SharePoint Online: PowerShell to Break Permission Inheritance of a Folder

Requirement: Break Permission Inheritance of a Folder in SharePoint Online using PowerShell

How to Break the inheritance of a folder in SharePoint Online?
By default, folders in SharePoint Online inherits permission from its parent object such as document library or list. When you have to provide unique permissions to folders, you have to break folder permissions first. Here is how to break permission inheritance in SharePoint Online:
  • Navigate to your SharePoint Online library where the folder is stored
  • Select the Folder >> Click on "Shared With" under the Manage group in the ribbon (or from the folder's context menu). >> Click on the "Advanced" link in the Shared with popup page.
  • In the permissions page, if the folder is inheriting permissions from its parent, we have to break the permission inheritance by clicking "Stop inheriting Permissions" button. Confirm the prompt once.
    sharepoint online powershell break permission inheritance folder
Now, you can add or remove users to the folder by clicking "Grant Permissions" button from Grant group. Once you stop inheriting permissions - All users and groups are copied from the list or library to the folder's permission. From this point, Any future permission changes made to the parent object no longer affects the folder!

SharePoint Online: PowerShell to Break Permission Inheritance Folder
Let's break folder's permission using PowerShell
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
  
#Variables
$SiteURL = "https://crescent.sharepoint.com/sites/marketing/"
$FolderServerRelativeURL = "/sites/marketing/Shared Documents/2018"
 
Try {
    #Get Credentials to connect
    $Cred= Get-Credential
 
    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
 
    #Get the Folder
    $Folder = $Ctx.Web.GetFolderByServerRelativeUrl($FolderServerRelativeURL)
    $Ctx.Load($Folder)
    $Ctx.ExecuteQuery()
     
    #Break Permission inheritence of the folder - Keep all existing folder permissions & keep Item level permissions
    $Folder.ListItemAllFields.BreakRoleInheritance($True,$True)
    $Ctx.ExecuteQuery()
    Write-host "Folder's Permission Inheritance Broken Successfully!" -ForegroundColor Green  
}
Catch {
    write-host -f Red "Error breaking Folder Permission Inheritance!" $_.Exception.Message
}

Break Inheritance of Folder in SharePoint Online using PnP PowerShell
Wouldn't it be good to check if the folder has unique permissions already, prior to breaking folder's permissions? Well, Let's do that first and then break folder's permission using PnP PowerShell
#Variables
$SiteURL = "https://crescent.sharepoint.com/sites/marketing/"
$FolderServerRelativeURL = "/sites/marketing/Shared Documents/2018"
 
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)  #-UseWebLogin
 
#Get the Folder 
$Folder = Get-PnPFolder -Url $FolderServerRelativeURL -Includes ListItemAllFields.HasUniqueRoleAssignments

If($Folder.ListItemAllFields.HasUniqueRoleAssignments)
{
    Write-host "Folder is already with broken permissions!" -f Yellow
}
Else
{
    #Break Folder permissions - keep all existing permissions & keep Item level permissions
    $Folder.ListItemAllFields.BreakRoleInheritance($True,$True)
    Invoke-PnPQuery

    Write-host "Folder's Permission Inheritance is broken!!" -f Green   
}
To add or remove users to the folder, use:
SharePoint Online: PowerShell to Break Permission Inheritance of a Folder SharePoint Online: PowerShell to Break Permission Inheritance of a Folder Reviewed by Salaudeen Rajack on June 01, 2019 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.