Adding SharePoint Group to List Permissions

There are situations when users create lists and libraries and set them to use unique permissions.  Many times users mistakenly remove the Site Owners group from the list and get access denied.  Few times you have large number of list that uses Unique permissions and you want to add a specific group to all those lists.  The script below can do that for you.  You just need to select the lists and then add a SharePoint Group with right permission Level.  In the example below I am using Site Owners Group with Full Control Permissions. 

Adding SharePoint Group to List Permissions

$Creds = Get-Credential    $site = Get-SPOSite    Add-Type -Path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll'   Add-Type -Path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll'     #Get the Client Context and Bind the Site Collection  $ctx = New-Object Microsoft.SharePoint.Client.ClientContext($site.Url)    #Authenticate  $credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Creds.UserName , $Creds.Password)  $ctx.Credentials = $credentials    #Fetch the users in Site Collection    $Web = $ctx.Web;  $ctx.Load($Web)  $Lists = $Web.Lists  $ctx.Load($Lists)  $ctx.ExecuteQuery()    $Lists | Select Title, BaseType, ItemCount  #$SAPLists = $Lists | ?{$_.Title -Like "*LibraryName*" } | Select Title, BaseType   #OR  $SAPLists = $Lists | ?{$_.BaseType -eq "DocumentLibrary" } | Select Title,BaseType, ItemCount  #OR  #$SAPLists = $Lists | ?{$_.Title -Like "SAP Data Quality Review*" } | Select Title | Out-GridView -PassThrough  $SAPLists | Select Title, BaseType,ItemCount | Sort ItemCount -Descending    foreach($alist in $SAPLists)  {      Write-Host $alist.Title    $OwnersGroupTitle = "Site Owners"    $OwnerGroup = $Web.SiteGroups.GetByName($OwnersGroupTitle)        $PermissionLevel = "Full Control"    $FullControl = $web.RoleDefinitions.GetByName($PermissionLevel)    # Create a role assignment and apply the 'Full ' role.    $roleAssignment = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($ctx)    $roleAssignment.Add($FullControl)         $SelectedList = $Web.Lists.GetByTitle($alist.Title)    $ctx.Load($SelectedList)    $ctx.Load($SelectedList.RoleAssignments.Add($OwnerGroup,$roleAssignment))    $SelectedList.Update()    $ctx.ExecuteQuery()  }

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s