Home > > Get All SharePoint Online Groups with "Full Control" Permissions using PowerShell

Get All SharePoint Online Groups with "Full Control" Permissions using PowerShell

, , ,
Requirement: Get all groups with "Full Control" permissions in SharePoint Online sites.

Get All Groups with "Full Control" from a Site Collection
Let's get all groups with full control permissions from a given site collections. 
#Set Parameters
$AdminCenterURL="https://crescent-admin.sharepoint.com"
$SiteUrl = "https://crescent.sharepoint.com/sites/oncology"

#Connect to SharePoint Online
Connect-SPOService -Url $AdminCenterURL -credential (Get-Credential)

 #Get all Groups from the site
$SiteGroups = Get-SPOSiteGroup -Site $siteURL

#Get Group info that have "Full Control" Permissions
ForEach ($Group in $SiteGroups)
{
    If($Group.Roles.Contains("Full Control"))
    {
        Write-Host -f Yellow $Group.Title
        #Get each member of the group
        ForEach($User in $Group.Users | Where{$_.contains("@")}) #Exclude system Users
        {
            write-host -f Green $User
        }
    }
}

PowerShell to Get All Users with "Full Control" Access Rights from All Sites:
How about retrieving all SharePoint Online groups with full control permissions from all site collections? 
#Variables
$AdminCenterURL = "https://crescent-admin.sharepoint.com/"
 
#Connect to SharePoint Online
Connect-SPOService -url $AdminCenterURL -Credential (Get-Credential)
 
#Get all Site collections
$Sites = Get-SPOSite -Limit All

#Loop through site collections
ForEach($Site in $Sites)
{
    Write-host -f Cyan "Searching site: $($Site.URL)"
    #Get all Groups from the site permissions
    $SiteGroups = Get-SPOSiteGroup -Site $Site | Where { $_.Roles -ne $NULL -and $_.Users -ne $NULL}

    #Get Group info and members that have site owners permissions
    ForEach ($Group in $SiteGroups)
    {
        If($Group.Roles.Contains("Full Control"))
        {
            Write-Host -f Yellow $Group.Title
            #Get each member of the group
            ForEach($User in $Group.Users | Where{$_.contains("@")}) #Exclude system Users
            {
                write-host -f Green $User
            }
        }
    }
}

Post updated on: 2019-10-10T14:32:52Z

Related Posts:

No comments:

Please Login and comment to get your questions answered!

Subscribe to: Post Comments ( Atom )
Powered by Blogger.