Tip: Set Privileges for Using PowerShell to Manage SharePoint

Follow Our Daily Tips

TechNet Tips library

Windows PowerShell doesn’t include SharePoint cmdlets. Instead, when you install SharePoint 2010, it installs the SharePoint 2010 Management Shell (a Windows PowerShell environment specifically for managing SharePoint) along with more than 500 SharePoint-specific cmdlets.

To execute a command in the SharePoint 2010 Management Shell, open the Management Shell on a SharePoint 2010 server. To execute commands, the user must have the necessary privileges to the SharePoint object model and to the SharePoint databases. When you are working with SharePoint objects, connections to the database are generally created with the permissions of the current user.

You can use SPShellAdmin for configuring a user’s privileges and security. Here’s how.

To list Shell administrators:

To add a user as a Shell administrator:
Add-SPShellAdmin -UserName <user name> -Database <database name>

For example, to allow user Jeff Hay to execute commands against the PartnerNet site, use the following command:
Add-SPShellAdmin -UserName Contoso\Jeff Hay
-Database (Get-SPContentDatabase -Identity PartnerNet_ContentDatabase)

Note that the Get-SPContentDatabase cmdlet and the PartnerNet content database name are used to retrieve the SPContentDatabase object.

To remove a user from Shell Admin:
Remove-SPShellAdmin -UserName <user name> -Database <database name>

Tip adapted from Microsoft SharePoint 2010 Administrator’s Pocket Consultant by Ben Curry.