Resources For IT Professionals
Post an article
Wikis - Page Details
  • First published by (eMicrosoft Partne)
  • When: 1 Dec 2011 10:34 AM
  • Last revision by (eMicrosoft Partne)
  • When: 22 Aug 2013 3:10 PM
  • Revisions: 12
  • Comments: 10
Options
RSSSubscribe to Article (RSS)
Can You Improve This Article?
Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.
Wiki  >  TechNet Articles  >  SharePoint 2010: Get Site Users with Full Control/Owners Permissions with Powershell Script

SharePoint 2010: Get Site Users with Full Control/Owners Permissions with Powershell Script

SharePoint 2010: Get Site Users with Full Control/Owners Permissions with Powershell Script

The following PowerShell script can be used to get users with Full Control permissions in sites.

<# The below PowerShell script enumerates through all sites with unique permissions and fetches users with Full Control Permission granted directly to the site
 
or through group membership.
 
#>
 
#Load SharePoint PowerShell Snapin
 
if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
 
    Add-PSSnapin "Microsoft.SharePoint.PowerShell"
 
}
 
#Collection of user permission objects
 
$SiteOwners =@();
 
#Define all the properties for the user permission object
 
$Properties = @{Title='';SiteID='';WebID='';WebSiteUrl='';AccessRequestEmail='';Scope='';Login='';UserID='';User='';Email='';LastItemModified='';};
 
#Site Url
 
$WebUrl ="";
 
#Web Application URL
 
$WebApplicationURL = "<WebAppUrl>";
 
#Enumerate through all Site Collections and Sites
 
Get-SPWebApplication -Identity $WebApplicationURL | Get-SPSite -limit all |%{
 
$siteID=$_.ID;
 
#Enumerate through all sites within the site collection
 
Get-SPWeb -limit all -Site $_|%{
 
$web = $_;
 
#Check if the site has unique permissions
 
if(($web.HasUniqueRoleAssignments -eq "True" -or $web.IsRootWeb -eq "True")){
 
$WebUrl = $web.Url;
 
#Full Control Role Definition
 
$FullControl = $web.RoleDefinitions["Full Control"];
 
#Collection of Groups with Full Control permissions
 
$OwnerGroups=@();
 
#Get all Owner groups with Full Control permission
 
$web.Groups|?{$_.Name -match "Owners"}|%{
 
$IsGroupFullControl = $_.Roles|?{$_.Name -eq $FullControl.Name;}
 
$OwnerGroups += $_;
 
}
 
try{
 
<#
 
SPWeb.Users:
 
This represents the collection of users or user objects who have been explicitly assigned permissions in the Web site . This does not return users who have access through a group.
 
SPWeb.AllUsers:
 
This gives us the collection of user objects who are either members of the site collection or who have atleast navigated to the site as authenticated members of a domain group in the site.
 
#>
 
#Enumerate through all Users in the Web
 
$web.AllUsers|?{$_.LoginName -ne "SHAREPOINT\System" -and $_.Email.Length -gt 0}|%{
 
#Check User Effective Permissions
 
if($web.DoesUserHavePermissions($_.LoginName,[Microsoft.SharePoint.SPBasePermissions]::FullMask)){
 
$user=$_;
 
#Full Control Permission could have been granted directly or through group membership. Scope will represent these details.
 
$Scopes=@();
 
try{
 
$UserRoleAssignments = $web.RoleAssignments.GetAssignmentByPrincipal($user);
 
}
 
catch{}
 
#Check if user has Full Control Permissions
 
if($UserRoleAssignments.RoleDefinitionBindings.Contains($FullControl)){
 
  
 
$Scopes += "Site";
 
  
 
#Check for group membership of user in Owners group i.e. groups with Full Control permission
 
$user.Groups|%{
 
$Group=$_;
 
$IsOwnerGroup = $OwnerGroups|?{$_.Name -eq $Group.Name};
 
if($IsOwnerGroup){
 
$Scopes += $Group.Name;
 
}
 
}
 
  
 
#Create an object for the user permission record
 
$Owner = New-Object PSObject -Property $Properties;
 
