SharePoint Online: Delete Unique Permissions and Restore Inheritance in a List using PowerShell

Requirement: SharePoint Online remove all unique permissions in a List or Library

How to Delete Unique permissions and Inherit from parent in SharePoint Online?
Removing unique permissions and restoring permission inheritance for a list or library allows its security to be managed at the site level, instead of managing the security separately from that List. To restore permission inheritance for a list or library, do the following:
  • Login to SharePoint online, Navigate to the list or library in which you want to remove unique permissions. 
  • On the ribbon, click on the List/Library tab and then, in the Settings group, click on List / Library Settings.
  • From the List Settings page, click on "Permissions For This List" link under "Permissions And Management" group.
  • On the ribbon, click the Permissions tab and then, in the Inheritance group, click on Delete Unique Permissions. Confirm the prompt with OK.
    sharepoint online delete unique permissions powershell

Delete Unique Permissions on a List or Library in SharePoint Online using PowerShell:
Here is the SharePoint Online PowerShell to inherit permissions from the parent
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Function to remove unique permissions and inherit from the parent
Function Remove-ListUniquePermissions
{
param
    (
        [Parameter(Mandatory=$true)] [string] $SiteURL,
        [Parameter(Mandatory=$true)] [string] $ListName
    )

    Try {
        $Cred= Get-Credential
        $Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

        #Setup the context
        $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
        $Ctx.Credentials = $Credentials

        #sharepoint online powershell inherit permissions
        $List=$Ctx.Web.Lists.GetByTitle($ListName)
        $List.ResetRoleInheritance()
        $List.Update()
        $Ctx.ExecuteQuery()

        Write-Host "Unique Permissions are removed and inherited from the Parent!" -ForegroundColor Green
    }

    Catch {
        write-host -f Red "Error Deleting Unique Permissions!" $_.Exception.Message
    } 
}
#sharepoint online powershell reset permissions
$SiteURL="https://crescent.sharepoint.com"
$ListName="Projects"

#Call the function to remove unique permissions from a list
Remove-ListUniquePermissions -SiteURL $SiteURL -ListName $ListName
This PowerShell deletes all unique permissions of a given list.

PowerShell to Reset Permission Inheritance of All Lists of a Site Collection
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
 
#To call a non-generic Load Method
Function Invoke-LoadMethod() {
    Param(
            [Microsoft.SharePoint.Client.ClientObject]$Object = $(throw "Please provide a Client Object"), [string]$PropertyName
         )
   $Ctx = $Object.Context
   $Load = [Microsoft.SharePoint.Client.ClientContext].GetMethod("Load") 
   $Type = $Object.GetType()
   $ClientLoad = $Load.MakeGenericMethod($Type)
  
   $Parameter = [System.Linq.Expressions.Expression]::Parameter(($Type), $Type.Name)
   $Expression = [System.Linq.Expressions.Expression]::Lambda([System.Linq.Expressions.Expression]::Convert([System.Linq.Expressions.Expression]::PropertyOrField($Parameter,$PropertyName),[System.Object] ), $($Parameter))
   $ExpressionArray = [System.Array]::CreateInstance($Expression.GetType(), 1)
   $ExpressionArray.SetValue($Expression, 0)
   $ClientLoad.Invoke($Ctx,@($Object,$ExpressionArray))
}

#Function to Delete Unique Permission from all lists of a Web
Function Reset-SPOListPermission([Microsoft.SharePoint.Client.Web]$Web)
{
    Write-host -f Magenta "Searching Unique Permissions on the Site:"$web.Url    
       
    #Get All Lists of the web
    $Lists =  $Web.Lists
    $Ctx.Load($Lists)
    $Ctx.ExecuteQuery()

    #Exclude system lists
    $ExcludedLists = @("App Packages","appdata","appfiles","Apps in Testing","Cache Profiles","Composed Looks","Content and Structure Reports","Content type publishing error log","Converted Forms",
     "Device Channels","Form Templates","fpdatasources","Get started with Apps for Office and SharePoint","List Template Gallery", "Long Running Operation Status","Maintenance Log Library", "Style Library",
     ,"Master Docs","Master Page Gallery","MicroFeed","NintexFormXml","Quick Deploy Items","Relationships List","Reusable Content","Search Config List", "Solution Gallery", "Site Collection Images",
     "Suggested Content Browser Locations","TaxonomyHiddenList","User Information List","Web Part Gallery","wfpub","wfsvc","Workflow History","Workflow Tasks", "Preservation Hold Library")
    
    #Iterate through each list
    ForEach($List in $Lists)
    {
        #Get the List
        $Ctx.Load($List)
        $Ctx.ExecuteQuery()

        If($ExcludedLists -NotContains $List.Title -and $List.Hidden -eq $false)
        {
            #Check if the given site is using unique permissions
            Invoke-LoadMethod -Object $List -PropertyName "HasUniqueRoleAssignments"
            $Ctx.ExecuteQuery()
 
            #Reset broken inheritance of the list
            If($List.HasUniqueRoleAssignments)
            {
                #delete unique permissions of the List
                $List.ResetRoleInheritance()
                $List.Update()
                $Ctx.ExecuteQuery()    
                Write-host -f Green "`tUnique Permissions Removed from the List: '$($List.Title)'"
            }
        }
    }

    #Process each subsite in the site
    $Subsites = $Web.Webs
    $Ctx.Load($Subsites)
    $Ctx.ExecuteQuery()        
    Foreach ($SubSite in $Subsites)
    {
        #Call the function Recursively
        Reset-SPOListPermission($Subsite)
    }
}

#Config Parameters
$SiteURL= "https://crescent.sharepoint.com/sites/marketing"
 
#Get Credentials to connect
$Cred = Get-Credential
 
Try {
    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
     
    #Get the Web
    $Web = $Ctx.Web
    $Ctx.Load($Web)
    $Ctx.ExecuteQuery()
    
    #Call the function to delete unique permission from all lists of a site collection
    Reset-SPOListPermission $Web
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
} 


SharePoint Online: Delete Unique Permissions from a List using PnP PowerShell
Here is the PnP PowerShell reset unique permissions and inherit permissions from the parent in SharePoint Online list.
#Config Variables
$SiteURL = "https://crescenttech.sharepoint.com/Sales"
$ListName ="Documents"

#Connect PNP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)

#Get the Context
$Context = Get-PnPContext
 
#Get the list
$List = Get-PnPList -Identity $ListName

#Remove unique permissions
$List.ResetRoleInheritance()
$Context.ExecuteQuery()

If you want to delete unique permissions on List items in a list or library, use: SharePoint Online: Delete Unique Permissions for All Items in a List using PowerShell
SharePoint Online: Delete Unique Permissions and Restore Inheritance in a List using PowerShell SharePoint Online: Delete Unique Permissions and Restore Inheritance in a List using PowerShell Reviewed by Salaudeen Rajack on January 03, 2016 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.