SharePoint Diary » PowerShell » SharePoint Online: Remove User or Group from List Permissions using PowerShell

SharePoint Online: Remove User or Group from List Permissions using PowerShell

October 6, 2021 Salaudeen Rajack 0 Comments SharePoint Online Remove User from a Library or List

Requirement: Remove user or group from list permissions in SharePoint Online using PowerShell

How to Remove User Permissions from a List in SharePoint Online?

To remove a user or group from SharePoint Online list permissions, follow these steps:

Navigate to your SharePoint Online list or library.
Click on Settings gear >> Select “List Settings”
In the list settings page, click on “Permissions for this List” under the “Permissions and Management” group
If the List is not using unique permissions, Click on the “Stop Inhering Permissions” button and confirm the prompt.
Now you can remove the user or group from the list permissions by selecting the user and clicking on “Remove User Permissions” button from the ribbon.

PowerShell to Remove User from List Permissions in SharePoint Online

Here is the SharePoint Online PowerShell to remove permissions

#Load SharePoint Online Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Remove User from List Permissions
Function Remove-SPOUserFromListPermission($SiteURL,$ListName,$UserAccount)
{
    #Setup Credentials to connect
    $Cred = Get-Credential
    $Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
 
    Try {
        #Setup the context
        $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
        $Ctx.Credentials = $Cred
     
        #Get the List
        $List=$Ctx.Web.Lists.GetByTitle($ListName)
        $Ctx.Load($List)
        $Ctx.ExecuteQuery()
        
        #Get the User
        $User = $ctx.Web.EnsureUser($UserAccount) 
        $Ctx.Load($User)
        $Ctx.ExecuteQuery()
 
        #Break Permission Inheritance
        $List.BreakRoleInheritance($true, $false)
        $Ctx.ExecuteQuery()

        #Get List Permissions
        $Ctx.Load($List.RoleAssignments)
        $ctx.ExecuteQuery()
        
        #Remove Group from List Permissions
        $List.RoleAssignments.GetByPrincipal($User).DeleteObject()
        $Ctx.ExecuteQuery()
 
        write-host  -f Green "User '$UserAccount' has been Removed from List '$ListName'"
    }
    Catch {
        write-host -f Red "Error:" $_.Exception.Message
    }
}

#Variables for Processing
$SiteURL = "https://crescenttech.sharepoint.com/Sales"
$ListName = "Documents"
$UserAccount = "[email protected]"
 
#Call the function to Remove user from List Permissions
Remove-SPOUserFromListPermission -SiteURL $SiteURL -ListName $ListName -UserAccount $UserAccount

PnP PowerShell to Remove User from List Permissions:

#Config Variables
$SiteURL = "https://crescenttech.sharepoint.com/Sales"
$ListName ="Documents"
$UserID= "i:0#.f|membership|[email protected]"

#Connect PNP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)

#Get the Context
$Context = Get-PnPContext
 
#Get the list & User objects
$List = Get-PnPList -Identity $ListName
$User = Get-PnPUser -Identity $UserID

#Break Permission Inheritance
Set-PnPList -Identity $ListName -BreakRoleInheritance -CopyRoleAssignments

#Remove User from List Permissions
$List.RoleAssignments.GetByPrincipal($User).DeleteObject()
$Context.ExecuteQuery()

SharePoint Online: Remove Group from List Permissions using PowerShell CSOM

#Load SharePoint Online Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Remove Group from List Permissions
Function Remove-SPOGroupFromListPermission($SiteURL,$ListName,$GroupName)
{
    #Setup Credentials to connect
    $Cred = Get-Credential
    $Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
 
    Try {
        #Setup the context
        $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
        $Ctx.Credentials = $Cred
     
        #Get the List
        $List=$Ctx.Web.Lists.GetByTitle($ListName)
        $Ctx.Load($List)
        $Ctx.ExecuteQuery()
        
        #Get the Group
        $Group = $Ctx.Web.SiteGroups.GetByName($GroupName) 
        $Ctx.Load($Group)
        $Ctx.ExecuteQuery()
 
        #Break Permission Inheritance
        $List.BreakRoleInheritance($true, $false)
        $Ctx.ExecuteQuery()

        #Get List Permissions
        $Ctx.Load($List.RoleAssignments)
        $ctx.ExecuteQuery()
        
        #Remove Group from List Permissions
        $List.RoleAssignments.GetByPrincipal($Group).DeleteObject()
        $Ctx.ExecuteQuery()
 
        write-host  -f Green "Group '$GroupName' has been Removed from List '$ListName'"
    }
    Catch {
        write-host -f Red "Error:" $_.Exception.Message
    }
}

#Variables for Processing
$SiteURL = "https://crescenttech.sharepoint.com/Sales"
$ListName = "Documents"
$GroupName = "Sales Portal Members"
 
#Call the function to Remove group from SharePoint List permissions
Remove-SPOGroupFromListPermission -SiteURL $SiteURL -ListName $ListName -GroupName $GroupName

PnP PowerShell to Remove Group from List Permissions

#Config Variables
$SiteURL = "https://crescenttech.sharepoint.com/Sales"
$ListName ="Documents"
$GroupName= "Sales Portal Members"

#Connect PNP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)

#Get the Context
$Context = Get-PnPContext
 
#Get the list
$List = Get-PnPList -Identity $ListName
$Group = Get-PnPGroup -Identity $GroupName

#Break Permission Inheritance
Set-PnPList -Identity $ListName -BreakRoleInheritance -CopyRoleAssignments

#sharepoint online powershell remove group permissions
$List.RoleAssignments.GetByPrincipal($Group).DeleteObject()
$Context.ExecuteQuery()

To Add user or group to SharePoint Online list or library permissions: SharePoint Online: Grant Permission to List or Library using PowerShell

Salaudeen Rajack

Salaudeen Rajack is a SharePoint Architect with Two decades of SharePoint Experience. He loves sharing his knowledge and experiences with the SharePoint community, through his real-world articles!

SharePoint Diary

Salaudeen Rajack

Leave a Reply Cancel reply

How to Create A-Z Glossary Page in SharePoint Online?

External User Access Expiration in SharePoint Online and OneDrive for Business

SharePoint Folder shows Empty in the Windows Explorer!

Fix “Connect-PnPOnline : AADSTS65001: The user or administrator has not consented to use the application with ID ‘31359c7f-bd7e-475c-86db-fdb8c937548e’ named ‘PnP Management Shell’. Send an interactive authorization request for this user and resource.”

How to Find Microsoft Teams Connected SharePoint Online Sites?

How to Enable-Disable Comments in SharePoint Online List?

How to Disable the App Bar in SharePoint Online?

Enable-Disable Automatic News Digest in SharePoint Online

How to Change the Page Layout of a Modern SharePoint Online Page?

SharePoint Online: Perform Bulk Operations (Add/Update/Delete) Faster in Batches with New-PnPBatch cmdlet in PowerShell

How to Remove User Permissions from a List in SharePoint Online?

PowerShell to Remove User from List Permissions in SharePoint Online

PnP PowerShell to Remove User from List Permissions:

SharePoint Online: Remove Group from List Permissions using PowerShell CSOM

PnP PowerShell to Remove Group from List Permissions

Related Posts

Salaudeen Rajack

Leave a Reply Cancel reply