$Owner.Title = $web.Title;
 
$Owner.WebID = $web.ID;
 
$Owner.SiteID = $siteID;
 
$Owner.WebSiteURL = $web.URL;
 
$Owner.AccessRequestEmail=$web.RequestAccessEmail;
 
$Owner.Scope = ($Scopes -join ",");
 
$Owner.UserID=$user.LoginName.Split("\")[1];
 
$Owner.Login=$user.LoginName;
 
$Owner.User=$user.Name;
 
$Owner.Email=$user.Email;
 
$Owner.LastItemModified=$web.LastItemModifiedDate.ToString("MM/dd/yyyy");
 
  
 
$SiteOwners +=$Owner;
 
}
 
}
 
}
 
$web.Dispose();
 
$_.Dispose();
 
}
 
catch [System.Exception]{
 
Write-Host ($WebUrl + ":" + $_.Exception.Message + ":" + $_.Exception.StackTrace);
 
}
 
}
 
}
 
#Dispose SPSite
 
$_.Dispose();
 
}
 
$SiteOwners|Export-CSV "D:\SharePoint Administration\SiteOwners.csv" -NoTypeInformation;

Other Languages

This article is also available in the following languages:

Italian (it-IT)

, , , , , , , [Edit tags]
Leave a Comment
  • Please add 1 and 4 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • 22 Aug 2013 3:10 PM

    Carsten Siemens edited Revision 10. Comment: Added tag: has comment

  • 1 Aug 2013 9:45 AM

    Gokan Ozcifci edited Revision 9. Comment: formatting  

  • 31 Jul 2013 10:30 PM

    Guru Karnik edited Revision 8. Comment: Restored the version prior to corruption

  • 31 Jul 2013 5:37 PM

    Richard Mueller edited Revision 7. Comment: Attempt to restore the code (from a previous version of this article)

  • 15 Nov 2012 11:24 AM

    Guru Karnik edited Revision 4. Comment: Updated the script to remove duplicates

  • 17 Mar 2012 4:35 PM

    Luigi Bruno edited Revision 3. Comment: Added the "Other Languages" section. Edited tags list.

  • 26 Feb 2012 10:52 AM

    Gokhan Ozcifci edited Revision 2. Comment: headings, new title

  • 19 Feb 2012 5:17 AM

    Craig Lussier edited Original. Comment: added en-us to tags and title. edited title to indicate a SharePoint article, and added SharePoint 2010 to the tags

Page 1 of 1 (8 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Posted by
    on 19 Feb 2012 5:17 AM

    Craig Lussier edited Original. Comment: added en-us to tags and title. edited title to indicate a SharePoint article, and added SharePoint 2010 to the tags

  • Posted by
    on 26 Feb 2012 10:52 AM

    Gokhan Ozcifci edited Revision 2. Comment: headings, new title

  • Posted by
    on 17 Mar 2012 4:35 PM

    Luigi Bruno edited Revision 3. Comment: Added the "Other Languages" section. Edited tags list.

  • Posted by
    on 15 Nov 2012 11:24 AM

    Guru Karnik edited Revision 4. Comment: Updated the script to remove duplicates

  • Posted by
    on 23 May 2013 9:02 AM

    Powershell script is broken/missing on this page.  It appears to be intact on the italian version though.

  • Posted by
    on 31 Jul 2013 5:37 PM

    Richard Mueller edited Revision 7. Comment: Attempt to restore the code (from a previous version of this article)

  • Posted by
    on 31 Jul 2013 10:30 PM

    Guru Karnik edited Revision 8. Comment: Restored the version prior to corruption

  • Posted by
    on 31 Jul 2013 10:31 PM

    Restored the version prior to HTML corruption

  • Posted by
    on 1 Aug 2013 9:45 AM

    Gokan Ozcifci edited Revision 9. Comment: formatting  

  • Posted by
    on 22 Aug 2013 3:10 PM

    Carsten Siemens edited Revision 10. Comment: Added tag: has comment

Page 1 of 1 (10 items)