I have been asked to generate the list of users with their roles and groups belongs to for all sites presented in the web application. I found some blog talking about same requirements. But it is not fully satisfied my requirements. So I have taken his logic and created the PowerShell script to list the users, their roles and groups belong for the sites presented in the web application
Here is the below code which will iterate all sites and enumerate the users with their roles and groups belongs to.
[System.Reflection.Assembly]::LoadWithPartialName(“Microsoft.SharePoint”) > $null
function EnumerateUserRolesPermissions ([string]$webURL){
$site = new-object Microsoft.SharePoint.SPSite($webURL)
$web = $site.OpenWeb()
$webUsers = $web.Users
$groups = $web.sitegroups
foreach($webUser in $webUsers){
$Permissions = $web.Permissions
foreach($group in $groups)
{
foreach($Permission in $Permissions){
if($webUser.ID -eq $Permission.Member.ID){
foreach ($role in $webUser.Roles){
if ($role.Type -ne [Microsoft.SharePoint.SPRoleType]::None)
{
write-host $webURL,“;“,$webUser.LoginName,“;“,$webUser.Name,“;",$role.Type.ToString(),";",$webUser.groups
}
}
}
if($group.ID -eq $Permission.Member.ID){
foreach ($role in $group.Roles){
if ($role.Type -ne [Microsoft.SharePoint.SPRoleType]::None
{
foreach($user in $group.users){
write-host $webURL,“;“,$user.LoginName,“;“,$user.Name,“;",$role.Type.ToString(),";",$group.name
}
}
}
}
}
}
}
}
function EnumerateSiteUsers ()
{
[void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")
$farm = [Microsoft.SharePoint.Administration.SPFarm]::Local
foreach ($spService in $farm.Services) {
if (!($spService -is [Microsoft.SharePoint.Administration.SPWebService])) {
continue;
}
foreach ($webApp in $spService.WebApplications) {
if ($webApp -is [Microsoft.SharePoint.Administration.SPAdministrationWebApplication]) { continue }
$webAppUrl = $webApp.GetResponseUri('Default').AbsoluteUri
foreach ($site in $webApp.Sites) {
foreach ($web in $site.AllWebs) {
EnumerateUserRolesPermissions $web.url
}
}
}
}
}
Hope this helps
Balu
February 7, 2011 at 8:13 pm
Excellent. Thanks for this information and help us lot!
Azi
July 7, 2011 at 3:34 pm
Hi Johnson,
How can I export this to excel, or execute for a specific user?
Thanks,
AMOL GHUGE
September 30, 2011 at 10:42 pm
Thank you very much 4 sharing this vital information
Dilip Nikam
January 16, 2012 at 2:51 pm
Thanks a lot…..
Its save my time…..really nice Help….
Dilip Nikam
January 16, 2012 at 2:55 pm
For the exporting you need to do the changes in the script as below….
if ($role.Type -ne [Microsoft.SharePoint.SPRoleType]::None)
{
“URL~”+$webURL + “~LoginName~”+$webUser.LoginName+”~UserName~”+$webUser.Name+”~Role~”+$role.Type.ToString()+”~Group~”+$webUser.groups
#$webURL,”~”,$webUser.LoginName,”~”,$webUser.Name,”~”,$role.Type.ToString(),”~”,$webUser.groups
}
foreach($user in $group.users)
{
“URL~”+$webURL + “~LoginName~”+$user.LoginName+”~UserName~”+$user.Name+”~Role~”+$role.Type.ToString()+”~Group~”+$group.name
#$webURL,”;”,$user.LoginName,”;”,$user.Name,”;”,$role.Type.ToString(),”;”,$group.name
}
After adding the changes you need to call following command. It will create text file
EnumerateUserRolesPermissions(“URL-Of-Your Site”) | format-table name > “C:\Result.txt”
For export result in CSV you need to call the Export-Csv command.
Thanks you….
Kamaldeep
May 3, 2012 at 6:42 am
Hi,
I am trying to use this query but facing issue…
“Missing closing ‘)’ after expression in ‘if’ statement.
At line:22 char:2
+ <<<< {
+ CategoryInfo : ParserError: (CloseParenToken:TokenId) [], Paren
tContainsErrorRecordException
+ FullyQualifiedErrorId : MissingEndParenthesisAfterStatement"
Can you help !!!
Kamaldeep