Share via

Power Shell script which runs on all the root folders of a document library and set unique permsion to all users to have read-only

john john 1,021 Reputation points
2022-08-29T12:57:36.58+00:00

We have an online document library which contains around 1000 root folders, and we want to run a Power Shell script which runs on the 1000 root folders ONLY (without the sub-folders) >> then set unique permissions on the roots folders >> get the current permissions Groups + Users >> grant them Read-Only.

Can anyone advice on such a Script ?

I have the following:- 

#Parameters  
$SiteURL="https://******.sharepoint.com/"  
$FolderSiteRelativeURL = "/Shared Documents/"  
   
#Connect to the Site collection  
Connect-PnPOnline -URL $SiteURL -UseWebLogin  
   
#Get the Folder from site relative URL  
$Folder = Get-PnPFolder -Url $FolderSiteRelativeURL  
   
#Get all Subfolders of a folder - recursively  
$SubFolders = Get-PnPFolderItem -FolderSiteRelativeUrl $FolderSiteRelativeURL -ItemType Folder -Recursive  
  
ForEach($SubFolder in $SubFolders)  
    {  
If($SubFolder.ListItemAllFields.HasUniqueRoleAssignments)  
{  
    Write-host "Folder is already with broken permissions!" -f Yellow  
}  
Else  
{  
    #Break Folder permissions - keep all existing permissions & keep Item level permissions  
    $SubFolder.ListItemAllFields.BreakRoleInheritance($True,$True)  
    Invoke-PnPQuery  
   
    Write-host "Folder's Permission Inheritance is broken!!" -f Green     
   /// Need the code which goes here......................  
}  
    }

To get all the root folders, but how i can get the list of permissions assigned to the folder, and set its permission level to Read instead of Edit, Contribute or full access?

Thanks

Thanks

Microsoft 365 and Office SharePoint For business Windows
Windows for business Windows Server User experience PowerShell
Accepted answer
  1. Xuyan Ding - MSFT 7,601 Reputation points
    2022-08-30T09:05:50.493+00:00

    Hi @john john ,

    Please refer to the following articles, first get all root folders from the library, and then cycle inside to change the user's permissions. 

    #Grant folder permissions to SharePoint Group  
Set-PnPfolderPermission -List $ListName -identity $FolderServerRelativeURL -AddRole "Read" -Group "<group name>"

    References to third-party article:
    Set Folder Permissions using PowerShell
    PowerShell to Get Folder Permissions
    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.