To add accounts (group or User) into the SPO SIte collection admin via code, there are 2 possible solutions:
Via PowerShell and SPO Admin
Really simple case ideal for one shot action, you need to know the exact User/group ID of the SPO account:
Set-SPOUser -Site https://tenant.sharepoint.com/sites/MyCollection -IsSiteCollectionAdmin $true –LoginName “c:0-.f|rolemanager|s-1-1-11-11111111-111111-111111-1111”
Via PowerShell and CSOM
This script is more generic and can be added into a provisionning script you will have to use for your own needs:
[string]$username = "AdminAccount@tenant.onmicrosoft.com"
[string]$PwdTXTPath = "D:\ExportedPWD-$($username).txt"
[string]$SPOSiteCollectionURLToSet = https://tenant.sharepoint.com/sites/MyCollection
#c:0-.f|rolemanager|s-1-1-11-11111111-111111-111111-1111 - Company Administrator
[string]$CompanyAdministratorLogin = "c:0-.f|rolemanager|s-1-1-11-11111111-111111-111111-1111"
# c:0-.f|rolemanager|s-1-1-11-11111111-111111-111111-22222- SharePoint Service Administrator
[string]$SharePointServiceAdministratorLogin = "c:0-.f|rolemanager|s-1-1-11-11111111-111111-111111-22222"
function Load-DLLandAssemblies
{
[string]$defaultDLLPath = ""
# Load assemblies to PowerShell session
$defaultDLLPath = "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
[System.Reflection.Assembly]::LoadFile($defaultDLLPath)
$defaultDLLPath = "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
[System.Reflection.Assembly]::LoadFile($defaultDLLPath)
$defaultDLLPath = "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.Online.SharePoint.Client.Tenant.dll"
[System.Reflection.Assembly]::LoadFile($defaultDLLPath)
}
Function Add-Group-In-SiteCollectionAdmin()
{
Param(
[Parameter(Mandatory=$true,Position=1)][Microsoft.SharePoint.Client.ClientContext]$Context,
[Parameter(Mandatory=$true,Position=2)][string]$SPUserOrGroupLogin
)
Write-Host " ---------------------------------------------------------"
$MyspUser = $Context.Web.EnsureUser($SPUserOrGroupLogin);
$MyspUser.IsSiteAdmin = $true;
$MyspUser.Update()
$Context.Load($MyspUser)
#send the request containing all operations to the server
try{
$context.executeQuery()
write-host " >>> info: User or Group Name added in Site Collection admin: [$($MyspUser.Title)]" -foregroundcolor green
}
catch{
write-host "info: $($_.Exception.Message)" -foregroundcolor red
}
Write-Host " ---------------------------------------------------------"
}
function SetGroupAsAdministrator([string]$MyRootWebURL)
{
[bool]$CreateSGSDocLibList = $false
$Myctx = New-Object Microsoft.SharePoint.Client.ClientContext($MyRootWebURL)
$secureStringPwd = ConvertTo-SecureString -string (Get-Content $PwdTXTPath)
$creds = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $secureStringPwd
$Myctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($creds.UserName,$creds.Password)
$Myctx.RequestTimeout = 1000000 # milliseconds
$MyspoRootweb = $Myctx.Web
$Myctx.Load($MyspoRootweb)
$Myctx.ExecuteQuery()
Write-Host " "
Write-Host " ---------------------------------------------------------"
Write-Host " >>>> # Server Version:" $Myctx.ServerVersion " # <<<<<<" -ForegroundColor Green
Write-Host " ---------------------------------------------------------"
Write-Host " "
Add-Group-In-SiteCollectionAdmin -Context $Myctx -SPUserOrGroupLogin $CompanyAdministratorLogin
Add-Group-In-SiteCollectionAdmin -Context $Myctx -SPUserOrGroupLogin $SharePointServiceAdministratorLogin
}
cls
Load-DLLandAssemblies
SetGroupAsAdministrator $SPOSiteCollectionURLToSetFabrice Romelard [MVP]
Original article (in French):
Associated WebPages:
