Scenario
You want to get an overview of all Permission Levels that are set up in your tenant’s SharePoint Online site collections. Not only the out-of-the-box permission such as “Full Control” or “Read”, but also any custom permission levels which may have been defined by your site collection’s administrators (“Add Only” is a common example).
Code
A prerequisite for this code are the OfficeDev PnP PowerShell cmdlets. Ensure that you have a current version installed before proceeding.
The following code connects to your tenant and fetches all site collections (with a small where query, as I wanted to limit it to all sites in the /sites/ or /teams/ paths). It then loops through all site collections, retrieves the permission levels, and writes that information into a CSV file.
$cred = Get-Credential Connect-PnPOnline -Url https://mytenant-admin.sharepoint.com -Credentials $cred $sites = Get-PnPTenantSite | where {$_.Url -like "*mytenant.sharepoint.com/sites/*" -or $_.Url -like "*mytenant.sharepoint.com/teams/*"} foreach($site in $sites) { Connect-PnPOnline -Url $site.Url -Credentials $cred $ctx = Get-PnPContext $roleDefs = (Get-PnPWeb).RoleDefinitions $ctx.Load($roleDefs) $ctx.ExecuteQuery() foreach($rd in $roleDefs) { Add-Content ".\permissionlevels.csv" "$($site.url), $($rd.Name)" } }
Office 365 Advent Calendar – 01 Getting all Permissions Levels in SharePoint Online https://t.co/v14HqznyV2 #office365adventcalendar
Office 365 Advent Calendar – 01 Getting all Permissions Levels in SharePoint Online https://t.co/v14HqzFajC #office365adventcalendar
Office 365 Advent Calendar – 01 Getting all Permissions Levels in SharePoint Online https://t.co/6jeQYz825a #Office365