SharePoint Online: Add Site Collection Administrator using PowerShell
SharePoint site collection administrators have Full access rights to manage all sites under a site collection. When creating a site collection, a Global Administrator or SharePoint Online Administrator will automatically become the primary site collection admin. A SharePoint online site collection can have several administrators, but only one primary administrator, unlike SharePoint on-premises.
It is possible to add multiple site collection admins for any SharePoint site collection. To add additional site collection administrator in SharePoint online, you must be either Global Administrator or SharePoint online Site Collection Administrator of the particular site collection.
SharePoint Online Add Site Collection Administrator
To add a user to site collection administrator in SharePoint Online, do the following:
Quite easy, isn't it? Well, It's easy for one single site collection. However, there is a problem when you have a large number of site collections. Say, you have 100s of SharePoint Online site collections, You can't simply select all of your site collections and add a site collection administrator to all of them at one shot! So, let's see how to add a site collection administrator in SharePoint Online using PowerShell.
Add Site Collection Administrator in Modern / Group Connected SharePoint Online Sites:
In group connected modern team sites, "Site collection Administrators" link in site settings is hidden. The Office 365 Group Owner is configured as the site collection administrator, by default. So you can add any user to owners group of the Office 365 group in order to make them site collection administrator or use the direct link and add additional site collection admins.
Anyway, In SharePoint Online, site collection administrators to be added on a site collection by site collection basis, as there are no web application level users policies can be set from Central Administration as we do in SharePoint on-premises. So, the solution is: Using PowerShell to add a site collection administrator in SharePoint online!
PowerShell Script to Add Site Collection Administrator in SharePoint Online:
Here is the PowerShell for SharePoint online to add site collection administrator
Add Site Collection Admin to All SharePoint Online Sites using PowerShell:
SharePoint Online PowerShell to add a site collection administrator for all site collections.
Change Primary Site Collection Administrator using PowerShell:
SharePoint Online PowerShell to set site collection administrator
Add Site Collection Administrator to Group/Modern Sites
SharePoint modern sites are not listed under site collections (or even with the SharePoint PowerShell module!). Here is the script to use in "SharePoint Online Management Shell" to add site collection admins to all sites including Modern Team sites.
Add Site Collection Administrator using PowerShell CSOM:
Other than SharePoint Online Management Shell, we can also use the PowerShell CSOM method to add a user to the site collection administrator group. Here is how:
PnP PowerShell to Add Site Collection Administrator in SharePoint Online
You need to give yourself access to every site collection individually in order to access it. If there are hundreds of them, rather than adding to each site, you can use the PowerShell script to do that. Here is how to add a user as a site collection administrator using PnP PowerShell:
You can also add site collection admin using PnP PowerShell Set-PnPTenantSite as:
Add Site Collection Administrator to All Sites in the Tenant:
To Add Site Collection Administrator to All Site Collections in the tenant, use
Related Articles:
It is possible to add multiple site collection admins for any SharePoint site collection. To add additional site collection administrator in SharePoint online, you must be either Global Administrator or SharePoint online Site Collection Administrator of the particular site collection.
SharePoint Online Add Site Collection Administrator
To add a user to site collection administrator in SharePoint Online, do the following:
- Navigate to your SharePoint Online administration center >> Click on Active Sites (E.g. https://crescentintranet-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx)
- Select the site collection, click on the "Permissions" button from the ribbon, and then click on the "Manage Admins" menu item.
- This brings the "Manage admins" page where you can add multiple site collection administrators. Also, it provides the option to change the primary site collection administrator.
- Once you have added the new user press OK to save the changes and any new Site Collection Administrator will have full rights to every site and sub-site within that Site Collection.
Quite easy, isn't it? Well, It's easy for one single site collection. However, there is a problem when you have a large number of site collections. Say, you have 100s of SharePoint Online site collections, You can't simply select all of your site collections and add a site collection administrator to all of them at one shot! So, let's see how to add a site collection administrator in SharePoint Online using PowerShell.
Add Site Collection Administrator in Modern / Group Connected SharePoint Online Sites:
In group connected modern team sites, "Site collection Administrators" link in site settings is hidden. The Office 365 Group Owner is configured as the site collection administrator, by default. So you can add any user to owners group of the Office 365 group in order to make them site collection administrator or use the direct link and add additional site collection admins.
Anyway, In SharePoint Online, site collection administrators to be added on a site collection by site collection basis, as there are no web application level users policies can be set from Central Administration as we do in SharePoint on-premises. So, the solution is: Using PowerShell to add a site collection administrator in SharePoint online!
PowerShell Script to Add Site Collection Administrator in SharePoint Online:
Here is the PowerShell for SharePoint online to add site collection administrator
#Variables for processing $AdminURL = "https://crescent-admin.sharepoint.com/" $AdminName = "[email protected]" $SiteCollURL = "https://crescent.sharepoint.com/sites/Sales/" $SiteCollectionAdmin = "[email protected]" #User Names Password to connect #$SecurePWD = read-host -assecurestring "Enter Password for $AdminName" $SecurePWD = ConvertTo-SecureString "Password1" –asplaintext –force $Credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $AdminName, $SecurePWD #Connect to SharePoint Online Connect-SPOService -url $AdminURL -credential $Credential #Add Site collection Admin Set-SPOUser -site $SiteCollURL -LoginName $SiteCollectionAdmin -IsSiteCollectionAdmin $TrueThis PowerShell also works when you want to add a group as a site collection administrator in SharePoint Online.
Add Site Collection Admin to All SharePoint Online Sites using PowerShell:
SharePoint Online PowerShell to add a site collection administrator for all site collections.
#Variables for processing $AdminURL = "https://Crescent-admin.sharepoint.com/" $AdminName = "[email protected]" #User Names Password to connect $Password = Read-host -assecurestring "Enter Password for $AdminName" $Credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $AdminName, $Password #Connect to SharePoint Online Connect-SPOService -url $AdminURL -credential $Credential $Sites = Get-SPOSite -Limit ALL Foreach ($Site in $Sites) { Write-host "Adding Site Collection Admin for:"$Site.URL Set-SPOUser -site $Site -LoginName $AdminName -IsSiteCollectionAdmin $True }
To Remove a Site Collection Admin, use Set-SPOUser cmdlet with -IsSiteCollectionAdmin $false parameter! Here is how: Remove Site Collection Administrator in SharePoint Online with PowerShell
Change Primary Site Collection Administrator using PowerShell:
SharePoint Online PowerShell to set site collection administrator
#Variables for processing $AdminURL = "https://crescent-admin.sharepoint.com/" $AdminName = "[email protected]" $SiteCollURL = "https://crescent.sharepoint.com/sites/Sales" $NewSiteAdmin = "[email protected]" #User Names Password to connect $SecurePWD = ConvertTo-SecureString "Password1" –asplaintext –force $Credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $AdminName, $SecurePWD #Connect to SharePoint Online Connect-SPOService -url $AdminURL -credential $Credential #Change Site Collection Primary Admin Set-SPOSite -Identity $SiteCollURL -Owner $NewSiteAdmin -NoWait
Add Site Collection Administrator to Group/Modern Sites
SharePoint modern sites are not listed under site collections (or even with the SharePoint PowerShell module!). Here is the script to use in "SharePoint Online Management Shell" to add site collection admins to all sites including Modern Team sites.
