Forum Discussion

Bhavpreet Bains's avatar
Bhavpreet Bains
Iron Contributor
Oct 09, 2018

onedrive list of admin

Hello,   We have a user who was accidentally added as site collection admin to various OneDrive accounts. Is it possible to pull a list of all site collection admin for all OneDrive accounts?   I...
OneDrive for Business
Alex Carlock's avatar
Alex Carlock
Iron Contributor
Jan 30, 2020

I wish I had a solution, but I don't.  I can just add a "Me Too".  The only thing I can think of is to write a script that does the following:

  1. Check the admins
  2. If I get results, great
  3. If I get no results, grant myself access
  4. Get the list
  5. Remove my access

I'm amazed that Get-SPOSite and Get-SPOUser have this limitation for Global admins and SharePoint admins, and that Microsoft hasn't worked around this by providing an Audit report from the Office 365 or SharePoint Admin sites.

adrianhalid's avatar
adrianhalid
Copper Contributor
Jul 20, 2021

Alex Carlock 

 

Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking

$AdminAccount = "administrator@company.com"
$AdminCenterURL = "https://company-admin.sharepoint.com/"


#Connect to SharePoint Online Admin Center
Connect-SPOService -Url $AdminCenterURL
 
#Get All OneDrive for Business Sites in the Tenant
$OneDriveSites = Get-SPOSite -Limit ALL -includepersonalsite $True -Filter "Url -like '-my.sharepoint.com/personal/'"
      
#Loop through each OneDrive Site
Foreach($Site in $OneDriveSites)
{
    Write-host "Scanning site:"$Site.Url -f Yellow
    try{
        $checkadmin = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true -and $_.LoginName -eq $AdminAccount}
        $setAdmin = $false;

        #Add Temp Site Admin
        if($checkadmin.Count -eq 0){
            #Write-host "Add Temp Admin:"$Site.URL -f Gray
            Set-SPOUser -Site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $True | Out-Null            
            $setAdmin = $true
        }
    }catch{
        #Write-Host "Error:" $_.Exception.Message
        if($_.Exception.Message -like "Access is denied*"){
            #Write-host "Add Temp Admin:"$Site.URL -f Gray
            Set-SPOUser -Site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $True | Out-Null            
            $setAdmin = $true
        }
    }
 
    #Get All Site Collection Administrators
    $SiteAdmins = Get-SPOUser -Site $Site.Url | Where {$_.IsSiteAdmin -eq $true -and $_.LoginName -ne $AdminAccount -and $_.LoginName -ne $Site.Owner}

    if($SiteAdmins.Count -gt 0){
 
        #Iterate through each admin
        Foreach($Admin in $SiteAdmins)
        {
            Write-host "Found other Admin:"$Admin.LoginName -f Blue
        }
    }

    #Remove Temp Site Administrator if added
    if($setAdmin -eq $true){        
        #Write-host "Remove Temp Admin:"$Site.URL -f Gray    
        Set-SPOUser -site $Site -LoginName $AdminAccount -IsSiteCollectionAdmin $False | Out-Null
    }
}

 

  • adrianhalid's avatar
    adrianhalid
    Copper Contributor
    Dec 28, 2021

    Lisa Gentry 

     

     

    Where ever you see a Write-Host you could just output to a file on your disk.

     

    Try using Add-Content or Out-File.

    https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/add-content?view=powershell-7.2

    https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/out-file?view=powershell-7.2

  • Lisa Gentry's avatar
    Lisa Gentry
    Copper Contributor
    Dec 20, 2021

    divadiow 

    Did you ever figure out a way to send the results to a csv ? 

    Thanks !

  • divadiow's avatar
    divadiow
    Copper Contributor
    Nov 08, 2021

    adrianhalid 

     

    how do we pipe this to a csv?