There are situations when users create lists and libraries and set them to use unique permissions. Many times users mistakenly remove the Site Owners group from the list and get access denied. Few times you have large number of list that uses Unique permissions and you want to add a specific group to all those lists. The script below can do that for you. You just need to select the lists and then add a SharePoint Group with right permission Level. In the example below I am using Site Owners Group with Full Control Permissions.
$Creds = Get-Credential $site = Get-SPOSite https://site.sharepoint.com Add-Type -Path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll' Add-Type -Path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll' #Get the Client Context and Bind the Site Collection $ctx = New-Object Microsoft.SharePoint.Client.ClientContext($site.Url) #Authenticate $credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Creds.UserName , $Creds.Password) $ctx.Credentials = $credentials #Fetch the users in Site Collection $Web = $ctx.Web; $ctx.Load($Web) $Lists = $Web.Lists $ctx.Load($Lists) $ctx.ExecuteQuery() $Lists | Select Title, BaseType, ItemCount #$SAPLists = $Lists | ?{$_.Title -Like "*LibraryName*" } | Select Title, BaseType #OR $SAPLists = $Lists | ?{$_.BaseType -eq "DocumentLibrary" } | Select Title,BaseType, ItemCount #OR #$SAPLists = $Lists | ?{$_.Title -Like "SAP Data Quality Review*" } | Select Title | Out-GridView -PassThrough $SAPLists | Select Title, BaseType,ItemCount | Sort ItemCount -Descending foreach($alist in $SAPLists) { Write-Host $alist.Title $OwnersGroupTitle = "Site Owners" $OwnerGroup = $Web.SiteGroups.GetByName($OwnersGroupTitle) $PermissionLevel = "Full Control" $FullControl = $web.RoleDefinitions.GetByName($PermissionLevel) # Create a role assignment and apply the 'Full ' role. $roleAssignment = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($ctx) $roleAssignment.Add($FullControl) $SelectedList = $Web.Lists.GetByTitle($alist.Title) $ctx.Load($SelectedList) $ctx.Load($SelectedList.RoleAssignments.Add($OwnerGroup,$roleAssignment)) $SelectedList.Update() $ctx.ExecuteQuery() }
Like this:
Like Loading...
Related