#Variables for processing $AdminURL = "https://crescent-admin.sharepoint.com/" $AdminName="[email protected]" #Connect to SharePoint Online Connect-SPOService -url $AdminURL -credential (Get-Credential) #Get All Site Collections $Sites = Get-SPOSite -Limit ALL #Loop through each site and add site collection admin Foreach ($Site in $Sites) { Write-host "Adding Site Collection Admin for:"$Site.URL Set-SPOUser -site $Site.Url -LoginName $AdminName -IsSiteCollectionAdmin $True }You can apply a filter to site collections to get all site collections of a specific type. E.g. To get all communication sites, use:
Get-SPOSite -Template SITEPAGEPUBLISHING#0Similarly, you can filter site collections and add site collection admins as:
$Sites = Get-SPOSite -Limit All | Where {$_.Url -like 'https://crescent.sharepoint.com/sites/Project*'}
Add Site Collection Administrator using PowerShell CSOM:
Other than SharePoint Online Management Shell, we can also use the PowerShell CSOM method to add a user to the site collection administrator group. Here is how:
#Load SharePoint CSOM Assemblies Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll" Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll" #Variables for Processing $SiteURL = "https://crescent.sharepoint.com/Sites/marketing" $UserAccount="i:0#.f|membership|[email protected]" #Setup Credentials to connect $Cred = Get-Credential $Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password) #Setup the context $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL) $Ctx.Credentials = $Cred $User = $Ctx.Web.EnsureUser($UserAccount) $User.IsSiteAdmin = $True $User.Update() $Ctx.ExecuteQuery()
PnP PowerShell to Add Site Collection Administrator in SharePoint Online
You need to give yourself access to every site collection individually in order to access it. If there are hundreds of them, rather than adding to each site, you can use the PowerShell script to do that. Here is how to add a user as a site collection administrator using PnP PowerShell:
#Set Variables $SiteURL = "https://crescent.sharepoint.com/sites/Marketing" #Connect to PNP Online Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential) #add user as site collection administrator powershell sharepoint online Add-PnPSiteCollectionAdmin -Owners "[email protected]"Existing site collection admins stay as is! To add more than one site collection admin, use:
Add-PnPSiteCollectionAdmin -Owners "[email protected]", "[email protected]"
You can also add site collection admin using PnP PowerShell Set-PnPTenantSite as:
#Set Runtime Parameters $AdminSiteURL="https://crescent-admin.sharepoint.com" $SiteUrl="https://crescent.sharepoint.com/sites/jackson" $SiteCollAdmin="[email protected]" #Connect to PnP Online Connect-PnPOnline -Url $AdminSiteURL -UseWebLogin #Add Site collection Admin Set-PnPTenantSite -Url $SiteUrl -Owners $SiteCollAdmin
Add Site Collection Administrator to All Sites in the Tenant:
To Add Site Collection Administrator to All Site Collections in the tenant, use
#Parameters $TenantAdminURL = "https://crescent-admin.sharepoint.com" $SiteCollAdmin="[email protected]" #Connect to Admin Center Connect-PnPOnline -Url $TenantAdminURL -UseWebLogin #Get All Site collections and Iterate through $SiteCollections = Get-PnPTenantSite ForEach($Site in $SiteCollections) { #Add Site collection Admin Set-PnPTenantSite -Url $Site.Url -Owners $SiteCollAdmin Write-host "Added Site Collection Administrator to $($Site.URL)" }
Related Articles:
- Change Owner/Add Site Collection Administrator to OneDrive for Business Site using PowerShell
- Add site collection administrator in SharePoint 2013 On-Premises using PowerShell, C#, STSADM
- Site Collection Administrators Report for All SharePoint Sites
- Remove site collection administrator using PowerShell
- Change Site Collection Primary, Secondary Administrators in SharePoint
SharePoint Online: Add Site Collection Administrator using PowerShell
Reviewed by Salaudeen Rajack
on
August 01, 2015
Rating:
Reviewed by Salaudeen Rajack
on
August 01, 2015
Rating:
Note: Get-SPOSite does not return sites created by O365 Groups (& Planner) or Teams, unless you specifically specify the URL of the site... so no enumeration of those sites :(
ReplyDeleteNot true. Get-SPOSite does get me SP Sites that belong to an Office Group
DeleteA lot can change in a year and two months.
DeleteHow to remove site collection administrators in sharepoint online using powershell.
ReplyDeleteRefer: Remove Site Collection Administrator in SharePoint Online using PowerShell
DeleteThank you!!
ReplyDeleteVery happy!!! :D