Powershell Week – Day 3: List Items With Unique Permission


This script can be used to list all items in a web application with unique permissions or broken permissions inheritance.

It can be useful when trying to diagnose permissions issues on big web application with lots of sites and lists/document libraries.


$webAppURL = "http://yourwebapplication.com"

function CheckItemsWithUniquePermissions() {
 $webapp = Get-SPWebApplication $webAppURL

foreach ($site in $webapp.Sites)
 {
 $allwebs = $site.allwebs
 foreach($web in $allwebs)
 {
 $webURL = $web.url
 write-output "[WEB] Processing Web $webURL"

 foreach ($list in $web.Lists)
 {
 $listName = $list.title
 write-output "[LIST] Processing List $listName"

 foreach ($item in $list.Items)
 {
 $itemTitle = $item.title
 $uniquePermissions = $item.HasUniqueRoleAssignments

 if($uniquePermissions -eq "True")
 {
 write-output "[ITEM] Item '$itemTitle' - Unique Permissions: $uniquePermissions"
 }
 }

 $uniquePermissions = $list.HasUniqueRoleAssignments

 if($uniquePermissions -eq "True")
 {
 write-output "[LIST] List '$listName' - Unique Permissions: $uniquePermissions"
 }
 }

 $uniquePermissions = $web.HasUniqueRoleAssignments

 if($uniquePermissions -eq "True")
 {
 write-output "[WEB] Web '$webURL' - Unique Permissions: $uniquePermissions"
 }
 }
 }
}

CheckItemsWithUniquePermissions

You can get the script file here.

See you,

Amadeu.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: