Powershell script to display unique permissions for all subsites and lists
Requirement
Display security permissions for site collection, subsites, and lists/libraries in each site.
Solution
This can be achieved by a simple powershell script. To use it, you must modify the $site variable to point to your site collection.
Syntax: <script name>.ps1 | out-file c:\permissions.txt
#Add SharePoint PowerShell SnapIn if not already added
if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}
#Define variables
$site = Get-SPSite "http://<site collection>"
#Get all subsites for site collection
$web = $site.AllWebs
#Loop through each subsite and write permissions
foreach ($web in $web)
{
if (($web.permissions -ne $null) -and ($web.hasuniqueroleassignments -eq "True"))
{
Write-Output "****************************************"
Write-Output "Displaying site permissions for: $web"
$web.permissions | fl member, basepermissions
}
elseif ($web.hasuniqueroleassignments -ne "True")
{
Write-Output "****************************************"
Write-Output "Displaying site permissions for: $web"
"$web inherits permissions from $site"
}
#Loop through each list in each subsite and get permissions
foreach ($list in $web.lists)
{
$unique = $list.hasuniqueroleassignments
if (($list.permissions -ne $null) -and ($unique -eq "True"))
{
Write-Output "****************************************"
Write-Output "Displaying Lists permissions for: $web \ $list"
$list.permissions | fl member, basepermissions
}
elseif ($unique -ne "True") {
Write-Output "$web \ $list inherits permissions from $web"
}
}
}
Write-Host "Finished."
$site.dispose()
$web.dispose()
$unique.dispose()
The output you get will look something like this:
****************************************
Displaying site permissions for: Intranet
Member : domain\administrator
BasePermissions : ViewFormPages, Open, BrowseUserInfo, UseClientIntegration, Us
eRemoteAPIs
Intranet \ Brands inherits permissions from Intranet
Intranet \ Content and Structure Reports inherits permissions from Intranet
****************************************
Displaying Lists permissions for: Intranet \ News
Member : domain\domain users
BasePermissions : ViewListItems, OpenItems, ViewVersions, ViewFormPages, Open,
ViewPages, CreateSSCSite, BrowseUserInfo, UseClientIntegratio
n, UseRemoteAPIs, CreateAlerts
Intranet \ Pages inherits permissions from Intranet
Intranet \ PDFs inherits permissions from Intranet
****************************************
Displaying site permissions for: About Company
About Company inherits permissions from SPSite Url=http://my.company/intranet
About Company \ Documents inherits permissions from About Company
Displaying Lists permissions for: About Company\ Images
Member : domain\administrator
BasePermissions : ViewFormPages, Open, BrowseUserInfo, UseClientIntegration, Us
eRemoteAPIs
As you can see, the script only displays the permissions of subsites and lists that are unique.
thanks for the hints!
Code Markup for wordpress will help posted code not bleed outside your posts.
http://thunderguy.com/semicolon/wordpress/code-markup-wordpress-plugin/
Hey, thanks for the tip too 🙂 Fixed!