kwizcom banner advertisement

SharePoint Online: Change Group Permissions using PowerShell

Requirement: SharePoint Online Change Group Permissions

How to Update permissions for a SharePoint group?
To edit group permissions in SharePoint Online, following these steps:
  • Login to your SharePoint Online site as a administrator >> On the site collection Home page, click on Settings icon >> Click Site settings.
  • On the Site Settings page, under Users and Permissions, click on Site permissions.
  • Select the check box of the group to which you want to change permissions (either to grant additional rights or to revoke existing permissions).
  • In the Modify section of the ribbon, click on "Edit User Permissions" button.
    sharepoint online edit group permissions
  • On the Edit Permissions page, select/deselect the group permission check boxes according to your requirement. You can simply tick a checkbox next to permission levels such as "Contribute" to grant permission or uncheck to remove permission from the group.
    SharePoint Online Change Group Permissions using powershell
  • Click OK to save permission changes to the group.

Now, Lets edit group permissions using PowerShell.

PowerShell to change group permissions in SharePoint Online:
For the members group of the site, lets remove "Edit" permissions and add "Contribute"
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
#Variables for Processing
$SiteURL = ""
$GroupName="Marketing Team Site Members"

#Setup Credentials to connect
$Cred = Get-Credential
$Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)

Try {
    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = $Cred

    #Get all groups of the site
    $Groups = $Ctx.Web.SiteGroups
    #Get Group Names
    $GroupNames =  $Groups | Select -ExpandProperty Title
    #Check if the given group exists
    If($GroupNames -contains $GroupName)
        #Get the Group
        $Group = $ctx.Web.SiteGroups.GetByName($GroupName)

        #Get Permission Levels to add and remove
        $RoleDefToAdd = $Ctx.web.RoleDefinitions.GetByName($PermissionToAdd)
        $RoleDefToRemove = $Ctx.web.RoleDefinitions.GetByName($PermissionToRemove)
        #Get the Group's role assignment on the web
        $RoleAssignment = $Ctx.web.RoleAssignments.GetByPrincipal($Group)
        #Add/remove permission levels to the role assignment

        write-host  -f Green "User Group permissions updated Successfully!"
        Write-host -f Yellow "Group Doesn't exist!"
Catch {
    write-host -f Red "Error Changing Group Permissions!" $_.Exception.Message
Similarly, to add or remove permission to a SharePoint user, you can refer: SharePoint Online: Change User Permissions using PowerShell

Tags: assign permission level to sharepoint group powershell, change permission level of sharepoint group powershell, sharepoint 2013 add permission level to group, add permission level to sharepoint group powershell
SharePoint Online: Change Group Permissions using PowerShell SharePoint Online: Change Group Permissions using PowerShell Reviewed by Salaudeen Rajack on February 19, 2017 Rating: 5

1 comment:

  1. Thanks Salaudeen, this is very helpful. I am not a developer so I couldn't improvise on your script. But I am in need of a PS script to loop through all SPO site collections in the tenant and wherever a Group Name contains the word "Member" it removes the Edit permission level and adds the contribute permission level - do you think it is easily achievable, if so could you please help?


Please Login and comment to get your questions answered!

Powered by Blogger.