SharePoint Server Site & Subsite User Access Reporting Using PowerShell

 Introduction

Managing SharePoint user permissions across a large site collection can become complex and time-consuming, especially when each subsite may have its own unique permission settings. To address this challenge, this PowerShell script helps SharePoint administrators automatically generate a detailed report of user access for each subsite under a given site collection.
This report is particularly useful for governance, auditing, and compliance purposes, where it's critical to understand who has access to what content.

Objective

The goal of this PowerShell script is to:

  • Traverse through all subsites of a given SharePoint site collection.

  • Identify users with unique permissions on each subsite.

  • Compare subsite users with those inherited from the root site.

  • Export a consolidated report in CSV format, containing relevant user and site information.

Script Overview

The script performs the following steps:

  1. Connects to the specified SharePoint site collection.

  2. Fetches all users (both direct and via groups) from the parent/root site.

  3. Iterates through each subsite (SPWeb object).

  4. Checks if a subsite has unique role assignments.

  5. If yes, it gathers all users with explicit permissions for that subsite.

  6. Compares these users with the parent site's users to determine inheritance.

  7. Compiles the data into a structured output using PowerShell's PSCustomObject.

  8. Exports the result into a CSV file using Export-Csv.

Key Variables Used

  • $siteUrl: The root SharePoint site collection URL.

  • $outputPath: Local file path where the CSV report will be saved.

  • $parentUsers: Stores user information from the root site.

  • $customUsers: Stores user information from individual subsites with unique permissions.

What the CSV Report Includes

The generated CSV file contains the following columns for each subsite:

  • WebTitle: The display name of the subsite.

  • WebUrl: The full URL of the subsite.

  • HasUniquePermissions: Boolean flag indicating whether the subsite has unique role assignments.

  • CustomUserCount: Number of users explicitly assigned to the subsite.

  • InheritedUserCount: Number of users inherited from the parent site.

  • TotalUserCount: Total number of users with access to the subsite.

Usage Instructions

  1. Copy the script (available as a PNG screenshot for easy reference).

  2. Save it locally as a .ps1 file (e.g., SP_SubsiteUserAccessReport.ps1).

  3. Open SharePoint Management Shell as Administrator.

  4. Run the script. Make sure the siteUrl and outputPath values are correctly set as per your environment.

  5. Check the CSV file generated at the specified location.

Important Notes

  • The script assumes you are running it on a server where SharePoint Management Shell is available and configured.

  • You should replace the siteUrl with your actual SharePoint site collection URL.

  • Update the file path (outputPath) to a valid location on your local server.

  • You must have adequate permissions to read role assignments across the site collection.

Screenshot-Based Reference

For convenience, the full PowerShell code is available as a PNG image. This makes it easier to copy the script exactly as written without errors due to formatting when copying from the web.

Make sure to verify the file paths as per your local server setup before running the script.

Start-Process powershell.exe -ArgumentList "-ExecutionPolicy Bypass -NoExit -Command `"& 'D:\PnPScript\SP_AuditLogReports.ps1'`""
Start-Process powershell.exe -ArgumentList "-ExecutionPolicy Bypass -NoExit -Command `"& 'D:\PnPScript\SP_Site&SubsiteStorageReport.ps1'`""

Start-Process powershell.exe -ArgumentList "-ExecutionPolicy Bypass -NoExit -Command `"& 'D:\PnPScript\SP-SubsiteUserReport.ps1'`""
Conclusion
This script significantly simplifies the process of auditing user permissions in SharePoint by automating what would otherwise be a repetitive and error-prone task. It is especially beneficial for organizations that maintain strict governance and compliance policies.
By exporting the data to a CSV, administrators can easily analyze, report, or further process the information as needed.

SharePoint, PowerShell, Subsite Access Report, User Permissions, Audit Report, SharePoint Automation, IT Governance, Microsoft 365, CSV Export, SharePoint Admin Tools
















at


























Tags:













      

    






No comments:















Post a Comment


Thanks!

























Subscribe to:
Post Comments (Atom)























Pages









COPYRIGHT @ 2022 | Distributed By Corporate Code Corner


Corporate Code Corner | Distributed By Corporate Code Corner