cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Get Site Permissions with PnP PowerShell

Christophe Humbert
Iron Contributor

‎Dec 26 2017 09:12 PM - edited ‎Jan 02 2018 10:36 PM

‎Dec 26 2017 09:12 PM - edited ‎Jan 02 2018 10:36 PM

Get Site Permissions with PnP PowerShell

How can I retrieve site permissions on a site or subsite using PnP PowerShell?

 

Example: https://$orgName.sharepoint.com/sites/IT/Atlas

 

Via the UI: Site settings > Site Permissions

 

With PnP PowerShell, the following didn't work for me:

 

Connect-PnPOnline -Url "https://$orgName.sharepoint.com/sites/IT/Atlas" -Credentials $userCredential
$web = Get-PnPWeb -Includes RoleAssignments

[Edit] The above code actually seems to work, as $web.RoleAssignments.Count returns 5. My issue is that I don't know how to take it from here, to enumerate the 5 members and their roles.

RoleAssignments.Member returns 5 items but I can't figure out how to get the names and roles.

RoleAssignments.Groups only returns the SharePoint groups.

46K Views
0 Likes
10 Replies
Reply
10 Replies
Kevin McDonnell

‎Jan 02 2018 04:18 PM

‎Jan 02 2018 04:18 PM

Re: Get Site Permissions with PnP PowerShell

There may be a quicker way but something along the lines of adding:

$context = get-pnpcontext
$context.load($web.roleassignments)
$context.executequery()

0 Likes
Reply
Kevin McDonnell

‎Jan 03 2018 03:45 AM - edited ‎Jan 03 2018 03:46 AM

‎Jan 03 2018 03:45 AM - edited ‎Jan 03 2018 03:46 AM

Re: Get Site Permissions with PnP PowerShell

Odd. It works directly in CSOM - see below. The issue seems to be with Get-PnPWeb not returning the context. I haven't got the latest version set up on my PC to test but can't see any obvious issue. I also noticed that you can get the count. I'd use CSOM fully for now and raise an issue with details on https://github.com/SharePoint/PnP-PowerShell/issues.

 

PS C:\SourceCode\Caburn Hope\MigrationScripts> $context = New-Object Microsoft.SharePoint.Client.ClientContext($url)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Credentials = $creds
PS C:\SourceCode\Caburn Hope\MigrationScripts> $web = $context.Web
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Load($web)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.ExecuteQuery()
PS C:\SourceCode\Caburn Hope\MigrationScripts> $groups = $web.SiteGroups
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Load($groups)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.ExecuteQuery()
PS C:\SourceCode\Caburn Hope\MigrationScripts> $groups

Id Title LoginName
-- ----- ---------
3 Excel Services Viewers Excel Services Viewers
7 McGraw Hill Members McGraw Hill Members
5 McGraw Hill Owners McGraw Hill Owners
6 McGraw Hill Visitors McGraw Hill Visitors


PS C:\SourceCode\Caburn Hope\MigrationScripts> $roleDefs = $web.RoleDefinitions
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Load($roleDefs)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.ExecuteQuery()
PS C:\SourceCode\Caburn Hope\MigrationScripts> $roleDefs

Name RoleTypeKind Hidden Order
---- ------------ ------ -----
Full Control Administrator False 1
Design WebDesigner False 32
Edit Editor False 48
Contribute Contributor False 64
Read Reader False 128
Limited Access Guest True 160
View Only None False 2147483647

2 Likes
Reply
Manidurai Mohanamariappan

‎Jan 03 2018 04:52 AM - edited ‎Jan 03 2018 09:25 PM

‎Jan 03 2018 04:52 AM - edited ‎Jan 03 2018 09:25 PM

Re: Get Site Permissions with PnP PowerShell

You can try this script

$roles= Get-PnPWeb -Includes RoleAssignments
$ctx=Get-PnPContext
foreach ( $role in $roles.RoleAssignments)
{
$ctx.Load($role.Member)
$ctx.ExecuteQuery()
$role.Member.LoginName
}
1 Like
Reply
best response confirmed by Christophe Humbert (Iron Contributor)
René Modery

‎Jan 03 2018 09:21 PM

‎Jan 03 2018 09:21 PM

Solution

Re: Get Site Permissions with PnP PowerShell

The following worked for me:

$cred = get-credential
Connect-PnPOnline -Url "https://$orgname.sharepoint.com" -Credentials $cred
$web = Get-PnPWeb -Includes RoleAssignments
foreach($ra in $web.RoleAssignments) {
$member = $ra.Member
$loginName = get-pnpproperty -ClientObject $member -Property LoginName
$rolebindings = get-pnpproperty -ClientObject $ra -Property RoleDefinitionBindings
write-host "$($loginName) - $($rolebindings.Name)"
write-host
}
0 Likes
Reply
Christophe Humbert

‎Jan 03 2018 09:27 PM - edited ‎Jan 03 2018 09:38 PM

‎Jan 03 2018 09:27 PM - edited ‎Jan 03 2018 09:38 PM

Re: Get Site Permissions with PnP PowerShell

Thanks all for the replies.

 

I am marking René's reply as best response as it uses PnP, but the other CSOM worked as well.

For the record, below the code I came up with just before René posted his reply (I used join because a member might be assigned multiple roles):

 

$web= Get-PnPWeb -Includes RoleAssignments
$ctx= Get-PnPContext
foreach ($role in $web.RoleAssignments) {
$ctx.Load($role.RoleDefinitionBindings)
$ctx.Load($role.Member)
$ctx.ExecuteQuery()
$role.Member.Title
$role.RoleDefinitionBindings.Name -join "; "
}

 

3 Likes
Reply
satendraprasad

‎Feb 11 2020 11:09 PM

‎Feb 11 2020 11:09 PM

Re: Get Site Permissions with PnP PowerShell

Hey ,

I am new to it and can you please explain how to i export this to csv file using powershell.

0 Likes
Reply
René Modery

‎Feb 11 2020 11:45 PM

‎Feb 11 2020 11:45 PM

Re: Get Site Permissions with PnP PowerShell

@satendraprasad , I don't have any working code, but the snippets in this post together with the Select (Select-Object) (-Property to only choose some properties) and Export-Csv cmdlets would work:

 

https://docs.microsoft.com/en-us/powershell/scripting/samples/selecting-parts-of-objects--select-obj...

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/export-csv?view=powe...

 

0 Likes
Reply
satendraprasad

‎Feb 13 2020 03:26 AM

‎Feb 13 2020 03:26 AM

Re: Get Site Permissions with PnP PowerShell

Hi @René Modery ,

            Thank You very much .

0 Likes
Reply
satendraprasad

‎Feb 13 2020 10:56 PM

‎Feb 13 2020 10:56 PM

Re: Get Site Permissions with PnP PowerShell

@René Modery 

 

how to put it in csv file

0 Likes
Reply
Ken070767

‎Apr 08 2020 08:03 AM

‎Apr 08 2020 08:03 AM

Re: Get Site Permissions with PnP PowerShell

@satendraprasad 

 

$data= @{
"SiteName" = "Not Defined"
"SiteUrl" = "Not Defined"
"GivenThrough" = "Not Defined"
"Access" = "Not Defined"
"User" = "Not Defined"
"UserEmail" = "Not Defined"
}

 

$data | export-csv -path "c:\temp\mydata.csv" -NoTypeInformation -Append

 

 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Christophe Humbert (Iron Contributor)
René Modery

‎Jan 03 2018 09:21 PM

‎Jan 03 2018 09:21 PM

Solution

Re: Get Site Permissions with PnP PowerShell

The following worked for me:

$cred = get-credential
Connect-PnPOnline -Url "https://$orgname.sharepoint.com" -Credentials $cred
$web = Get-PnPWeb -Includes RoleAssignments
foreach($ra in $web.RoleAssignments) {
$member = $ra.Member
$loginName = get-pnpproperty -ClientObject $member -Property LoginName
$rolebindings = get-pnpproperty -ClientObject $ra -Property RoleDefinitionBindings
write-host "$($loginName) - $($rolebindings.Name)"
write-host
}

View solution in original post

0 Likes
Reply