1

I am trying to write Powershell script which will export permission of site with group, group permission, group members name. Apart from site I also want its custom lists, document library details also like groups, groups permissions, group members name of that list.

Example: If there is a site siteA and it have two lists List1 and List2

So I want to export, siteA group, group permission, group members name.
List1 group, group permission, group members name.
List2 group, group permission, group members name.

I am able to get siteA details but I am not able to get details of List1 and list2 details.

Below is the code which I tried:

#Add SharePoint PowerShell SnapIn if not already added
if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}

#Get all subsites for site collection
#$web = $site.AllWebs
$StartWeb = "http://sitename/subsiteName"
$web = ((Get-SPWeb $StartWeb).Site).allwebs | ?{$_.url -like "$StartWeb*"}

Write-Output $web | Format-Table -AutoSize | Out-String -Width 2000

#Loop through each subsite and write permissions
$exportCSV="WebURL;SubSite;ListName;User/Group; Permissions"
foreach ($web in $web){
     $webURL = $web.Url
     $exportCSV += "`n`n"
if (($web.permissions -ne $null) -and ($web.hasuniqueroleassignments -eq "True")){
    $exportCSV += "***************************************************************;`n"
    $exportCSV += "Displaying site permissionssss for: $web;`n"
    $exportCSV += $webURL+";`n"
    foreach($output in $web.RoleAssignments.Member){
         $exportCSV += $webURL +";"+ $web +" ; ; " + $output.Name +";"+$output.Roles.Name+";`n"
    }
}
elseif ($web.hasuniqueroleassignments -ne "True"){
    $exportCSV += "***************************************************************;`n"
    $exportCSV += "Displaying site permissions for: $web ;`n"
    $exportCSV += $webURL +";"+ $web +" ; ; Inherits;`n`n"
}

#Loop through each list in each subsite and get permissions
        $exportCSV += "**********************;`n"
        $exportCSV += "Displaying Lists permissions for: $web;`n"

foreach ($list in $web.lists){
    $unique = $list.hasuniqueroleassignments
    if (($list.permissions -ne $null) -and ($unique -eq "True")){
        foreach($listOP in $list.RoleAssignments.Member){
             $exportCSV += $webURL +";"+ $web +" ;"+ $list +"; " + $listOP.Name +";"+$listOP.Roles.Name +";`n"
        }
    }
    elseif ($unique -ne "True") {
        $exportCSV += $webURL +";"+ $web +";"+ $list +"; ; Inherits;`n"
    }
}
}
Write-Host $exportCSV
Write-Host "Finished."
$exportCSV | out-file 'C:\Documents\DEV\testDev2.csv'
$site.dispose()
$web.dispose()
$unique.dispose()

And Below is the screenshot of the output:

enter image description here

I hope this image make sense. As you can see

temp1 is a list inside a site and if it inherits permission, it says inherits.
temp2 has its own permissions. I am able to show users and group names with there permission roles. But I want to see users inside the group.

Improve this question
1
  • Can you share one example of your code what you have tried? Commented Dec 1, 2017 at 11:35

1 Answer 1

Reset to default
1

Hopefully I understood your question. I think the piece you're missing is looping through users if the SPPrincipal is a SPGroup. On your for loop that iterates through SPList.RoleAssignments.Members, you can use something like this:

foreach($listOP in $list.RoleAssignments.Member){
    $exportCSV += $webURL +";"+ $web +" ;"+ $list +"; " + $listOP.Name +";"+$listOP.Roles.Name +";`n"

    if ($listOP.GetType() -eq [Microsoft.SharePoint.SPGroup])
    {
        foreach ($groupUser in $listOP.Users)
        {
            $exportCSV += $webURL +";"+ $web +" ;"+ $list +"; " + $groupUser.Name +";"+$groupUser.Roles.Name +";`n"
        }
    }
}

Also, since (I believe) groups can contain groups, you may want to break this logic out into a separate method and use recursion to get users of nested groups.

Improve this answer
1
  • 1
    Thank you, This is exactly what I was looking for Nice point of creating separate method for nested groups. Commented Dec 1, 2017 at 16:46

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.