找到"每个人"使用CSOM在SharePoint Online集合中的权限组

时间:2017-07-10 21:46:54

标签: powershell sharepoint sharepoint-online csom

我正在尝试使用CSOM来审核某些SPOL网站集,并找出哪些网站和网站拥有" Everyone"正在使用的权限组。有谁知道这是否可行?

2 个答案:

答案 0 :(得分:1)

以下是有关如何使用CSOM向SharePoint中的“everyone”组添加权限的示例:

var user = item.ParentList.ParentWeb.EnsureUser("c:0(.s|true");
var roleBindings = new RoleDefinitionBindingCollection(context);
roleBindings.Add(item.ParentList.ParentWeb.RoleDefinitions.GetByType(roleType));
item.RoleAssignments.Add(principal, roleBindings);
context.ExecuteQuery();

在您的情况下,您必须迭代每个网站集并找到登录名:“c:0(.s | true”,表示SharePoint中“Everyone”组的值。

答案 1 :(得分:1)

示例

以下示例枚举跨网站集并打印Everyone用户所属的组名称:

Add-Type -Path "c:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
Add-Type -Path "c:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Client Components\16.0\Assemblies\Microsoft.Online.SharePoint.Client.Tenant.dll"

function Get-Sites { 
    param ([string]$TenantName, [System.Net.ICredentials] $Credentials) 

    $tenantUrl = "https://$TenantName-admin.sharepoint.com/"  
    $ctx = New-Object Microsoft.SharePoint.Client.ClientContext($tenantUrl)  
    $ctx.Credentials = $Credentials 
    $tenant = New-Object Microsoft.Online.SharePoint.TenantAdministration.Tenant($ctx) 
    $sites = $tenant.GetSiteProperties(0, $true) 
    $ctx.Load($sites) 
    $ctx.ExecuteQuery() 
    $ctx.Dispose() 
    return $sites     
} 


function Get-Users { 
    param ([string]$SiteUrl, [System.Net.ICredentials] $Credentials) 

    $ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteUrl)  
    $ctx.Credentials = $Credentials 
    $result = $ctx.Web.SiteUsers
    $ctx.Load($result) 
    $ctx.ExecuteQuery() 
    $ctx.Dispose() 
    return $result
} 



function Expand-UserGroups { 
    param ([Microsoft.SharePoint.Client.User]$User) 

    $ctx = $User.Context
    $ctx.Load($User.Groups) 
    $ctx.ExecuteQuery() 
} 






$tenantName = "contoso";  #put your tenant name here
$userName = "jdoe@contoso.onmicrosoft.com" #put your user name
$password = "" #put your password
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($username, $securePassword)   
$sites = Get-Sites -TenantName $tenantName -Credentials $credentials

$everyoneGroupName = "c:0(.s|true"

$sites | % {
   #Write-Host $_.Url
   $users = Get-Users -SiteUrl $_.Url -Credentials $credentials

   $result = $users | where {$_.LoginName -eq $everyoneGroupName}
   $result | % {
       Expand-UserGroups -User $_
       $_.Groups | % {  Write-Host $_.LoginName  }
   }    
}
相关问题
最新问题