#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.Online.SharePoint.Client.Tenant.dll"
#Variables
$UserName="abc@xyz.onmicrosoft.com"
$Password ="xxx"
$SiteURL="https://xyz.sharepoint.com/sites/sitename"
#Setup Credentials to connect
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName,(ConvertTo-SecureString $Password -AsPlainText -Force))
#Set up the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $credentials
$Web = $Ctx.web
$LibName="Documents"
$GroupName="Site Members"
$UserAccount="username@xyz.com"
$PermissionLevel="Contribute"
#Get the Folder
$lib = $Ctx.Web.Lists.GetByTitle($LibName)
$Ctx.Load($lib)
$Ctx.ExecuteQuery()
#Break Permission inheritence - Remove all existing list permissions & keep Item level permissions
$lib.BreakRoleInheritance($True,$False)
$Ctx.ExecuteQuery()
Write-host -f Yellow "List's Permission inheritance broken..."
#Get the SharePoint Group & User
$Group =$Web.SiteGroups.GetByName($GroupName)
$User = $Web.EnsureUser($UserAccount)
$Ctx.load($Group)
$Ctx.load($User)
$Ctx.ExecuteQuery()
#Grant permission
#Get the role required
$Role = $web.RoleDefinitions.GetByName($PermissionLevel)
$RoleDB = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
$RoleDB.Add($Role)
#Assign permissions
$GroupPermissions = $lib.RoleAssignments.Add($Group,$RoleDB)
$UserPermissions = $Folder.ListItemAllFields.RoleAssignments.Add($User,$RoleDB)
$lib.Update()
$Ctx.ExecuteQuery()
write-host $GroupName
write-host "---"
Write-host $Group.LoginName " was granted permission successfully!" -ForegroundColor Green
}
}
Comments