Sharepoint - Get the site permission list with PowerShell
Try this one,
foreach($roleAssignment in $web.RoleAssignments)
{
if(-not [string]::IsNullOrEmpty($roleAssignment.Member.Xml))
{
foreach($roleDefinBindings in $roleAssignment.RoleDefinitionBindings)
{
Write-Output $roleAssignment.Member.Name
Write-Output $roleDefinBindings.Name
}
}
}
}
Check current member is SharePointGroup/SecurityGroup/User. Reference
if($roleAssignment.Member.PrincipalType -eq Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup)
{
#SharePointGroup
}
if($roleAssignment.Member.PrincipalType -eq Microsoft.SharePoint.Client.Utilities.PrincipalType.SecurityGroup)
{
#SecurityGroup
}
if($roleAssignment.Member.PrincipalType -eq Microsoft.SharePoint.Client.Utilities.PrincipalType.User)
{
#User
}
You can use it, you must modify the $ site variable to point to your site collection.
Syntax: <script name>.ps1 | out-file c:\permissions.txt
Here is script
#Get all subsites for site collection
$web = $site.AllWebs
#Loop through each subsite and write permissions
foreach ($web in $web)
{
if (($web.permissions -ne $null) -and ($web.hasuniqueroleassignments -eq "True"))
{
Write-Output "****************************************"
Write-Output "Displaying site permissions for: $web"
$web.permissions | fl member, basepermissions
}
elseif ($web.hasuniqueroleassignments -ne "True")
{
Write-Output "****************************************"
Write-Output "Displaying site permissions for: $web"
"$web inherits permissions from $site"
}
#Loop through each list in each subsite and get permissions
foreach ($list in $web.lists)
{
$unique = $list.hasuniqueroleassignments
if (($list.permissions -ne $null) -and ($unique -eq "True"))
{
Write-Output "****************************************"
Write-Output "Displaying Lists permissions for: $web \ $list"
$list.permissions | fl member, basepermissions
}
elseif ($unique -ne "True") {
Write-Output "$web \ $list inherits permissions from $web"
}
}
}
Write-Host "Finished."
$site.dispose()
$web.dispose()
$unique.dispose()