Get All SharePoint Online Groups with “Full Control” Permissions using PowerShell
Requirement: Get all groups with “Full Control” permissions in SharePoint Online sites.
Get All Groups with “Full Control” from a Site Collection
Let’s get all groups with full control permissions from a given site collections.
#Set Parameters
$AdminCenterURL="https://crescent-admin.sharepoint.com"
$SiteUrl = "https://crescent.sharepoint.com/sites/oncology"
#Connect to SharePoint Online
Connect-SPOService -Url $AdminCenterURL -credential (Get-Credential)
#Get all Groups from the site
$SiteGroups = Get-SPOSiteGroup -Site $siteURL
#Get Group info that have "Full Control" Permissions
ForEach ($Group in $SiteGroups)
{
If($Group.Roles.Contains("Full Control"))
{
Write-Host -f Yellow $Group.Title
#Get each member of the group
ForEach($User in $Group.Users | Where{$_.contains("@")}) #Exclude system Users
{
write-host -f Green $User
}
}
}
PowerShell to Get All Users with “Full Control” Access Rights from All Sites:
How about retrieving all SharePoint Online groups with full control permissions from all site collections?
#Variables
$AdminCenterURL = "https://crescent-admin.sharepoint.com/"
#Connect to SharePoint Online
Connect-SPOService -url $AdminCenterURL -Credential (Get-Credential)
#Get all Site collections
$Sites = Get-SPOSite -Limit All
#Loop through site collections
ForEach($Site in $Sites)
{
Write-host -f Cyan "Searching site: $($Site.URL)"
#Get all Groups from the site permissions
$SiteGroups = Get-SPOSiteGroup -Site $Site | Where { $_.Roles -ne $NULL -and $_.Users -ne $NULL}
#Get Group info and members that have site owners permissions
ForEach ($Group in $SiteGroups)
{
If($Group.Roles.Contains("Full Control"))
{
Write-Host -f Yellow $Group.Title
#Get each member of the group
ForEach($User in $Group.Users | Where{$_.contains("@")}) #Exclude system Users
{
write-host -f Green $User
}
}
}
}
