How to Copy Permissions from One Folder to Another in SharePoint Online using PowerShell?
Requirement: Copy permissions from one folder to another in SharePoint Online.
SharePoint Online Copy Permissions from one folder to Another using PowerShell
Ever wanted to clone permissions from an existing folder to a new folder in SharePoint Online? When working with SharePoint Online, there may be times when you need to copy permissions from one folder to another. It can be a tedious process if you have to do it manually, and there are no easier ways to do this without using 3rd party tools. Well, Not anymore! Here is the PowerShell script to copy permissions from one folder to another in SharePoint Online!
#PowerShell Function to copy permissions between Folders in SharePoint Online
Function Copy-PnPFolderPermissions
{
[cmdletbinding()]
param(
[Parameter(Mandatory=$True)] [string] $WebURL,
[Parameter(Mandatory=$True)] [string] $SourceFolderURL,
[Parameter(Mandatory=$True)] [string] $TargetFolderURL,
[Parameter(Mandatory=$False)] [Bool] $AppendToExisting = $True
)
Try {
#Connect to PnP Online
Connect-PnPOnline -Url $WebURL -Interactive
#Get the Web
$Web = Get-PnPweb
$Ctx = Get-PnPContext
#Get Source and Target Folders
$SourceFolderItem = Get-PnPFolder -Url $SourceFolderURL -Includes ListItemAllFields.HasUniqueRoleAssignments
$SourceFolder = $SourceFolderItem.ListItemAllFields
$TargetFolderItem = Get-PnPFolder -Url $TargetFolderURL -Includes ListItemAllFields.HasUniqueRoleAssignments
$TargetFolder = $TargetFolderItem.ListItemAllFields
#if permissions are Inherited in Target Folder, Break the Inheritance
If(!$TargetFolder.HasUniqueRoleAssignments)
{
If($AppendToExisting -eq $True)
{
#Break Folder permissions - keep all existing permissions & Clear Item level permissions
$TargetFolder.BreakRoleInheritance($True,$False)
}
else
{
$TargetFolder.BreakRoleInheritance($False,$False)
}
}
Else #If the Folder has unique Permissions already
{
If($AppendToExisting -eq $False)
{
$TargetFolder.ResetRoleInheritance()
$TargetFolder.BreakRoleInheritance($False,$False)
}
}
Invoke-PnPQuery
#Get all permissions assigned to the source folder
$SourceRoleAssignments = Get-PnPProperty -ClientObject $SourceFolder -Property RoleAssignments
#Copy Source Folder permissions to Destination Folder
ForEach($RoleAssignment in $SourceRoleAssignments)
{
#Get RoleDefinitions of the Role Assignment
Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member
#Leave the Hidden permissions
If($RoleAssignment.Member.IsHiddenInUI -eq $False)
{
$SourcePermissions = $RoleAssignment.RoleDefinitionBindings | Where {$_.Name -notin("Limited Access")}
$PermissionLevels = ($SourcePermissions | Select -ExpandProperty Name) -join "; "
If($SourcePermissions -ne $null)
{
#Add Source Folder's Permission Level to the Target Folder
$RoleDefBindings = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
ForEach($RoleDefinition in $SourcePermissions)
{
$RoleDefBindings.Add($RoleDefinition)
}
$Permissions = $TargetFolder.RoleAssignments.Add($RoleAssignment.Member,$RoleDefBindings)
$TargetFolder.Update()
Invoke-PnPQuery
Write-host "Copied '$($RoleAssignment.Member.Title)' with Permissions '$PermissionLevels'"
}
}
}
}
Catch {
write-host -f Red "Error Copying Folder Permissions!" $_.Exception.Message
}
}
#Set Parameters
$WebURL = "https://crescent.sharepoint.com/sites/Marketing"
#Server Relative URLs of Source and Target Folders
$SourceFolderURL = "/sites/Marketing/Shared Documents/Old"
$TargetFolderURL = "/sites/Marketing/Shared Documents/New"
#Call the function to copy Folder permissions
Copy-PnPFolderPermissions -WebURL $WebURL -SourceFolderURL $SourceFolderURL -TargetFolderURL $TargetFolderURL
This script appends to existing permissions of the target folder by default. You can pass an optional parameter for -AppendToExisting with “$False” if you want to clear all existing permissions of the target folder and copy permissions from the source folder.
Excellent info and I would share that also you can use Sharegate or Gs Richcopy 360, all have the needed features to copy permissions to Sharepoint online, also can copy folders and files with preserving timestamps, and can copy modified data only.
How could this be tweaked to iterate and include all subfolders? Use case, I am copying a folder structure then I want to apply the permissions from the source folder structure to the newly copied folders. how could this be used to not just copy permissions from the top folder but also include any subfolders? Thank you.
will this copy the data meta information forexample, modified by and modified date information?
This script aims to copy just folder permissions! No metadata will be copied.
do you have a template that copies folder permissions from a structure?