SharePoint Diary » Permission » PowerShell to Update Permissions for Custom Permission Level in SharePoint

PowerShell to Update Permissions for Custom Permission Level in SharePoint

June 16, 2018January 24, 2021 Salaudeen Rajack 0 Comments powershell sharepoint update permission level

Requirement: Update permission level in SharePoint using PowerShell

How to Edit a Permission level in SharePoint?

To edit an existing permission level in SharePoint, follow these steps:

Permission levels are scoped at site collection. So, Navigate to the SharePoint site collection where you want the permission level to be edited.
Click on Settings gear >> Select Site Settings from the Settings menu.
On the Site Settings page, click on the “Site Permissions” link under the Users and Permissions section.
On the Permissions page, click on the “Permission Levels” button from the Permissions tab of the ribbon.
On the Permission Levels page, click on the permission level you want to edit.
Uncheck the tick boxes next to the permission to remove it from the permission level. E.g. I’ve removed “Delete Items” from the permission level. Similarly, you can add any permission to include it.
Scroll down and click on “Submit” button to save your changes.

This updates the permission level in SharePoint. Now, lets see how to change permission level in SharePoint using PowerShell.

PowerShell to Update a Permission Level in SharePoint

To change permissions of a permission level using PowerShell, use:

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#Parameters
$SiteURL = "http://sharepoint.crescent.com/sites/operations"
$PermissionLevelName = "Contribute without Delete"

#Get the Site collection's Root web
$web = Get-SPWeb $SiteURL

#Get the Permission Level
$RoleDefinition = $Web.RoleDefinitions[$PermissionLevelName]

If($RoleDefinition)
{
    #Set the Base Permissions
    $Permissions="ViewListItems, AddListItems, EditListItems, OpenItems, ViewVersions, ManagePersonalViews, ViewFormPages, Open, ViewPages, CreateSSCSite, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, UpdatePersonalWebParts, UseClientIntegration, UseRemoteAPIs, CreateAlerts, EditMyUserInfo"

    #Update the Permissions for Permission Level
    $RoleDefinition.BasePermissions = $Permissions
    $RoleDefinition.Update()
    Write-host "Permisssion Level Updated Successfully!" -f Green
}
Else
{
    Write-host "Couldn't find Permissions Level $PermissionLevelName!" -f Yellow
}

To get all available base permissions, refer: https://docs.microsoft.com/en-us/dotnet/api/microsoft.sharepoint.spbasepermissions?view=sharepoint-server

Warning: Do not change the Out of the box permission levels such as “Full control” or “Contribute”! Always copy the existing permission level and add/remove permissions to it!

Salaudeen Rajack

Information Technology Professional with Two decades of SharePoint Experience.

SharePoint Diary

PowerShell to Update Permissions for Custom Permission Level in SharePoint

How to Edit a Permission level in SharePoint?

PowerShell to Update a Permission Level in SharePoint

Related Posts

Salaudeen Rajack

Leave a Reply Cancel reply

How to Enable-Disable Comments in SharePoint Online List?

How to Disable the App Bar in SharePoint Online?

How to Remove a Redirect Site in SharePoint Online?

How to disable “Return to Classic SharePoint” in SharePoint Online?

How to Remove “Add shortcut to OneDrive” in SharePoint Online?

How to Add Yammer Feed to SharePoint Online Sites?

SharePoint Online: How to Turn Off “You may also be interested in” Feature?

SharePoint Online: How to Hide Folders in Document Library and Show All Files?

Fix “We can’t sign you into your company portal because something on the server isn’t configured correctly.” Error

SharePoint Online: How to See Who has viewed a File?