SharePoint Online: Clone User Group Memberships using PowerShell
Requirement: Clone a user’s group permissions to another user in a SharePoint Online Site.
PowerShell to Clone User’s Group Memberships in SharePoint Online:
It’s a common real-world scenario that when someone leaves the organization, and somebody else takes that role, they want the same permissions! While the requirement sounds simple, it’s cumbersome to achieve it through the web user interface. Basically, you have to go to each group where the source user is a member and add the target user to it. We can automate this task using PowerShell to clone user group memberships from one account to another!
#Function to copy group memberships from one user to another
Function Clone-SPOUserGroupPermission($SiteURL, $SourceUserID, $TargetUserID)
{
Try {
#Get the Site collection
$Site = Get-SPOSite $SiteURL
#Get the Source user
$SourceUser = Get-SPOUser -Site $Site -LoginName $SourceUserID
#Get All groups of the source User
$UserGroups = $SourceUser.Groups
If($UserGroups.Count -gt 0)
{
Write-host -f Yellow "Found the User Member of $($UserGroups.Count) Group(s)..."
#Loop through each group of the source user and add target user to that group
ForEach ($Group in $UserGroups)
{
#Add Target User to the Group
Add-SPOUser -Site $Site -LoginName $TargetUserID -Group $Group | out-null
Write-Host -f Green "Added $TargetUserID to Group '$Group'"
}
}
}
Catch {
Write-host $_.Exception.Message -f Red
}
}
#SharePoint Online Admin Center URL
$AdminCenterURL = "https://crescent-admin.sharepoint.com"
$SiteURL = "https://crescent.sharepoint.com/sites/marketing"
$SourceUserID ="John@Crescent.com"
$TargetUserID ="Peter@Crescent.com"
#Connect to SharePoint Online Admin Center
Connect-SPOService -Url $AdminCenterURL -Credential (Get-Credential)
#Call the Function
Clone-SPOUserGroupPermission -SiteURL $SiteURL -SourceUserID $SourceUserID -TargetUserID $TargetUserID
You can also use the “Get-SPOSite” cmdlet to get all site collections and call the function to copy the user’s group memberships to another user.
PnP PowerShell to copy User’s Group Permission to Another user
Here is how to clone user memberships in SharePoint Online using PnP PowerShell:
#Parameters
$SiteURL = "https://crescent.sharepoint.com/sites/Retail"
$SourceUserLoginID = "steve@crescent.com"
$TargetUserLoginID = "alexw@crescent.com"
Try {
#Connect to the Source Site
Connect-PnPOnline -Url $SiteURL -Interactive
#Get the source User
$User = Get-PnPUser -Identity "i:0#.f|membership|$UserLoginID"
#Get all groups of the user
$UserGroups = $User.Groups | Where {$_.LoginName -notlike "*Limited Access*"}
#Add Target User to the Groups
$UserGroups | ForEach-Object {
Add-PnPGroupMember -LoginName $TargetUserLoginID -Identity $_.LoginName
Write-host -f Green "Added User to the Group:"$_.LoginName
}
}
Catch {
write-host -f Red "Error:" $_.Exception.Message
}
What if you want to copy permissions completely from one user to another, instead of just copying group permissions? Because the source user may have permissions at other levels too. E.g., Permission may be granted directly (such as “Full Control”), as a site collection admin, at list/folder/item levels! So, Here is the PowerShell to clone user’s permissions: How to Copy User Permissions in SharePoint Online using PowerShell?
Hi Sir,
Is there any way to clone user on entire tenant level?
Thanks,
V