How to Make a SharePoint List or Library to Read Only Mode using PowerShell?
Requirement: Set SharePoint list or document library to read only mode.
How to make SharePoint List to Read Only?
There is no direct way to set the SharePoint list to read-only! The read-only mode can be set only on SharePoint site collections (How to Make a Site Collection Read-Only) or on content databases (Set SharePoint Content Database to Read Only Mode). However, we can make a SharePoint list to read-only by replacing all user’s permissions into “Read-only”.
How to make a SharePoint list or library read-only from SharePoint user interface:
If you have ever needed to make a SharePoint list or library read only, you may have found that there is no direct way to do this using the UI. But we can make a SharePoint list to read only mode by replacing all permissions on it.
- Go to List Settings >> Permissions for this list
- Click on the “Stop Inheriting Permissions” button from the ribbon and confirm the prompt
- Select All users >> Click on the “Edit User Permissions” button. This leads to the “Edit Permissions” page. Select “Read” from choose permission section and click on “OK”.
- Now, You’ll see all users permissions are changed to “Read”.
The same method works to make document libraries read-only in SharePoint.
Change SharePoint List to Read only mode using PowerShell:
Let’s use PowerShell to change the SharePoint list to read-only.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#Configuration Parameters
$SiteURL="https://intranet.crescent.com/"
$ListName= "Projects"
#Get the Web and List
$Web = Get-SPWeb $SiteURL
$List = $Web.Lists.TryGetList($ListName)
#Break Permissions of the List
If ($List.HasUniqueRoleAssignments -eq $false)
{
$List.BreakRoleInheritance($true)
}
#Get Read Permission Level
$ReadPermission = $web.RoleDefinitions["Read"]
#Get All User & Groups granted Permissions to the List
ForEach ($RoleAssignment in $List.RoleAssignments)
{
Write-host "Resetting Permissions for :"$RoleAssignment.Member.Name
#Remove All permissions
$RoleAssignment.RoleDefinitionBindings.RemoveAll()
$RoleAssignment.RoleDefinitionBindings.Add($ReadPermission)
$RoleAssignment.Update()
}
This sets the list to read Only. But wait, there is a problem! The above UI method or PowerShell script resets all permissions to read only, doesn’t matter if the security principal (E.g., User, Group, etc.) already has permissions like “View Only” or “Limited Access”. So, let’s tweak it a bit to replace permissions other than Read, View Only, Restricted Read, and Limited Access.
PowerShell to Make SharePoint Library read only:
This can be useful if you want to restrict users from making changes to the list or library.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#Configuration Parameters
$SiteURL="https://intranet.crescent.com/"
$ListName= "Projects"
#Get the Web and List
$Web = Get-SPWeb $SiteURL
$List = $Web.Lists.TryGetList($ListName)
#Break Permissions of the List
If ($List.HasUniqueRoleAssignments -eq $false)
{
$List.BreakRoleInheritance($true)
}
#Get Read Permission Level
$ReadPermission = $web.RoleDefinitions["Read"]
#Get All User & Groups granted Permissions to the List
ForEach ($RoleAssignment in $List.RoleAssignments)
{
Write-host "Resetting Permissions for :"$RoleAssignment.Member.Name -f Yellow
#Replace All other permissions with "Read" if its not granted already
$RoleDefinitionBindings = $RoleAssignment.RoleDefinitionBindings
Foreach($RoleDefBinding in $RoleDefinitionBindings)
{
IF( ($RoleDefBinding.Name -ne "Read") -and ($RoleDefBinding.Name -ne "Restricted Read") -and ($RoleDefBinding.Name -ne "View Only") -and ($RoleDefBinding.Name -ne "Limited Access") )
{
#Grant Read ACcess if its not present
If(!($RoleAssignment.RoleDefinitionBindings.Contains($ReadPermission)))
{
$RoleAssignment.RoleDefinitionBindings.Add($ReadPermission)
$RoleAssignment.Update()
Write-host "Added Read Permissions to "$RoleAssignment.Member.Name -ForegroundColor Green
}
}
else
{
continue;
}
}
#Remove All permissions other than Read or Similar
$RoleDefinitionBindings = $RoleAssignment.RoleDefinitionBindings
For($i=$RoleDefinitionBindings.Count-1; $i -ge 0; $i--)
{
$RoleDefBinding = $RoleAssignment.RoleDefinitionBindings[$i]
IF( ($RoleDefBinding.Name -eq "Read") -or ($RoleDefBinding.Name -eq "Restricted Read") -or ($RoleDefBinding.Name -eq "View Only") -or ($RoleDefBinding.Name -eq "Limited Access") )
{
continue;
}
Else
{
$RoleAssignment.RoleDefinitionBindings.Remove($RoleAssignment.RoleDefinitionBindings[$i])
$RoleAssignment.Update()
Write-host Removed $RoleDefBinding.Name Permissions from $RoleAssignment.Member.Name -ForegroundColor Red
}
}
}
Isn’t it a good idea to backup current permissions of the list and then restore permissions when required?
Salaudeen —
Both here and on the “How to Make a Subsite Read Only” page, you mention backing up the current permissions first, but you don’t say how. Is there a way to just backup permissions, or would we need to make a backup of the entire site?
Hello,
For SharePoint Server, how to adapt the script to modify at the same time the read-only permissions of the subsite + all the libraries + the library folders.
Indeed, we have sites with a lot of libraries and files. We have broken the permissions inheritance and it’s way too tedious to make the changes manually on every library and folder.
Thank you for your help.
Well, there are no ways to set read-only mode for subsite, library or folder – Except you remove all other permissions and change everyone’s access to “Read-Only”.
How to Make a SharePoint List or Library to Read Only Mode using PowerShell?
Can you please help how to do this for SharePoint Online Site List?
Sure, Here you go: How to Make a SharePoint Online List to Read-Only?
Thank you !!