kwizcom banner advertisement

SharePoint Online: Find All Lists with Unique Permissions using PowerShell

Requirement: Get All Lists and Libraries with Unique Permissions using PowerShell

How to Check if a list is using Unique permissions or inheriting permissions from the parent?
To get if list or library has unique permissions, follow these steps:
  • Navigate to the list and then go to List or Library Settings.
  • In List settings page click on "Permissions for this List/Document library" link
  • The list settings page gives you the information whether the list has unique permissions. If the list or library has unique permissions, you'll get the text "This list/library has unique permissions", otherwise "This list/library inherits permissions from its parent."
    sharepoint online find unique permission lists

Check If the List or Library has Unique Permissions using PowerShell: 
Lets check if the given list has unique permissions 
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#To call a non-generic method Load
Function Invoke-LoadMethod() {
   param([Microsoft.SharePoint.Client.ClientObject]$Object = $(throw "Please provide a Client Object"),[string]$PropertyName) 
   $ctx = $Object.Context
   $load = [Microsoft.SharePoint.Client.ClientContext].GetMethod("Load") 
   $type = $Object.GetType()
   $clientLoad = $load.MakeGenericMethod($type)  
   $Parameter = [System.Linq.Expressions.Expression]::Parameter(($type), $type.Name)
   $Expression = [System.Linq.Expressions.Expression]::Lambda([System.Linq.Expressions.Expression]::Convert([System.Linq.Expressions.Expression]::PropertyOrField($Parameter,$PropertyName),[System.Object] ), $($Parameter))
   $ExpressionArray = [System.Array]::CreateInstance($Expression.GetType(), 1)
   $ExpressionArray.SetValue($Expression, 0)
   $clientLoad.Invoke($ctx,@($Object,$ExpressionArray))
}

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com"
$ListName="Projects"

#Setup Credentials to connect
$Cred= Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Credentials
        
#Get the List
$List = $Ctx.Web.Lists.GetByTitle($ListName)
$Ctx.Load($List)
$Ctx.ExecuteQuery()

#Check if list has unique permissions
Invoke-LoadMethod -Object $list -PropertyName "HasUniqueRoleAssignments"
$Ctx.ExecuteQuery()

Write-Host "List has Unique Permissions?": $List.HasUniqueRoleAssignments

Find All Lists and Libraries with Unique Permissions in a SharePoint Online Site:
Lets modify the script a bit to get all unique permission-ed lists and libraries from a SharePoint Online site.
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#To call a non-generic method Load
Function Invoke-LoadMethod() {
   param([Microsoft.SharePoint.Client.ClientObject]$Object = $(throw "Please provide a Client Object"),[string]$PropertyName) 
   $ctx = $Object.Context
   $load = [Microsoft.SharePoint.Client.ClientContext].GetMethod("Load") 
   $type = $Object.GetType()
   $clientLoad = $load.MakeGenericMethod($type)  
   $Parameter = [System.Linq.Expressions.Expression]::Parameter(($type), $type.Name)
   $Expression = [System.Linq.Expressions.Expression]::Lambda([System.Linq.Expressions.Expression]::Convert([System.Linq.Expressions.Expression]::PropertyOrField($Parameter,$PropertyName),[System.Object] ), $($Parameter))
   $ExpressionArray = [System.Array]::CreateInstance($Expression.GetType(), 1)
   $ExpressionArray.SetValue($Expression, 0)
   $clientLoad.Invoke($ctx,@($Object,$ExpressionArray))
}

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com"

Try {
    #Setup Credentials to connect
    $Cred= Get-Credential
    $Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = $Credentials
        
    #Get All Lists of the web
    $ListCollection = $Ctx.Web.Lists
    $Ctx.Load($ListCollection)
    $Ctx.ExecuteQuery()

    #Iterate through each list - Ignore Hidden Lists
    ForEach($List in $ListCollection | Where {$_.Hidden -eq $False})
    {
        #Check if list has unique permissions
        Invoke-LoadMethod -Object $list -PropertyName "HasUniqueRoleAssignments"
        $Ctx.ExecuteQuery()
        If($List.HasUniqueRoleAssignments -eq $true)
        {
            Write-Host -f Green "List '$($List.Title)' has Unique Permissions"
        }
        else
        {
            Write-Host -f Yellow "List '$($List.Title)' is inhering Permissions from the Parent"
        }
    }
}
Catch {
    write-host -f Red "Error Checking Unique Permissions!" $_.Exception.Message
}
This script gets you all lists and libraries with unique permissions.
SharePoint Online: Find All Lists with Unique Permissions using PowerShell SharePoint Online: Find All Lists with Unique Permissions using PowerShell Reviewed by Salaudeen Rajack on November 12, 2017 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.