SharePoint 2007 - Remove all permissions to site collection
-
08-02-2021 - |
Domanda
I need to remove all permissions to a SharePoint 2007 site collection. It is a huge site with hundreds of sub-sites, lists and libraries that all have broken inheritance.
Is there a quick way to delete all permissions to the site?
Nessuna soluzione corretta
Altri suggerimenti
I have altered the code to work in MOSS 2007, kindly try the below code.
#region Variables
[string]$WebUrl = "http://moss2007/"
[string]$GroupNametoKeep = "Root Owners"
#endregion
#region Functions
Function CleanUpAcl
{
param($SPObject, $GroupName)
$Title = $SPObject.Title
Write-Host "Removing permissions from $Title"
$RoleAssignmentsCount = $SPObject.RoleAssignments.Count
For($i = $RoleAssignmentsCount - 1; $i -ge 0; $i--)
{
if($SPObject.RoleAssignments[$i].Member.Name -ne $GroupName)
{
$DeletedGroupName = $SPObject.RoleAssignments[$i].Member.Name
Write-Host "`t Removing Group/User $DeletedGroupName..."
$SPObject.RoleAssignments.RemoveByID($SPObject.RoleAssignments[$i].Member.ID)
}
}
}
#endregion
#region Main
[void][System.reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")
$Site = New-Object Microsoft.SharePoint.SPSite($WebUrl)
$Web = $Site.OpenWeb()
#$web.url
$Lists = $Web.Lists
ForEach ($List in $Lists)
{
if($List.HasUniqueRoleAssignments)
{
CleanUpAcl $List $GroupNametoKeep
}Else
{
$Response = Read-Host "List permissions are not unique, would you like to go to parent object with broken inheritance? (y/n)"
if(($Response -eq "y") -or ($Response -eq "yes"))
{
$BrokenSPObject = $List.FirstUniqueAncestor
CleanUpAcl $BrokenSPObject $GroupNametoKeep
}
}
}
#Get All Users of the site collection
$UserAccounts = @()
foreach ($user in $web.SiteUsers) {
$UserAccounts = $UserAccounts + $user.loginname
}
#Remove all users one by one.
foreach ($user in $UserAccounts)
{
try
{
#Set the Error Action
$ErrorActionPreference = "Stop"
#Remove User if not site admin
if(!$web.SiteUsers[$User].isSiteAdmin)
{
$web.SiteUsers.Remove($user)
Write-host "User Removed :" $user -ForegroundColor Green
}
}
catch {
Write-host "Failed to remove the user:" + $user -ForegroundColor Red
}
Finally
{
#Reset the Error Action to Default
$ErrorActionPreference = "Continue"
}
}
#endregion
PowerShell is going to be your best bet. Here is a script to remove users from a security group. You can modify this to loop through all of your security groups in your site collection and clean them all out.:
$site = new-object Microsoft.SharePoint.SPSite("Site URL")
$web = $site.OpenWeb()
$oSiteGroup = $web.SiteGroups["Group Name"];
$oUsers = $oSiteGroup.Users
foreach ($oUser in $oUsers)
{
"Removing user : " + $oUser.Name
$oSiteGroup.RemoveUser($oUser)
}
This site has some basic widely used PS scripts you can use to add to this script to help you get the users and get rid of them like you want. Use this script as a base, and you should be able to get it done.