SharePoint User Membership Identification Script for Access Management

Dijid Maddumakumara
Nov 27, 2023

1.1k
0
2
- facebook
- twitter
- linkedIn
- Reddit
- WhatsApp
- Email
- Print
- Other Artcile

This script aims to identify SharePoint sites where specific users hold membership, enabling efficient access management and site administration. The script utilizes PowerShell to connect to the SharePoint Online environment and iterates through all site collections, retrieving the site URLs and associated user memberships.

Script Functionality

Establish PowerShell Connection: The script initiates a connection to the SharePoint Online environment using the Connect-SPOService cmdlet.
Retrieve Site Collections: The script employs the Get-SPOSite cmdlet to retrieve all site collections within the SharePoint Online tenant.
Process Each Site Collection: For each site collection, the script iterates through its sub-sites, extracting the site URL and user membership information.
Identify User Membership: The script utilizes the Get-SPOSiteGroup cmdlet to retrieve the SharePoint groups associated with each site.
Filter User Membership: The script filters the user membership data to identify the presence of specific users in each site.
Display Results: The script generates output displaying the site URLs and associated user memberships for the specified users.

Benefits

Efficient User Membership Identification: The script streamlines the process of identifying SharePoint site membership for specific users, eliminating the need for manual site-by-site inspection.
Enhanced Access Management: This tool facilitates effective access management by enabling administrators to quickly determine which sites specific users have access to.
Simplified Site Administration: The script simplifies site administration by providing a centralized overview of user memberships across all SharePoint sites.

Target Audience

This script is primarily intended for SharePoint administrators and IT professionals responsible for managing user access and permissions within SharePoint Online environments.

Additional Notes

The script requires the SharePoint Online Management Shell to be installed on the user's machine.
The script utilizes the Write-Host cmdlet to display the results. For more comprehensive reporting, consider exporting the results to a CSV file.
The script can be modified to search for specific groups or roles instead of individual users.

Connect-SPOService
https://test-admin.sharepoint.com
$AllSites = Get-SPOSite -Limit ALL |select URL
foreach( $user in Get-Content ""C:\userlist.txt""){
$UserLoginName = $user
foreach ($site in $AllSites){
echo "##################################################"
Write-Host " Working On:" $user "|" $site -ForegroundColor green
$UserCheck = Get-SPOUser $site.Url -Limit ALL | where-object {$_.LoginName -eq $UserLoginName}
echo "##################################################"
if ($UserCheck.LoginName -eq $user){
echo "=================================================="
Write-Host "User Have Acceess to the :" $site -ForegroundColor red
echo "=================================================="
                  $UsersiteDetails = [ordered]@{
                    UserID = $UserCheck.LoginName
                    Site = $site.Url
                   }
[PSCustomObject]$UsersiteDetails | Export-Csv .\$(get-date -f yyyy-MM-dd)_User_Site.csv -NoTypeInformation -Append
$UsersiteDetails = @()
}
}
}

foreach( $user in Get-Content ""C:\userlist.txt""){ - UPN list that you want to seach across sharepoint sites (this should be txt file)

The CSV file records the location from which the script is being executed.

I hope you find this useful :)

Recommended Free Ebook

Configure MinRole Search and Cloud Hybrid Features in SharePoint Server 2016 and Office 365

Download Now!