I am building a power shell script to loop through all site collections and their sub-sites to get all users who are defined inside the related site owner group. Currently i have this script, where i need to provide each site collection url manually, as follow:-
<#
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
.SYNOPSIS
Name: Get-FullOwnerReport.ps1
This script looks for and reports all users and groups that have full control access for all sites and subsites
in a user's tenant
.Requirements
SPO PnP Module: https://github.com/SharePoint/PnP-PowerShell/releases
.PARAMETER rootSite
The SharePoint Online root site url
.PARAMETER outputPath
The file path that the user wishes to contain the final report
.OUTPUTS
Exports data into a csv named FullOwnersReport.csv
.EXAMPLE
.\Get-FullOwnerReport.ps1 -rootSite "https://myTenant.sharepoint.com" -outputPath "c:\temp"
#>
param(
[Parameter(Mandatory=$true,
HelpMessage="Enter sharepoint root url",
ValueFromPipeline=$false)]
$rootSite,
[Parameter(Mandatory=$true,
HelpMessage="Enter file path to create CSV report in",
ValueFromPipeline=$false)]
[ValidateScript({ Test-Path $_ -PathType Container })]
$outputPath
)
try
{
Import-Module SharePointPnPPowerShellOnline -ErrorAction Stop
}
catch
{
Start-Process -FilePath "powershell" -Verb runas -ArgumentList "Install-Module SharePointPnPPowerShellOnline -Force -AllowClobber;" -Wait
Import-Module SharePointPnPPowerShellOnline
}
$spcred = Get-Credential
$allSubSites = @()
$urls = @()
$allGroupSites = @()
Connect-PNPonline -Url "$($rootSite)" -UseWebLogin
$urls = Get-PnPTenantSite -Url "$rootSite" -IncludeOneDriveSites -Detailed
foreach($url in $urls)
{
try
{
Connect-PNPonline -Url "$($url.Url)" -ErrorAction SilentlyContinue -UseWebLogin
$allSubSites += Get-PnPSubWebs -Recurse -ErrorAction SilentlyContinue
}
catch
{
Write-Warning -Message "Warning Access to $($url.Url) was denied."
}
}
$allSubSites += $urls
$allOwners = @()
foreach($url in $allSubSites)
{
try
{
Connect-PNPonline -Url "$($url.Url)" -ErrorAction Stop -UseWebLogin
$owners = Get-PnPGroup -ErrorAction Stop | where {$_.Title -match "Owners"}
foreach($owner in $owners)
{
$allOwnerGroups = Get-PnPGroupMembers -Identity "$($owner.Title)"
Write-Host "Accessing users of group $($owner.Title)"
foreach($lowerOwner in $allOwnerGroups)
{
Write-Host "User $($lowerOwner.LoginName) found as owner for site $($url.Url)"
$object = New-Object –TypeName PSObject
$object | Add-Member –MemberType NoteProperty –Name LoginName –Value $lowerOwner.LoginName
$object | Add-Member –MemberType NoteProperty –Name Email –Value $lowerOwner.Email
$object | Add-Member –MemberType NoteProperty –Name URL –Value "$($url.Url)"
$allOwners += $object
}
}
}
catch
{
Write-Warning -Message "Warning Access to $($url.Url) was denied."
}
}
$GroupReport = $outputPath + "\FullOwnersReport.csv"
if((Test-Path -Path "$GroupReport"))
{
$allOwners | Export-Csv -Path "$GroupReport" -Force -NoTypeInformation
}
else
{
New-Item -Path "$GroupReport" -ItemType file
$allOwners | Export-Csv -Path "$GroupReport" -Force -NoTypeInformation
}
So can i modify the script, so it automatically loop through all the site collections inside our tenant and their sub-sites and provide the users inside the Site Owner group?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 90%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 51%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EED%3C/text%3E%3C/svg%3E)