Setting a SharePoint site collection is quite an easy task. Setting several sites and subsites read only is not. There’s no cmdlet available to set one or more SharePoint sites read only.
For me read only means that all the permissions that exist are being put to “Read”. So here’s the script that does all the magic:
There are 3 parameters: The LogFilePath (for instance c:\temp\log.txt) where the old permissions are being written to for later consultation. The SiteUrl of the SharePoint site collection where the sites are located. And the exclusionSitesTitles is an array of titles of sites that should not be put read only. You can also change these to URLs, but then you have to edit the AllWebs line:
$webs = $site.AllWebs | ?{-not ($exclusionSitesTitles -contains $_.Title)}
Param ( [Parameter(Mandatory=$True, Position=0)] [string]$LogFilePath, [Parameter(Mandatory=$True, Position=1)] [string]$SiteUrl, [Parameter(Mandatory=$True, Position=2)] [string[]]$exclusionSitesTitles ) [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") $site = New-Object Microsoft.SharePoint.SPSite($siteUrl) $webs = $site.AllWebs | ?{-not ($exclusionSitesTitles -contains $_.Title)} function checkPermissions([Microsoft.SharePoint.SPRoleAssignmentCollection]$roles) { $roles | Out-File -Append -FilePath $logfilepath $roles | %{ if($_.RoleDefinitionBindings.Count -eq 1 -and $_.RoleDefinitionBindings.Contains($guestPermission)) { $_.RoleDefinitionBindings.RemoveAll(); } else { $_.RoleDefinitionBindings.RemoveAll(); $_.RoleDefinitionBindings.Add($readPermission); } $_.Update(); } } function checkLists($web) { $web.Lists | %{ if($_.HasUniqueRoleAssignments) { checkPermissions($_.RoleAssignments) } } } $webs | %{ $readPermission = $_.RoleDefinitions.GetByType([Microsoft.SharePoint.SPRoleType]::Reader); $guestPermission = $_.RoleDefinitions.GetByType([Microsoft.SharePoint.SPRoleType]::Guest); $_.Url | Out-File -Append -FilePath $logfilepath if($_.HasUniqueRoleAssignments) { checkPermissions($_.RoleAssignments) } checkLists($_) $_.Dispose(); } $site.Dispose();
You must be logged in to post a comment.