser.Title) `t $($user.Title) `t $($WebUserPermissions)" | Out-File $FileUrl -Append
}
}
}
}
catch [System.Exception]
{
$Errormessage =$_.Exception.Message
Write-Host "Can not find the user in this SharePoint group ID" "[$Errormessage]" -ForegroundColor Cyan
}
}
#Ended users permission list from SharePoint groups
No comments:
Post a Comment