OneDrive for Business: How to Remove Site Collection Administrator?

Requirement: Remove user from OneDrive for Business Administrator.

How to Remove User from OneDrive for Business Site Collection?

If you are a site collection admin to a OneDrive site, You can do the following to remove a user from the site collection admin list.

  • Login to the target OneDrive for business site >> Click on “Settings” gear >> Choose “OneDrive Settings” from the menu.
  • Click on “More Settings” and then click on “Site collection Administrator” under “Manage Access”.
    remove onedrive for business site collection administrators
  • In the site collection Administrators list, You can add/remove users.
    OneDrive for business remove site collection administrator
  • Click on “OK” to save your changes.
Please note, You can not remove “Owner” from site collection. By default, site owners are added to the site collection administrators list!

What if you are not a Site Collection Administrator of the OneDrive already?

If you don’t have site collection admin rights on a OneDrive for business site collection, you can’t perform above steps. So, here is how you can remove a site collection admin using SharePoint admin center.

  • Login to SharePoint Online Admin Center at https://<tenant>-admin.sharepoint.com
  • Click on “More features” and then click on the “Open” button under “User Profiles”
  • In the User Profiles service application, click on the “Manage User Profiles” link under the “People” group
  • Search and find the user which you want to remove site collection administrators. From the search result, click on the menu item “Manage site collection owners” from the context menu.
  • You can remove any additional administrators from the site collection in the “Site Collection Administrators” field. You can also change the primary site collection administrator if you want to remove the owner from OneDrive for Business site. remove site collection admin from onedrive
  • Click on “OK” to save your changes.

PowerShell to remove OneDrive for Business Administrator

To remove a site collection administrator, who is not a owner of the OneDrive site, use this PowerShell script:

#Parameters
$AdminCenterURL = "https://Crescent-Admin.SharePoint.com"
$OneDriveSiteURL = "https://crescent-my.sharepoint.com/personal/salaudeen_crescent_com"
$UserAccount = "[email protected]"

#Connect to SharePoint Online
Connect-SPOService -url $AdminCenterURL -Credential (Get-Credential)

#Get the OneDrive for Business Site
$Site = Get-SPOSite $OneDriveSiteURL

#Remove site collection admin
Set-SPOUser -Site $Site -LoginName $UserAccount -IsSiteCollectionAdmin $False

How about removing a user from all OneDrive sites in the tenant where he is added as a site collection admin?

Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking

#Parameters
$AdminCenterURL = "https://crescent-admin.sharepoint.com"
$AdminAccount = "[email protected]"

Try {
    #Connect to SharePoint Online Admin Center
    Connect-SPOService -Url $AdminCenterURL -Credential (Get-Credential)

    #Get All OneDrive for Business Sites in the Tenant
    $OneDriveSites = Get-SPOSite -Limit ALL -includepersonalsite $True -Filter "Url -like '-my.sharepoint.com/personal/'"
     
    #Loop through each OneDrive Site
    Foreach($Site in $OneDriveSites)
    {
        Write-host "Scanning site:"$Site.Url -f Yellow

        #Get All Site Collection Administrators
        $SiteAdmins = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true}

        #Iterate through each admin
        Foreach($Admin in $SiteAdmins)
        {
            #Check if the Admin Name matches
            If($Admin.LoginName -eq $AdminAccount)
            {
                #Remove Site collection Administrator            
                Set-SPOUser -site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $False | Out-Null
                Write-host "`tRemoved Site Collection Admin from:"$Site.URL -f Green
            }
        }
    }
}
Catch {
    write-host -f Red "Error Removing Site Collection Admin:" $_.Exception.Message
}

To add site collection administrator to OneDrive for Business sites, How to Add Site collection administrator to OneDrive for Business using PowerShell?

Salaudeen Rajack

Information Technology Professional with Two decades of SharePoint Experience.

6 thoughts on “OneDrive for Business: How to Remove Site Collection Administrator?

  • July 20, 2021 at 5:10 PM

    This might help with any users getting errors due to access denied.
    Note this code doesn’t actually remove the user but identifies accounts that have more than the owner as a site collection administrator.

    Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking

    $AdminAccount = “[email protected]
    $AdminCenterURL = “https://company-admin.sharepoint.com/”

    #Connect to SharePoint Online Admin Center
    Connect-SPOService -Url $AdminCenterURL

    #Get All OneDrive for Business Sites in the Tenant
    $OneDriveSites = Get-SPOSite -Limit ALL -includepersonalsite $True -Filter “Url -like ‘-my.sharepoint.com/personal/'”

    #Loop through each OneDrive Site
    Foreach($Site in $OneDriveSites)
    {
    Write-host “Scanning site:”$Site.Url -f Yellow
    try{
    $checkadmin = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true -and $_.LoginName -eq $AdminAccount}
    $setAdmin = $false;

    #Add Temp Site Admin
    if($checkadmin.Count -eq 0){
    #Write-host “Add Temp Admin:”$Site.URL -f Gray
    Set-SPOUser -Site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $True | Out-Null
    $setAdmin = $true
    }
    }catch{
    #Write-Host “Error:” $_.Exception.Message
    if($_.Exception.Message -like “Access is denied*”){
    #Write-host “Add Temp Admin:”$Site.URL -f Gray
    Set-SPOUser -Site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $True | Out-Null
    $setAdmin = $true
    }
    }

    #Get All Site Collection Administrators
    $SiteAdmins = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true -and $_.LoginName -ne $AdminAccount -and $_.LoginName -ne $Site.Owner}

    if($SiteAdmins.Count -gt 0){

    #Iterate through each admin
    Foreach($Admin in $SiteAdmins)
    {
    Write-host “Found other Admin:”$Admin.LoginName -f Blue
    }
    }

    #Remove Temp Site Administrator if added
    if($setAdmin -eq $true){
    #Write-host “Remove Temp Admin:”$Site.URL -f Gray
    Set-SPOUser -site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $False | Out-Null
    }
    }

    Reply
  • July 12, 2021 at 11:15 AM

    I keep getting the same error; Error Removing Site Collection Admin: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)). Are we missing something????

    Reply
  • July 7, 2021 at 8:07 PM

    I got the same error message, any suggestion?

    Reply
  • June 29, 2021 at 6:22 AM

    Im trying to run this but I get Error Error Removing Site Collection Admin: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) This is using the same account that I used to add the permissions

    Reply
  • September 15, 2020 at 3:20 PM

    This was exactly what I was looking for / tested and works a treat. Many thanks for sharing!

    Reply

Leave a Reply