Inventory Permissions with Powershell
Here is a script that will inventory all users and permissions by site collection in a sharepoint farm to a csv file and/or a SharePoint list.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#update these variables as needed
$scriptname = "siteusers"
$FilePath = "d:\dashboard\eer-siteusers.csv"
$docliburl= "http://eer/spd/IT/systems/ws/dashboard/Lists/siteusers";
function eer-$scriptname() {
[void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")
$farm = [Microsoft.SharePoint.Administration.SPFarm]::Local
foreach ($spService in $farm.Services) {
if (!($spService -is [Microsoft.SharePoint.Administration.SPWebService])) {
continue;
}
foreach ($webApp in $spService.WebApplications) {
if ($webApp -is [Microsoft.SharePoint.Administration.SPAdministrationWebApplication]) { continue }
foreach ($site in $webApp.Sites) {
foreach ($web in $site.AllWebs) {
if (($web.permissions -ne $null) -and ($web.hasuniqueroleassignments -eq "True")) {
foreach ($group in $web.Groups) {
foreach ($user in $group.users) {
$data = @{
"loginname" = $user.loginname
"WebUrl" = $web.url
"GroupPermission" = $group.permission
"UserGroup" = $group
"SiteOwner" = $web.description
"SiteName" = $web.title
}
New-Object PSObject -Property $data
}}
}
}
}
}
$web.Dispose()
}
$site.Dispose()
}
#eer-$scriptname | Out-GridView
eer-$scriptname | Export-Csv -Path $FilePath -NoTypeInformation
$site=new-object Microsoft.SharePoint.SPSite($docliburl);
$web=$site.openweb();
$list=$web.GetList($docliburl);
###delete old items
$collListItems = $List.Items;
$count = $collListItems.Count - 1
for($intIndex = $count; $intIndex -gt -1; $intIndex--)
{
$collListItems.Delete($intIndex);
}
###
$csv_file = Import-Csv $FilePath;
foreach ($line in $csv_file)
{
Write-Output $line.Title;
$item = $list.Items.Add();
$item["Site"] = $line.WebURL;
$item["Member"] = $line.LoginName;
$item["Perms"] = $line.GroupPermission;
$item["Group"] = $line.UserGroup;
$item["Site Owner"] = $line.SiteOwner;
$item["Title"] = $line.SiteName;
$item.Update();
}
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#update these variables as needed
$scriptname = "siteusers"
$FilePath = "d:\dashboard\eer-siteusers.csv"
$docliburl= "http://eer/spd/IT/systems/ws/dashboard/Lists/siteusers";
function eer-$scriptname() {
[void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")
$farm = [Microsoft.SharePoint.Administration.SPFarm]::Local
foreach ($spService in $farm.Services) {
if (!($spService -is [Microsoft.SharePoint.Administration.SPWebService])) {
continue;
}
foreach ($webApp in $spService.WebApplications) {
if ($webApp -is [Microsoft.SharePoint.Administration.SPAdministrationWebApplication]) { continue }
foreach ($site in $webApp.Sites) {
foreach ($web in $site.AllWebs) {
if (($web.permissions -ne $null) -and ($web.hasuniqueroleassignments -eq "True")) {
foreach ($user in $web.users) {
$data = @{
"loginname" = $user.loginname
"WebUrl" = $web.url
"GroupPermission" = $user.permission
"SiteOwner" = $web.description
"SiteName" = $web.title
}
New-Object PSObject -Property $data
}
}
}
}
}
$web.Dispose()
}
$site.Dispose()
}
#eer-$scriptname | Out-GridView
eer-$scriptname | Export-Csv -Path $FilePath -NoTypeInformation
$site=new-object Microsoft.SharePoint.SPSite($docliburl);
$web=$site.openweb();
$list=$web.GetList($docliburl);
$csv_file = Import-Csv $FilePath;
foreach ($line in $csv_file)
{
Write-Output $line.Title;
$item = $list.Items.Add();
$item["Site"] = $line.WebURL;
$item["Member"] = $line.LoginName;
$item["Perms"] = $line.GroupPermission;
$item["Site Owner"] = $line.SiteOwner;
$item["Title"] = $line.SiteName;
$item.Update();
}
