Reporting on all user permissions in a web application Reporting on all user permissions in a web application
Jaydeep Patel

Jaydeep Patel

December 30, 2011

All Post
Reporting-on-all-user-permissions-in-a-web-application
Share:

Frequently I am asked to report on user permissions across the enterprise. While each site collection, probably each site and possibly each library and item has its own permissions that are visible, reporting on them can’t be done in the User Interface. This little PowerShell script I wrote will output all permissions in a CSV format that’s easily opened in Excel and manipulated via a PivotTable. I even published this spreadsheet PivotTable in Excel Services allowing end users to interact and manipulate the views interactively in a browser. Here it is:

  $siteCol = Get-SPSite "http://SharePoint"  #replace with your own web app
get-spweb -site $siteCol -Limit ALL | ForEach-Object {
$i++;
$j=0;
$site = $_;
$str1=$i.tostring()+","+$site.Title+","+$site.url+",";
write-host $str1;
foreach ($usr in $site.users) { $j++; $webPermissions += $str1+ $j.tostring()+ ","+ $usr.userlogin +","+$usr.displayname+","+$usr.Roles+"`r`n";}
$site.Dispose();
}
$webPermissions += "`r"+"`n";
$webPermissions | Out-file -Filepath L:logsJP_security.csv  #I am partial to my own initials, replace with your name/path
$webpermissions;
$siteCol.dispose();

3 thoughts on “Reporting on all user permissions in a web application

  1. Thank you for the suggestion. I will try that out to see if it helps me with my task. I so appreciate your blog article and suggestion.

  2. I am trying to use your script but it is only listing info for the first site collection of the web app – is there something else I am missing?

    1. The script is designed to only report permissions on one site collection at a time. This actually
      makes good sense generally, as the permissions output can be voluminous. To report on all site collections try:
      $sites = get-spwebapplication “http://sharepoint”
      foreach ($siteCol in Sites)
      {

      }

      joel

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to talk?

Drop us a line. We are here to answer your questions 24*7.