Revoke-SPObjectSecurity
Removes a security principal from a SPObjectSecurity object.
Syntax
Revoke-SPObjectSecurity
[-Identity] <SPObjectSecurity>
[-Principal] <SPClaim>
[[-Rights] <String[]>]
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>] Revoke-SPObjectSecurity
[-Identity] <SPObjectSecurity>
[-All]
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>] Description
This cmdlet contains more than one parameter set. You may only use parameters from one parameter set and you may not combine parameters from different parameter sets. For more information about how to use parameter sets, see Cmdlet parameter sets.
The Revoke-SPObjectSecurity cmdlet to remove a security principal, such as a user, from a SPObjectSecurity object.
An SPObjectSecurity object is a common object that is used to represent the security access control list (ACL) of SharePoint administrative objects, in particular service applications.
For permissions and the most current information about Windows PowerShell for SharePoint Products, see the online documentation at https://go.microsoft.com/fwlink/p/?LinkId=251831 (https://go.microsoft.com/fwlink/p/?LinkId=251831).
Examples
------------------EXAMPLE------------------
$security = Get-SPServiceApplicationSecurity $serviceApp -Admin
Revoke-SPObjectSecurity $security "domain\user"
Set-SPServiceApplicationSecurity $serviceApp -Admin $securityThis example retrieves the SPObjectSecurity object corresponding to the administrator ACL on a service application and removes a user from that ACL. The removed an administrator for the service application $serviceApp.
Parameters
-All
Specifies that all security principals are removed from the specified SPObjectSecurity object.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-AssignmentCollection
Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.
When the Global parameter is used, all objects are contained in the global store.
If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.
| Type: | SPAssignmentCollection |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Identity
Specifies the SPObjectSecurity object from which the security principal is removed.
You can use the Get-SPServiceApplicationSecurity cmdlet to get a SPObjectSecurity object .
| Type: | SPObjectSecurity |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Principal
Specifies the principal for whom the rights are removed.
The type must a valid name a principal; for example, Full Control.
| Type: | SPClaim |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Rights
Specifies the rights of the principal to revoke.
The type must a valid array of strings that represents the rights of the principal to revoke.
| Type: | String[] |
| Position: | 3 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |