Senario: We need to write a script for already created a document library called "Audit Logs" for every site collection in our environment. Wanted to ensure that only Site Collection administrators and the individual site Owners group had access to this document library.
Solution:if ( -not $(Get-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction "SilentlyContinue" )) {Add-PSSnapin Microsoft.SharePoint.PowerShell}
$sites = Get-SPSite | Select RootWeb, URL
foreach ($site in $sites){
$ListName = "Audit Logs"
$PermissionLevel = "Full Control"
$web = $site.rootweb
#$web = Get-SpSite -identity $site.url
#$web = Get-SPWeb -Identity $site.url
$list = $web.Lists | where {$_.Title -match $ListName}
if ($list -ne $null)
{
if ($list.HasUniqueRoleAssignments -eq $False)
{
$list.BreakRoleInheritance($True)
}
if ($list.HasUniqueRoleAssignments -eq $True)
{
ForEach ($SiteGroup in $web.SiteGroups) {
if ($SiteGroup.Name -match "Owners")
{
#write-host $SiteGroup.Name
$GroupName = $SiteGroup.Name
$roleAssignment = new-object Microsoft.SharePoint.SPRoleAssignment($SiteGroup)
$roleDefinition = $web.RoleDefinitions[$PermissionLevel];
$roleAssignment.RoleDefinitionBindings.Add($roleDefinition);
$list.RoleAssignments.Add($roleAssignment)
$list.Update();
Write-Host "Successfully added <$GroupName> to the <$ListName> list in <$site>. " -foregroundcolor Green
}
else
{
Write-Host "No Owners groups exist." -foregroundcolor Red
}
}
}
}
}
No comments:
Post a Comment