Last week, I had a specific task to find out who has Full control access to sites in our SharePoint environment. Fabrice Romelard has an excellent Powershell script to use to find out what permissions a specific user has within your environment:
(link: http://sharepointpsscripts.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=21699, fourth script).
The problem for me was, I didn’t know the logins of the users who had full control access. So I took Fabrice’s script and modified it to fit my needs (see code below).
This PS script will iterate through all of the site collections in your environment and output a list of users and their respective permissions (Reader, Contributor, Full Control, etc.).
—————————————————>8
[System.Reflection.Assembly]::LoadWithPartialName(“Microsoft.SharePoint”) > $null
function CheckPermissions([string]$webURL)
{
$site = new-object Microsoft.SharePoint.SPSite($webURL)
$myweb = $site.OpenWeb()
$mywebUsers = $myweb.Users
foreach($mywebUser in $mywebUsers)
{
$myPermissions = $myweb.Permissions
foreach($myPermission in $myPermissions)
{
if($mywebUser.ID -eq $myPermission.Member.ID)
{
foreach ($role in $mywebUser.Roles)
{
if ($role.Type -ne [Microsoft.SharePoint.SPRoleType]::None)
{
write-host $webURL , “; “, $mywebUser.LoginName , “; ” , $role.Type.ToString()
}
}
}
}
}
}
function StartProcess()
{
$oContentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService;
[Microsoft.SharePoint.Administration.SPWebApplicationCollection]$waColl = $oContentService.WebApplications;
$waColl1 = $waColl | where-object {$_.IsAdministrationWebApplication -eq $FALSE}
foreach ($wa in $waColl1)
{
$sites = $wa.Sites
foreach ($obj in $sites)
{
CheckPermissions $obj.Url
}
}
}
StartProcess
—————————————————–>8