Hi @Jonathan Zahler,
Per my test, You can use the following code to remove user from folder permissions via a CSV file by PowerShell:
#Config Variables
$SiteURL = "https://crescent.sharepoint.com/sites/legal"
$ListName="Work"
$CSVFile = "C:\Temp\Folders.csv"
$UserAccount = "i:0#.f|membership|steve@crescent.com"
Try {
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Interactive
#Get content from CSV file
Import-Csv $CSVFile | ForEach-Object {
Write-host "Processing Folder:"$_.URL
#Get the Folder from URL
$Folder = Get-PnPFolder -Url $_.URL
#Get Folder Item
$FolderItem = Get-PnPProperty -ClientObject $Folder -Property ListItemAllFields
$HasUniquePerm = Get-PnPProperty -ClientObject $FolderItem -Property HasUniqueRoleAssignments
#Break Permission Inheritance
If(!$HasUniquePerm)
{
$FolderItem.BreakRoleInheritance($True, $True)
Write-host "`tFolder's Permission Inheritance Broken!"
}
#Get the User
$User = Get-PnPUser -Identity $UserAccount -ErrorAction Stop
#Get Permissions from the Folder
$RoleAssignments = Get-PnPProperty -ClientObject $FolderItem -Property RoleAssignments
#Remove user from folder permissions
[Bool]$UserFound = $false
ForEach($RoleAssignment in $RoleAssignments)
{
$Member = Get-PnPProperty -ClientObject $RoleAssignment -Property Member
If($Member.LoginName -eq $User.LoginName)
{
$UserFound = $True
$FolderItem.RoleAssignments.GetByPrincipal($User).DeleteObject()
Invoke-PnPQuery
}
}
If($UserFound) { Write-host "`tRemoved user from Folder Permission!" }
}
}
Catch {
write-host -f Red "Error Removing user from Folder:" $_.Exception.Message
}
After delet the permissions, you can grant access by following code
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.