检查子站点权限sharepoint在线CSOM

时间:2016-07-21 08:51:14

标签: powershell sharepoint csom

使用Powershell,我正在尝试获取SharePoint在线环境的子网站的权限。

我尝试获得许可的网站位于https://tenant.sharepoint.com/production

我想知道哪些用户或群组有权访问此网站。

我正在使用带有Powershell的CSOM连接到我的在线环境。

1 个答案:

答案 0 :(得分:0)

要获取的列表,您可以考虑以下示例:

# Retrieve web groups
$groups = $context.Web.RoleAssignments.Groups
$context.Load($groups)
$context.ExecuteQuery()

对于特定Web的用户列表,由于RoleAssignmentCollection类不公开Users属性,因此不是那么简单。无论如何,以下示例演示了如何检索网站的用户列表

Function Get-WebUsers() {
param(
   [Microsoft.SharePoint.Client.Web]$Web = $(throw "Please provide a Web")
) 
   $ctx = $Object.Context
   $assignments = $context.Web.RoleAssignments
   $context.Load($assignments)
   $context.ExecuteQuery()

   $members = @()
   $assignments.GetEnumerator() | % { 
       $member = $context.Web.RoleAssignments.GetByPrincipalId($_.PrincipalId).Member
       $context.Load($member)
       $members += $member
   }
   $context.ExecuteQuery()

   $users = @()
   $members | % { 
         if($_.PrincipalType  -eq [Microsoft.SharePoint.Client.Utilities.PrincipalType]::User) {
             $users += $_
         } 
   }
   $users
}

示例:

Add-Type –Path "C:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll" 
Add-Type –Path "C:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

Function Get-Context([String]$WebUrl,$UserName,$Password) {
    $context = New-Object Microsoft.SharePoint.Client.ClientContext($WebUrl)
    $SecurePassword = $Password | ConvertTo-SecureString -AsPlainText -Force
    $context.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $SecurePassword)
    return $context
}


Function Get-WebUsers() {
param(
   [Microsoft.SharePoint.Client.Web]$Web = $(throw "Please provide a Web")
) 
   $ctx = $Object.Context
   $assignments = $context.Web.RoleAssignments
   $context.Load($assignments)
   $context.ExecuteQuery()

   $members = @()
   $assignments.GetEnumerator() | % { 
       $member = $context.Web.RoleAssignments.GetByPrincipalId($_.PrincipalId).Member
       $context.Load($member)
       $members += $member
   }
   $context.ExecuteQuery()

   $users = @()
   $members | % { 
         if($_.PrincipalType  -eq [Microsoft.SharePoint.Client.Utilities.PrincipalType]::User) {
             $users += $_
         } 
   }
   $users
}


$Url = "https://contoso.sharepoint.com/news"
$Username = "jdoe@consoto.onmicrosoft.com"
$Password = ""

$context = Get-Context -WebUrl $Url -UserName $Username -Password $Password

# Retrieve web groups
$groups = $context.Web.RoleAssignments.Groups
$context.Load($groups)
$context.ExecuteQuery()

write "Group names:"
$groups.GetEnumerator() | % { 
    $_.Title 
}

# Retrieve web users
$users = Get-WebUsers -Web $context.Web  
write "User names:"
$users | % { 
    $_.Title 
}

$context.Dispose()

要点:WebUsersAndGroups.ps1