Modify List Permissions With PowerShell

By James|07/03/2017|,

Overview

This article discusses ways to modify list permissions, such as breaking list inheritance, resetting inheritance, resetting list item permission inheritance and removing all list permissions with PowerShell.

Break Inheritance

Let’s say you create a shiny new custom list without changing any of the defaults.  Later, you realize that you wanted unique permissions on the list.  If you use the web interface to "Stop Inheriting Permissions", existing permissions from the parent web site will get copied to the list.  Rather than deleting all the user/group permissions that you DON’T want applied to the list, it may be easier to start with minimal permissions like so:

# Add the PowerShell Snap-In
Add-PSSnapin Microsoft.SharePoint.PowerShell -EA SilentlyContinue

# Retrieve the list
$web = Get-SPWeb http://web_site_url
$list = $web.Lists["Your List Name"]

# Break inheritance if the list has inherited permissions
If (! $list.HasUniqueRoleAssignments) {
  $list.BreakRoleInheritance($FALSE)
}
  • The list method BreakRoleInheritance($FALSE) tells SharePoint to break inheritance and NOT copy existing permissions.  The person running the script will receive full control of the list.
  • If you want to break inheritance but keep the inherited permissions, change the command to BreakRoleInheritance($TRUE).

Reset Inheritance

On the other hand, perhaps you have a list that has unique permissions and you want to reset inheritance.  The following will reset the list and all list child items:

# Add the PowerShell Snap-In
Add-PSSnapin Microsoft.SharePoint.PowerShell -EA SilentlyContinue

# Retrieve the list
$web = Get-SPWeb http://web_site_url
$list = $web.Lists["Your List Name"]

# Display basic list information
"List Title: $list.Title"
$ItemCount = $list.ItemCount
"Item Count: $($ItemCount)"
$CurItem = 0

# Reset permission inheritance on the list
$list.ResetRoleInheritance()

# Reset permission inheritance on each list item
ForEach ($item in $list.items) {
  $CurItem++
  "Working on item $($CurItem) / $($ItemCount)"
  $item.ResetRoleInheritance()
}

Remove List Permissions

Sometimes you just want to start over.  Maybe your list/library has become clogged with loads of useless permissions.  I'm looking at you "Limited Access" permission!  The following will remove ALL list permissions:

# Add the PowerShell Snap-In
Add-PSSnapin Microsoft.SharePoint.PowerShell -EA SilentlyContinue

# Retrieve the list
$web = Get-SPWeb http://web_site_url
$list = $web.Lists["Your List Name"]

# Display basic list information
"List Title: $($list.Title)"
$ItemCount = $list.ItemCount
"Item Count: $($ItemCount)"
$CurItem = 0

$ra = $list.RoleAssignments.Count
$ra0b = $ra -1

# Remove ALL list permissions
For ($i = $ra0b; $i -ge 0; $i--) {
  $CurItem++
  "Working on Role Assignment $($CurItem) / $($ra)"
  $list.RoleAssignments.Remove($i)
}

 

Copyright 2011 - 2024 The Lazy IT Admin | All Rights Reserved
menu-circlecross-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram