Dec 26 2017 09:12 PM - edited Jan 02 2018 10:36 PM
How can I retrieve site permissions on a site or subsite using PnP PowerShell?
Example: https://$orgName.sharepoint.com/sites/IT/Atlas
Via the UI: Site settings > Site Permissions
With PnP PowerShell, the following didn't work for me:
Connect-PnPOnline -Url "https://$orgName.sharepoint.com/sites/IT/Atlas" -Credentials $userCredential $web = Get-PnPWeb -Includes RoleAssignments
[Edit] The above code actually seems to work, as $web.RoleAssignments.Count returns 5. My issue is that I don't know how to take it from here, to enumerate the 5 members and their roles.
RoleAssignments.Member returns 5 items but I can't figure out how to get the names and roles.
RoleAssignments.Groups only returns the SharePoint groups.
Jan 02 2018 04:18 PM
Jan 03 2018 03:45 AM - edited Jan 03 2018 03:46 AM
Odd. It works directly in CSOM - see below. The issue seems to be with Get-PnPWeb not returning the context. I haven't got the latest version set up on my PC to test but can't see any obvious issue. I also noticed that you can get the count. I'd use CSOM fully for now and raise an issue with details on https://github.com/SharePoint/PnP-PowerShell/issues.
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context = New-Object Microsoft.SharePoint.Client.ClientContext($url)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Credentials = $creds
PS C:\SourceCode\Caburn Hope\MigrationScripts> $web = $context.Web
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Load($web)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.ExecuteQuery()
PS C:\SourceCode\Caburn Hope\MigrationScripts> $groups = $web.SiteGroups
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Load($groups)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.ExecuteQuery()
PS C:\SourceCode\Caburn Hope\MigrationScripts> $groups
Id Title LoginName
-- ----- ---------
3 Excel Services Viewers Excel Services Viewers
7 McGraw Hill Members McGraw Hill Members
5 McGraw Hill Owners McGraw Hill Owners
6 McGraw Hill Visitors McGraw Hill Visitors
PS C:\SourceCode\Caburn Hope\MigrationScripts> $roleDefs = $web.RoleDefinitions
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.Load($roleDefs)
PS C:\SourceCode\Caburn Hope\MigrationScripts> $context.ExecuteQuery()
PS C:\SourceCode\Caburn Hope\MigrationScripts> $roleDefs
Name RoleTypeKind Hidden Order
---- ------------ ------ -----
Full Control Administrator False 1
Design WebDesigner False 32
Edit Editor False 48
Contribute Contributor False 64
Read Reader False 128
Limited Access Guest True 160
View Only None False 2147483647
Jan 03 2018 04:52 AM - edited Jan 03 2018 09:25 PM
Jan 03 2018 04:52 AM - edited Jan 03 2018 09:25 PM
You can try this script
$roles= Get-PnPWeb -Includes RoleAssignments
$ctx=Get-PnPContext foreach ( $role in $roles.RoleAssignments) { $ctx.Load($role.Member) $ctx.ExecuteQuery() $role.Member.LoginName }
Jan 03 2018 09:21 PM
SolutionJan 03 2018 09:27 PM - edited Jan 03 2018 09:38 PM
Jan 03 2018 09:27 PM - edited Jan 03 2018 09:38 PM
Thanks all for the replies.
I am marking René's reply as best response as it uses PnP, but the other CSOM worked as well.
For the record, below the code I came up with just before René posted his reply (I used join because a member might be assigned multiple roles):
$web= Get-PnPWeb -Includes RoleAssignments $ctx= Get-PnPContext foreach ($role in $web.RoleAssignments) { $ctx.Load($role.RoleDefinitionBindings) $ctx.Load($role.Member) $ctx.ExecuteQuery() $role.Member.Title $role.RoleDefinitionBindings.Name -join "; " }
Feb 11 2020 11:09 PM
Hey ,
I am new to it and can you please explain how to i export this to csv file using powershell.
Feb 11 2020 11:45 PM
@satendraprasad , I don't have any working code, but the snippets in this post together with the Select (Select-Object) (-Property to only choose some properties) and Export-Csv cmdlets would work:
Feb 13 2020 03:26 AM
Hi @René Modery ,
Thank You very much .
Feb 13 2020 10:56 PM
Apr 08 2020 08:03 AM
$data= @{
"SiteName" = "Not Defined"
"SiteUrl" = "Not Defined"
"GivenThrough" = "Not Defined"
"Access" = "Not Defined"
"User" = "Not Defined"
"UserEmail" = "Not Defined"
}
$data | export-csv -path "c:\temp\mydata.csv" -NoTypeInformation -Append
Jan 03 2018 09:21 PM
Solution