Was hoping someone has already done this. I have a request from an audit department to print out all the user permisions inside a SharePoint farm so they can say the permissions have been captured and reviewed.
I would like to make this report usable in some fashion, but for now I just need to send them something like an excel spreadsheet so they can add it to a file somewhere as an addendum and say that everything has been reviewed.
Format they want is something along the lines of:
URL, Name, USerID, Last Logon, Authority
With about 3000 users and 700 sites and subsites I expect it will end up being a rather long list…
I did a script that does part of what you need! I get out all the users on the SharePoint farm basically, but I don’t have the “Display Name”, last logon and rights. You can play with the $user variable to see all you can get from it! I have to go out.. if you still didn’t find I will try and complete it for your needs 🙂
$was = Get-SPWebApplication
New-Item c:\scripts\permissions.csv -type file
Add-Content c:\scripts\permissions.csv “`r`n WebApp,Site Collection,Web,GroupName”
foreach ($wa in $was)
{
$webappUrl = $wa.url
Write-Host “Currently analysing Web Application” $wa.url
Add-Content c:\scripts\permissions.csv “`r`n $webappUrl, , , “
$webapp = Get-SPWebApplication $wa.url
foreach( $site in $webapp.Sites )
{
$thesitreurl = $site.url
Add-Content c:\scripts\permissions.csv “`r`n , $thesitreurl, , ”
Write-Host “Currently analysing Site Collection” $site.url
foreach($web in $site.AllWebs)
{
Write-Host “Currently analysing Site” $web.url
$weburl = $web.url
Add-Content c:\scripts\permissions.csv “`r`n , ,$weburl , “
$users = Get-SPUser -Web $web.url
foreach($user in $users)
{
$userlogin = $user.UserLogin
Write-Host $user.UserLogin
Add-Content c:\scripts\permissions.csv “`r`n , ,,$userlogin”
}
}
}
}
