kwizcom banner advertisement

SharePoint Online: Export Permissions of a Site, List, Item using PowerShell

Requirement: Export permissions applied on a particular SharePoint Site, List or ListItem to CSV report.

PowerShell to Export Permissions of a Site, List, List Item in SharePoint Online:
This PowerShell script extracts and exports Immediate (not on any underlying objects) permissions of the given object.
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
 
#Get Permissions Applied on a particular Object, such as: Web, List or ListItem
Function Export-SPOPermissions([Microsoft.SharePoint.Client.SecurableObject]$Object, $ReportFile)
{
    #Write CSV- TAB Separated File) Header
    "Account `t Permissions `t Type" | out-file $ReportFile

    #Get permissions assigned to the object
    $Ctx.Load($Object.RoleAssignments)
    $Ctx.ExecuteQuery()

    Foreach($RoleAssignment in $Object.RoleAssignments)
    { 
            $Ctx.Load($RoleAssignment.Member)
            $Ctx.executeQuery()

            #Get the Permissions on the given object
            $Permissions=@()
            $Ctx.Load($RoleAssignment.RoleDefinitionBindings)
            $Ctx.ExecuteQuery()
            Foreach ($RoleDefinition in $RoleAssignment.RoleDefinitionBindings)
            {
                $Permissions += $RoleDefinition.Name +";"
            }
            #Check the permission type
            if($RoleAssignment.Member.PrincipalType -eq "User")
            {
                #Send the Data to Report file
                "$($RoleAssignment.Member.Title)($($RoleAssignment.Member.LoginName)) `t $($Permissions) `t User Account" | Out-File $ReportFile -Append
            }
                
            ElseIf($RoleAssignment.Member.PrincipalType -eq "SharePointGroup")
            {
                #Send the Data to Report file
                "$($RoleAssignment.Member.LoginName)`t $($Permissions) `t SharePoint Group" | Out-File $ReportFile -Append
            }
            ElseIf($RoleAssignment.Member.PrincipalType -eq "SecurityGroup")
            {
                #Send the Data to Report file
                "$($RoleAssignment.Member.Title)`t $($Permissions) `t Security Group" | Out-File $ReportFile -Append
            }
    }
    Write-host -f Green "Permissions Exported to File $ReportFile!"
}

Try {

        #Set parameter values
        $SiteURL="https://crescent.sharepoint.com/sites/Ops"
        $ListName="Projects"
        $ListItemID="2"

        #Get Credentials to connect
        $Cred= Get-Credential
        $Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
 
        #Setup the context
        $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
        $Ctx.Credentials = $Credentials

        #Get the Web
        $Web = $Ctx.Web
        $Ctx.Load($Web)
        $Ctx.ExecuteQuery()

        #Call the function to Get web's permissions
        Write-host -f Yellow "Extracting Permissions of the Web "$Web.URL"..."
        Export-SPOPermissions -Object $Web -ReportFile "C:\Temp\WebPermissions.csv"

        #Get the List
        $List = $Ctx.web.Lists.GetByTitle($ListName)
        $Ctx.Load($List)
        $Ctx.ExecuteQuery()

        #Call the function to Get List's permissions
        Write-host -f Yellow "Extracting Permissions of the List "$List.Title"..."
        Export-SPOPermissions -Object $List -ReportFile "C:\Temp\ListPermissions.csv"

        #Get List Item by ID
        $ListItem = $List.GetItemById($ListItemID)  
        $Ctx.Load($ListItem)
        $Ctx.ExecuteQuery()

        #Call the function to Get List's permissions
        Write-host -f Yellow "Extracting Permissions of the List Item ID: "$ListItemID"..."
        Export-SPOPermissions -Object $ListItem -ReportFile "C:\Temp\ListItemPermissions.csv"
     }
    Catch {
        write-host -f Red "Error Generating Permissions Report!" $_.Exception.Message
 } 
Here is a sample report generated:
export sharepoint online permissions to excel using powershell
SharePoint Online: Export Permissions of a Site, List, Item using PowerShell SharePoint Online: Export Permissions of a Site, List, Item using PowerShell Reviewed by Salaudeen Rajack on June 06, 2017 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.