SharePoint Online: Delete Unique Permissions in a Subsite using PowerShell
Requirement: Delete Unique Permissions of a Subsite in SharePoint Online using PowerShell.
How to Remove Unique Permissions of a SharePoint Online Site?
Removing unique permissions and restoring permission inheritance for a subsite allows its security to be managed at the parent site level instead of managing the security separately from that subsite. To restore permission inheritance for a subsite in SharePoint Online, do the following:
- Login to SharePoint Online, Navigate to the Subsite that you want to remove unique permissions.
- Go to Settings >> Site Settings >> Click on the “Site Permissions” link.
- On the ribbon, click on the Permissions tab, and then, in the Inheritance group, click on Delete Unique Permissions. Confirm the prompt with OK.
This removes unique permissions from the SharePoint Online subsite.
Delete Unique Permissions of a Subsite in SharePoint Online using PowerShell
Here is how to remove unique permissions in SharePoint Online subsite with PowerShell:
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
#Config Parameters
$SiteURL= "https://crescent.sharepoint.com/sites/marketing/2018"
#Get Credentials to connect
$Cred = Get-Credential
Try {
#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
#Get the Web
$Web = $Ctx.Web
$Ctx.Load($Web)
$Ctx.ExecuteQuery()
#Check if the given subsite is using unique permissions
$Web.Retrieve("HasUniqueRoleAssignments")
$Ctx.ExecuteQuery()
#Reset broken inheritance
If($Web.HasUniqueRoleAssignments)
{
#delete unique permissions of a subsite in sharepoint online powershell
$Web.ResetRoleInheritance()
$Web.Update()
$Ctx.ExecuteQuery()
Write-host -f Green "Unique Permissions Removed from the Site!"
}
Else
{
Write-host -f Yellow "Site is Already Inheriting Permissions from the Parent!"
}
}
Catch {
write-host -f Red "Error:" $_.Exception.Message
}
PnP PowerShell to Reset Permissions Inheritance in SharePoint Online Subsite
Let’s see how to reset subsite permissions in SharePoint Online using PnP PowerShell. This procedure will restore permissions of a subsite with the same permission as its parent site.
#Config Variables
$SiteURL = "https://crescent.sharepoint.com/sites/marketing/2018"
#Connect PnP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)
#Get the web
$Web = Get-PnPWeb
#Remove unique permissions
$Web.ResetRoleInheritance()
Invoke-PnPQuery
How about removing unique permissions for all subsites in a site collection?
#Parameters
$SiteURL = "https://crescent.sharepoint.com/sites/Retail"
Try {
#Connect to SharePoint Online site
Connect-PnPOnline -Url $SiteURL -Interactive
#Get all subsites in SharePoint Online site using PnP PowerShell
$WebsCollection = Get-PnPSubWeb -Recurse
#Iterate through each subsite
ForEach($Web in $WebsCollection)
{
#Check if web is using unique permissions
$HasUniquePermissions = $Web.retrieve("HasUniqueRoleAssignments")
Invoke-PnPQuery
If($Web.HasUniqueRoleAssignments)
{
#Remove unique permissions
$Web.ResetRoleInheritance()
Invoke-PnPQuery
Write-Host "Unique Permissions Reset for $($Web.ServerRelativeURL)" -f Green
}
}
}
Catch {
write-host "Error: $($_.Exception.Message)" -foregroundcolor Red
}