正文
批量导入导出站点权限site permissions
小程序:扫一扫查出行【扫一扫了解最新限行尾号】
复制小程序
批量导入站点权限
cls
$Web = Get-SPWeb "http://16.178.115.14:91/"
Get-Content c:\export\account.txt | ForEach-Object {
Write-Host $_ $account = $web.EnsureUser($_.Split(',')[0])
$role = $web.RoleDefinitions[$_.Split(',')[1]] $assignment = New-Object Microsoft.SharePoint.SPRoleAssignment($account)
$assignment.RoleDefinitionBindings.Add($role) $web.RoleAssignments.Add($assignment)
}
-----------
mitpalm4\xuting,Full Control
mitpalm4\lily,Read
批量导出站点权限
cls
if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) { Add-PSSnapin "Microsoft.SharePoint.PowerShell"}$properties=@{SiteUrl='';SiteTitle='';ListTitle='';ObjectType='';ObjectUrl='';ParentGroup='';GroupOwner='';MemberType='';MemberName='';MemberLoginName='';JobTitle='';Department='';RoleDefinitionBindings='';};$Permissions=@();$UserInfoList="";$RootWeb="";$SiteCollectionUrl = Read-Host "Enter a Site Collection Url";Get-SPSite $SiteCollectionUrl|Get-SPWeb -limit ALL|%{$web = $_;#Root Web of the Site Collectionif($web.IsRootWeb -eq $True){$RootSiteTitle = $web.Title;$RootWeb = $web;$UserInfoList = $RootWeb.GetList([string]::concat($web.Url,"/_catalogs/users"));}$siteUrl = $web.Url;$siteRelativeUrl = $web.ServerRelativeUrl;Write-Host $siteUrl -Foregroundcolor "Red";$siteTitle = $web.Title;#Get Site Level Permissions if it's uniqueif($web.HasUniqueRoleAssignments -eq $True){$web.RoleAssignments|%{$RoleDefinitionBindings=@();$_.RoleDefinitionBindings|%{$RoleDefinitionBindings += $_.Name;}$MemberName = $_.Member.Name;$MemberLoginName = $_.Member.LoginName;$MemberType = $_.Member.GetType().Name;$GroupOwner = $_.Member.Owner.Name;if($MemberType -eq "SPGroup"){$JobTitle="NA";$Department="NA";$permission = New-Object -TypeName PSObject -Property $properties;$permission.SiteUrl =$siteUrl;$permission.SiteTitle = $siteTitle;$permission.ListTitle = "NA";$permission.ObjectType = "Site";$permission.ObjectUrl = $siteRelativeUrl;$permission.MemberType = $MemberType;$permission.ParentGroup = $MemberName;$permission.GroupOwner = $GroupOwner;$permission.MemberName = $MemberName;$permission.MemberLoginName = $MemberLoginName;$permission.JobTitle = $JobTitle;$permission.Department = $Department;$permission.RoleDefinitionBindings = $RoleDefinitionBindings -join ",";$Permissions +=$permission;#Expand Groups$web.Groups[$MemberName].Users|%{$JobTitle="NA";$Department="NA";try{$userinfo = $UserInfoList.GetItemById($_.ID);$JobTitle=$userinfo["JobTitle"];$Department=$userinfo["Department"];}catch{}$permission = New-Object -TypeName PSObject -Property $properties;$permission.SiteUrl =$siteUrl;$permission.SiteTitle = $siteTitle;$permission.ListTitle = "NA";$permission.ObjectType = "Site";$permission.ObjectUrl = $siteRelativeUrl;$permission.MemberType = "SPGroupMember";$permission.ParentGroup = $MemberName;$permission.GroupOwner = $GroupOwner;$permission.MemberName = $_.DisplayName;$permission.MemberLoginName = $_.UserLogin;$permission.JobTitle = $JobTitle;$permission.Department = $Department;$permission.RoleDefinitionBindings = $RoleDefinitionBindings -join ",";$Permissions +=$permission;}}elseif($MemberType -eq "SPUser"){$JobTitle="NA";$Department="NA";try{$userinfo = $UserInfoList.GetItemById($_.ID);$JobTitle=$userinfo["JobTitle"];$Department=$userinfo["Department"];}catch{}$permission = New-Object -TypeName PSObject -Property $properties;$permission.SiteUrl =$siteUrl;$permission.SiteTitle = $siteTitle;$permission.ListTitle = "NA";$permission.ObjectType = "Site";$permission.MemberType = $MemberType;$permission.ObjectUrl = $siteRelativeUrl;$permission.ParentGroup = "NA";$permission.GroupOwner = "NA";$permission.MemberName = $MemberName;$permission.MemberLoginName = $MemberLoginName;$permission.JobTitle = $JobTitle;$permission.Department = $Department;$permission.RoleDefinitionBindings = $RoleDefinitionBindings -join ",";$Permissions +=$permission;}}}#Get all Uniquely secured objects$uniqueObjects = $web.GetWebsAndListsWithUniquePermissions();#Get uniquely secured Lists pertaining to the current site$uniqueObjects|?