SOLVED

Chicken - egg: How to add a Site Collection admin via PowerShell if you are SPO Admin/Global Admin

%3CLINGO-SUB%20id%3D%22lingo-sub-2046271%22%20slang%3D%22en-US%22%3EChicken%20-%20egg%3A%20How%20to%20add%20a%20Site%20Collection%20admin%20via%20PowerShell%20if%20you%20are%20SPO%20Admin%2FGlobal%20Admin%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2046271%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20everyone%2C%3C%2FP%3E%3CP%3Emaybe%20i%20am%20doing%20something%20wrong%20but%20after%20trying%20various%20commands%20-%20i%20just%20don't%20get%20it.%3C%2FP%3E%3CP%3EAs%20a%20former%20SP2013%20Admin%20i%20want%20to%20execute%20a%20PowerShell%20that%20adds%20certain%20users%20or%20groups%20to%20SharePoint%20Groups.%3C%2FP%3E%3CP%3EScript%20is%20written%20but%20i%20come%20across%20a%20problem%20that%20i%20had%20earlier%20and%20i%20decided%20to%20fix%20it%20this%20time%20%3B)%3C%2Fimg%3E%3C%2FP%3E%3CP%3EIn%20the%20old%20world%20i%20took%20the%20farm%20admin%20and%20shoot....%20done.%3C%2FP%3E%3CP%3ENew%20world%20(i%20am%20global%20admin)%20i%20do%20not%20have%20the%20permission%20to%20add%20a%20user%20to%20a%20group%20because%20i%20am%20no%20site%20colladmin%20or%20owner.%3C%2FP%3E%3CP%3ESo%20do%20i%20need%20to%20add%20myself%20to%20the%20sitecollection%20via%20set-sposite%20and%20then%20perform%20the%20steps%3F%20And%20if%20yes.%20Is%20there%20a%20PNP%20equivalent%3F%20(tried%20but%20gave%20me%20401)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWho%20should%20be%20the%20Site%20Coll%20Admin%20for%20most%20of%20the%20sites%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBest%20regards%3C%2FP%3E%3CP%3EStephan%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2046271%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EPermissions%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%20Online%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Frequent Contributor

Hi everyone,

maybe i am doing something wrong but after trying various commands - i just don't get it.

As a former SP2013 Admin i want to execute a PowerShell that adds certain users or groups to SharePoint Groups.

Script is written but i come across a problem that i had earlier and i decided to fix it this time ;)

In the old world i took the farm admin and shoot.... done.

New world (i am global admin) i do not have the permission to add a user to a group because i am no site colladmin or owner.

So do i need to add myself to the sitecollection via set-sposite and then perform the steps? And if yes. Is there a PNP equivalent? (tried but gave me 401)

 

Who should be the Site Coll Admin for most of the sites?

 

Best regards

Stephan

1 Reply
best response confirmed by StephanGee (Frequent Contributor)
Solution
I ended up adding a group to all site collections as admin.
Script i wrote:
ry {

# Connect to SPO
Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking
connect-SPOService -Url https://tenant365-admin.sharepoint.com


#defs
$sites = @()
$Ownergroup = "ACL_ABBR-SPO_ITAdmins"

function BulkADGrouptoSPOGroup {

#$sites = Import-Csv -Path "$PSScriptRoot\ADD_Bulk_Permissions.csv" -Delimiter ";" -Encoding "UTF8"
$sites = Get-SPOSite -Limit All | Where-Object Url -like "*ABBR-INTRANET*"
$sites += Get-SPOSite -Limit All | Where-Object Url -like "*ABBR2-INTRANET*"
Write-Host "Starting adding AD Group to SPO Admins..." -ForegroundColor yellow

foreach ($site in $sites) {
Write-Host "Add $ownergroup to $site.url with role Admin" -ForegroundColor Yellow
Set-SPOSite -Identity $site.url -Owner $ownergroup
Start-Sleep -Seconds 2
}


}
}

catch {

}