SPO - Remove Document Library permissions in Powershell

Question

As part of an SPO site creation script, I want to remove ' Visitors' from the permissions of a document library that is created in the script.

I've got as far as breaking the inheritance, but how can I remove a specific group from the permissions?

Thanks in advance.

Tom

Answer 1

In CSOM PowerShell, it would look something as mentioned in below code. Modify it as per your list and group names :

$SPOCredentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($userName,$password)

$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($siteUrl)
$Ctx.Credentials = $SPOCredentials

$web = $Ctx.Web

#load the groups
$groups = $web.SiteGroups
$Ctx.Load($groups)
$Ctx.ExecuteQuery()

# get the SharePoint group
$Group = $groups.GetByName("<Your Visitor Group Name>");
$Ctx.Load($Group);
$Ctx.ExecuteQuery()

$listName = $Ctx.web.Lists.GetByTitle("Custom List")
$Ctx.Load($listName)
$Ctx.ExecuteQuery()

# break inheritance 
$listName.BreakRoleInheritance($true, $false)
$Ctx.ExecuteQuery()

# load the list role assignments
$Ctx.Load($listName.RoleAssignments)
$Ctx.ExecuteQuery()

# remove the visitor group from the list
$listName.RoleAssignments.Groups.Remove($Group)
$Ctx.ExecuteQuery()

Answer 2

This code can be used for this.It first breaks inheritance and then remove the specific group

$web=Get-SPWeb http://site url
$list = $web.Lists["list/library name"]
$list.BreakRoleInheritance($true)
$web.AllowUnsafeUpdates=$true
[Microsoft.SharePoint.SPRoleAssignmentCollection] $spRoleAssignments=$list.RoleAssignments
for([int] $a=$spRoleAssignments.Count-1; $a -ge 0;$a--)
{
   if($spRoleAssignments[$a].Member.Name -eq "groupName")
   {
      $spRoleAssignments.Remove($a);
   }
}