Forum Discussion

Bhavpreet Bains's avatar
Bhavpreet Bains
Iron Contributor
Oct 09, 2018

onedrive list of admin

Hello,   We have a user who was accidentally added as site collection admin to various OneDrive accounts. Is it possible to pull a list of all site collection admin for all OneDrive accounts?   I...
OneDrive for Business
Joe James's avatar
Joe James
Copper Contributor
Oct 14, 2018

Yup, Totally understand! I didn't want to do that as well. But that was the only way I could get it working. Would be keen to know, if someone else have a different solution.

Alex Carlock's avatar
Alex Carlock
Iron Contributor
Jan 30, 2020

I wish I had a solution, but I don't.  I can just add a "Me Too".  The only thing I can think of is to write a script that does the following:

  1. Check the admins
  2. If I get results, great
  3. If I get no results, grant myself access
  4. Get the list
  5. Remove my access

I'm amazed that Get-SPOSite and Get-SPOUser have this limitation for Global admins and SharePoint admins, and that Microsoft hasn't worked around this by providing an Audit report from the Office 365 or SharePoint Admin sites.

  • adrianhalid's avatar
    adrianhalid
    Copper Contributor
    Dec 28, 2021

    Lisa Gentry 

     

     

    Where ever you see a Write-Host you could just output to a file on your disk.

     

    Try using Add-Content or Out-File.

    https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/add-content?view=powershell-7.2

    https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/out-file?view=powershell-7.2

  • Lisa Gentry's avatar
    Lisa Gentry
    Copper Contributor
    Dec 20, 2021

    divadiow 

    Did you ever figure out a way to send the results to a csv ? 

    Thanks !

  • divadiow's avatar
    divadiow
    Copper Contributor
    Nov 08, 2021

    adrianhalid 

     

    how do we pipe this to a csv?

  • adrianhalid's avatar
    adrianhalid
    Copper Contributor
    Jul 20, 2021

    Alex Carlock 

     

    Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking

$AdminAccount = "administrator@company.com"
$AdminCenterURL = "https://company-admin.sharepoint.com/"


#Connect to SharePoint Online Admin Center
Connect-SPOService -Url $AdminCenterURL
 
#Get All OneDrive for Business Sites in the Tenant
$OneDriveSites = Get-SPOSite -Limit ALL -includepersonalsite $True -Filter "Url -like '-my.sharepoint.com/personal/'"
      
#Loop through each OneDrive Site
Foreach($Site in $OneDriveSites)
{
    Write-host "Scanning site:"$Site.Url -f Yellow
    try{
        $checkadmin = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true -and $_.LoginName -eq $AdminAccount}
        $setAdmin = $false;

        #Add Temp Site Admin
        if($checkadmin.Count -eq 0){
            #Write-host "Add Temp Admin:"$Site.URL -f Gray
            Set-SPOUser -Site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $True | Out-Null            
            $setAdmin = $true
        }
    }catch{
        #Write-Host "Error:" $_.Exception.Message
        if($_.Exception.Message -like "Access is denied*"){
            #Write-host "Add Temp Admin:"$Site.URL -f Gray
            Set-SPOUser -Site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $True | Out-Null            
            $setAdmin = $true
        }
    }
 
    #Get All Site Collection Administrators
    $SiteAdmins = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true -and $_.LoginName -ne $AdminAccount -and $_.LoginName -ne $Site.Owner}

    if($SiteAdmins.Count -gt 0){
 
        #Iterate through each admin
        Foreach($Admin in $SiteAdmins)
        {
            Write-host "Found other Admin:"$Admin.LoginName -f Blue
        }
    }

    #Remove Temp Site Administrator if added
    if($setAdmin -eq $true){        
        #Write-host "Remove Temp Admin:"$Site.URL -f Gray    
        Set-SPOUser -site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $False | Out-Null
    }
}