As a SharePoint admin, I am constantly asked by site owners “Who has access to my stuff?” In all versions of SharePoint, there is only so much you can glean from the out of the box permissions settings. This can be made more complicated when there are areas on a site that do not have the same permissions as the site. Document libraries and files with broken permissions make managing permissions very difficult.
Now if you have access to a third party tool, you can run all kinds of access reports. But what if you don’t have any third party tools in your SharePoint environment? Enter every SharePoint admins friend–PowerShell! There are simple commands to get permissions throughout the SharePoint hierarchy. But what if you want a consolidated report that lists permissions at every level, including items with broken permissions and members of SharePoint groups. Also throw in those pesky sharing links and who has been assigned to them. Well it just so happens a client recently asked me all of those things. So I put together a few PowerShell scripts to fulfill this ask.
A few things to note, for the first script, you will have to install the SharePoint Online client components.
For the second script, you will have to install the PnP PowerShell module (either module will work).
For both scripts, you will have to change variables for your tenant (site URL and username). Both scripts accept a single site URL but they could easily be altered to iterate through all site collections in your tenant.
Get broken permissions (lists/libraries/folders/items/files)
Thanks for reading and feel free to comment or leave suggestions.