Home Client Side Object Model (CSOM) List Item Permission PowerShell SharePoint Online SharePoint Online: Get All List Items with Unique Permissions using PowerShell

SharePoint Online: Get All List Items with Unique Permissions using PowerShell

, , , ,
Requirement: Get All SharePoint Online List Items with Unique Permissions using PowerShell

How to Check if a list Item is using Unique permissions or inheriting permissions from the parent?
To get if a SharePoint Online list Item or File in a document library has unique permissions, follow these steps:
  • Navigate to the list/library and then select the list item.
  • From the details pane, Click on "Manage Access" link (in Classic experience, Click on "Advanced" >> "Shared With") and then click on "Advanced" link.
  • This takes you to the Advanced permissions page of the list item, which gives you the information whether the list item has unique permissions or its inheriting permissions from the parent. E.g. You'll get the text "This list item has unique permissions"
    sharepoint online find list items with unique permissions

SharePoint Online: PowerShell to Get All List Items with Unique Permissions:
Lets get all list items with unique permissions using PowerShell. 
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Function to call a non-generic method Load
Function Invoke-LoadMethod() {
   param([Microsoft.SharePoint.Client.ClientObject]$Object = $(throw "Please provide a Client Object"),[string]$PropertyName) 
   $ctx = $Object.Context
   $load = [Microsoft.SharePoint.Client.ClientContext].GetMethod("Load") 
   $type = $Object.GetType()
   $clientLoad = $load.MakeGenericMethod($type)  
   $Parameter = [System.Linq.Expressions.Expression]::Parameter(($type), $type.Name)
   $Expression = [System.Linq.Expressions.Expression]::Lambda([System.Linq.Expressions.Expression]::Convert([System.Linq.Expressions.Expression]::PropertyOrField($Parameter,$PropertyName),[System.Object] ), $($Parameter))
   $ExpressionArray = [System.Array]::CreateInstance($Expression.GetType(), 1)
   $ExpressionArray.SetValue($Expression, 0)
   $clientLoad.Invoke($ctx,@($Object,$ExpressionArray))
}

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com"
$ListName="Projects"

Try {
    #Setup Credentials to connect
    $Cred= Get-Credential
    $Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = $Credentials
        
    #Get All Lists of the web
    $List = $Ctx.Web.Lists.GetByTitle($ListName)
    $Ctx.Load($List)
    $Ctx.ExecuteQuery()
    Write-host "Total List Items Found:"$List.ItemCount

    #Batch process list items - to mitigate list threshold issue on larger lists
    Do {  
        #Get 2000 items from the list
        $Query = New-Object Microsoft.SharePoint.Client.CamlQuery
        $Query.ViewXml = "<view Scope='RecursiveAll'><rowlimit>2000</rowlimit></view>"
        $ListItems = $List.GetItems($Query)
        $Ctx.Load($ListItems)
        $Ctx.ExecuteQuery()
          
        $Query.ListItemCollectionPosition = $ListItems.ListItemCollectionPosition
 
        #Loop through each List item
        ForEach($ListItem in $ListItems)
        {
            Invoke-LoadMethod -Object $ListItem -PropertyName "HasUniqueRoleAssignments"
            $Ctx.ExecuteQuery()
            if ($ListItem.HasUniqueRoleAssignments -eq $true)
            {        
                Write-Host -f Green "List Item '$($ListItem["Title"])' with ID '$($ListItem.ID)' has Unique Permissions"
            }
            else
            {
                Write-Host -f Yellow "List Item '$($ListItem["Title"])' with ID '$($ListItem.ID)' is inhering Permissions from the Parent"
            }
        }
    } While ($Query.ListItemCollectionPosition -ne $null)

}
Catch {
    write-host -f Red "Error Checking Unique Permissions!" $_.Exception.Message
}
To remove unique permissions from all list items in SharePoint Online, use: SharePoint Online: Delete Unique Permissions for All Items in a List using PowerShell
SharePoint Online: Get All List Items with Unique Permissions using PowerShell SharePoint Online: Get All List Items with Unique Permissions using PowerShell Reviewed by Salaudeen Rajack on March 12, 2017 Rating: 5

Advertisement:


Related Posts:

No comments:

Please Login and comment to get your questions answered!

Subscribe to: Post Comments ( Atom )
Powered by Blogger.