{$_.WebId -eq $web.Id -and $_.Type -eq "List"}|%{$listUrl = ($_.Url);$list = $web.GetList($listUrl);#Exclude internal system lists and check if it has unique permissionsif($list.Hidden -ne $True){Write-Host $list.Title -Foregroundcolor "Yellow";$listTitle = $list.Title;#Check List Permissionsif($list.HasUniqueRoleAssignments -eq $True){$list.RoleAssignments|%{$RoleDefinitionBindings="";$_.RoleDefinitionBindings|%{$RoleDefinitionBindings += $_.Name;}$MemberName = $_.Member.Name;$MemberLoginName = $_.Member.LoginName;$MemberType = $_.Member.GetType().Name;$JobTitle="NA";$Department="NA";if($MemberType -eq "SPUser"){try{$userinfo = $UserInfoList.GetItemById($_.ID);$JobTitle=$userinfo["JobTitle"];$Department=$userinfo["Department"];}catch{}}$permission = New-Object -TypeName PSObject -Property $properties;$permission.SiteUrl =$siteUrl;$permission.SiteTitle = $siteTitle;$permission.ListTitle = $listTitle;$permission.ObjectType = $list.BaseType.ToString();$permission.ObjectUrl = $listUrl;$permission.ParentGroup = "NA";$permission.GroupOwner = "NA";$permission.MemberType=$MemberType;$permission.MemberName = $MemberName;$permission.MemberLoginName = $MemberLoginName;$permission.JobTitle = $JobTitle;$permission.Department = $Department;$permission.RoleDefinitionBindings = $RoleDefinitionBindings -join ",";$Permissions +=$permission;}}if($list.BaseType -eq "DocumentLibrary"){#Check All Folders$list.Folders|%{$folderUrl = $_.Url;if($_.HasUniqueRoleAssignments -eq $True){$_.RoleAssignments|%{$RoleDefinitionBindings="";#Get Permission Level against the Permission$_.RoleDefinitionBindings|%{$RoleDefinitionBindings += $_.Name;}$MemberName = $_.Member.Name;$MemberLoginName = $_.Member.LoginName;$MemberType = $_.Member.GetType().Name;$JobTitle="NA";$Department="NA";if($MemberType -eq "SPUser"){try{$userinfo = $UserInfoList.GetItemById($_.ID);$JobTitle=$userinfo["JobTitle"];$Department=$userinfo["Department"];}catch{}}$permission = New-Object -TypeName PSObject -Property $properties;$permission.SiteUrl =$siteUrl;$permission.SiteTitle = $siteTitle;$permission.ListTitle = $listTitle;$permission.ObjectType = $list.BaseType.ToString();$permission.ObjectUrl = $folderUrl;$permission.MemberType = $MemberType;$permission.ParentGroup = "NA";$permission.GroupOwner = "NA";$permission.MemberName = $MemberName;$permission.MemberLoginName = $MemberLoginName;$permission.JobTitle = $JobTitle;$permission.Department = $Department;$permission.RoleDefinitionBindings = $RoleDefinitionBindings -join ",";$Permissions +=$permission;}}}#Check All Items$list.Items|%{$fileUrl = $_.File.Url;$file=$_.File;if($_.HasUniqueRoleAssignments -eq $True){$_.RoleAssignments|%{$RoleDefinitionBindings="";$_.RoleDefinitionBindings|%{$RoleDefinitionBindings += $_.Name;}$MemberName = $_.Member.Name;$MemberLoginName = $_.Member.LoginName;$MemberType = $_.Member.GetType().Name;$JobTitle="NA";$Department="NA";if($MemberType -eq "SPUser"){try{$userinfo = $UserInfoList.GetItemById($_.ID);$JobTitle=$userinfo["JobTitle"];$Department=$userinfo["Department"];}catch{}}$permission = New-Object -TypeName PSObject -Property $properties;$permission.SiteUrl =$siteUrl;$permission.SiteTitle = $siteTitle;$permission.ListTitle = $listTitle;$permission.ObjectType = $file.GetType().Name;$permission.ObjectUrl = $fileUrl;$permission.MemberType=$MemberType;$permission.MemberName = $MemberName;$permission.MemberLoginName = $MemberLoginName;$permission.JobTitle = $JobTitle;$permission.Department = $Department;$permission.RoleDefinitionBindings = $RoleDefinitionBindings -join ",";$Permissions +=$permission;}}}}}}if($_.IsRootWeb -ne $True){$_.Dispose();}}#Dispose root web$RootWeb.Dispose();$Permissions|select SiteUrl,SiteTitle,ObjectType,ObjectUrl,ListTitle,MemberName,MemberLoginName,MemberType,JobTitle,Department,ParentGroup,GroupOwner,RoleDefinitionBindings|Export-CSV ("c:\"+$RootSiteTitle+"-Permissions.csv") -NoTypeInformation;
