SharePoint Online: Remove User from Subsite Permission using PowerShell

Requirement: Remove user from a SharePoint Online subsite

How to Remove an User from SharePoint Online Subsite?
To remove a user from SharePoint Online subsite,
  1. Remove user from all groups of the site
    sharepoint online powershell to remove user from subsite
  2. Remove user from direct permissions of the site (if any)
    remove user from sharepoint online subsite

SharePoint Online: Remove User from Subsite Permission using PowerShell
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
  
#Set parameter values
$SiteURL="https://crescent.sharepoint.com/sites/marketing/2018"
$UserID="salaudeen@crescent.com"
 
Try {
    #Get Credentials to connect
    $Cred= Get-Credential
   
    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
  
    #Get the web
    $Web=$Ctx.Web
    $Ctx.Load($Web)
    $Ctx.ExecuteQuery()
 
    #Frame Login Name
    $LoginName = "i:0#.f|membership|"+$UserID
 
    #Get the User to Delete
    $User = $Web.SiteUsers.GetByLoginName($LoginName)
    $Ctx.ExecuteQuery()

    #Remove User from All Groups of the site
    $Ctx.Load($User.Groups)
    $Ctx.ExecuteQuery() 
    ForEach($Group in $User.Groups)
    {
        $Group.Users.RemoveByLoginName($LoginName)
        Write-host -f Yellow "`tRemoved User from the Group:" $Group.Title
    }
    $Ctx.ExecuteQuery()
 
    #Remove the user from direct permissions, if any
    $Ctx.Load($Web.RoleAssignments)
    $ctx.ExecuteQuery()

    ForEach($RoleAssignment in $Web.RoleAssignments)
    { 
        $Ctx.Load($RoleAssignment.Member)
        $Ctx.executeQuery()
 
        #Check direct permissions
        if($RoleAssignment.Member.PrincipalType -eq "User")
        {
            #Is the current user is the user we search for?
            if($RoleAssignment.Member.LoginName -eq $LoginName)
            {
                #Remove User from web Permissions
                $Web.RoleAssignments.GetByPrincipal($User).DeleteObject()
                $Ctx.ExecuteQuery()
                Write-host -f Yellow "`tRemoved User from Direct Permissions of the Web!"
            }
        }
    }

    Write-Host "User: '$UserID' has been Removed from the site Successfully!" -ForegroundColor Green
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
}
To remove an user from site collection, use: SharePoint Online: Remove User from Site Collection using PowerShell
SharePoint Online: Remove User from Subsite Permission using PowerShell SharePoint Online: Remove User from Subsite Permission using PowerShell Reviewed by Salaudeen Rajack on July 09, 2018 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.