1

I am looking for a script that lists all shared links for one (or all) SharePoint sites, got one that you can specify the site, put your credentials and it generates a CSV report. Works fine, but I need to give myself permissions on this site to get it.

Please, how can I edit this script to list shared links of one or all sites as admin?

I already tried to connect using Connect-PnPOnline and reclaring -TenantAdminUrl, -PnPManagementShell, and giving to my credential global permission using Register-PnPManagementShellAccess without success

This is the script used:

# Parameters
$SiteUrl = "https://xxx.sharepoint.com/sites/xxx"
$ReportOutput = "$env:USERPROFILE\Downloads\sharedlinksandpermission.csv"
$ListName = "Documents"
    
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Interactive
$Ctx = Get-PnPContext
$Results = @()
$global:counter = 0
 
#Get all list items in batches
$ListItems = Get-PnPListItem -List $ListName -PageSize 2000
$ItemCount = $ListItems.Count
   
#Iterate through each list item
ForEach($Item in $ListItems)
{
    Write-Progress -PercentComplete ($global:Counter / ($ItemCount) * 100) -Activity "Getting Shared Links from '$($Item.FieldValues["FileRef"])'" -Status "Processing Items $global:Counter to $($ItemCount)";
 
    #Check if the Item has unique permissions
    $HasUniquePermissions = Get-PnPProperty -ClientObject $Item -Property "HasUniqueRoleAssignments"
    If($HasUniquePermissions)
    {
        #Get Users and Assigned permissions
        $RoleAssignments = Get-PnPProperty -ClientObject $Item -Property RoleAssignments
        ForEach($RoleAssignment in $RoleAssignments)
        {
            $Members = Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member
            #Get list of users
            $Users = Get-PnPProperty -ClientObject ($RoleAssignment.Member) -Property Users -ErrorAction SilentlyContinue
            #Get Access type
            $AccessType = $RoleAssignment.RoleDefinitionBindings.Name
            If ($RoleAssignment.Member.Title -like "SharingLinks*")
            {
                If ($Users -ne $null)
                {
                    ForEach ($User in $Users)
                    {
                        #Collect the data
                        $Results += New-Object PSObject -property $([ordered]@{
                        Name  = $Item.FieldValues["FileLeafRef"]           
                        RelativeURL = $Item.FieldValues["FileRef"]
                        FileType = $Item.FieldValues["File_x0020_Type"]
                        UserName = $user.Title
                        UserAccount  = $User.LoginName
                        Email  =  $User.Email
                        Access = $AccessType
                        })
                    }
                        
                }
            }       
        }
    }      
    $global:counter++
}
$Results | Export-CSV $ReportOutput -NoTypeInformation
Write-host -f Green "Sharing Links Report Generated Successfully!"

If possible, I would like to undershand what can I change to have this working because I have other 2 scripts with same issue that also uses Get-PnPListItem, Get-PnPProperty

Thanks a lot and regards

Ivan Carlos
  • 21
  • 3

1 Answers1

0

You gonna need to use the SharePoint Online Management Shell if you dont have it just install with this command: Install-Module -Name Microsoft.Online.SharePoint.PowerShell

Then here is your modified script to use it:

# Parameters
$TenantUrl = "https://xxx-admin.sharepoint.com"
$ReportOutput = "$env:USERPROFILE\Downloads\sharedlinksandpermission.csv"
$ListName = "Documents"

#Connect to SharePoint Online Management Shell
$UserCredential = Get-Credential
Connect-SPOService -Url $TenantUrl -Credential $UserCredential

# Get all site collections
$SiteCollections = Get-SPOSite

$Results = @()

ForEach ($Site in $SiteCollections) {
    # Connect to PnP Online for the site
    Connect-PnPOnline -Url $Site.Url -Credentials $UserCredential
    $Ctx = Get-PnPContext

    #Get all list items in batches
    $ListItems = Get-PnPListItem -List $ListName -PageSize 2000
    $ItemCount = $ListItems.Count
    $global:counter = 0

    #Iterate through each list item
    ForEach ($Item in $ListItems) {
        Write-Progress -PercentComplete ($global:Counter / ($ItemCount) * 100) -Activity "Getting Shared Links from '$($Item.FieldValues["FileRef"])'" -Status "Processing Items $global:Counter to $($ItemCount)";

        #Check if the Item has unique permissions
        $HasUniquePermissions = Get-PnPProperty -ClientObject $Item -Property "HasUniqueRoleAssignments"
        If ($HasUniquePermissions) {
            #Get Users and Assigned permissions
            $RoleAssignments = Get-PnPProperty -ClientObject $Item -Property RoleAssignments
            ForEach ($RoleAssignment in $RoleAssignments) {
                $Members = Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member
                #Get list of users
                $Users = Get-PnPProperty -ClientObject ($RoleAssignment.Member) -Property Users -ErrorAction SilentlyContinue
                #Get Access type
                $AccessType = $RoleAssignment.RoleDefinitionBindings.Name
                If ($RoleAssignment.Member.Title -like "SharingLinks*") {
                    If ($Users -ne $null) {
                        ForEach ($User in $Users) {
                            #Collect the data
                            $Results += New-Object PSObject -property $([ordered]@{
                                Name  = $Item.FieldValues["FileLeafRef"]
                                RelativeURL = $Item.FieldValues["FileRef"]
                                FileType = $Item.FieldValues["File_x0020_Type"]
                                UserName = $user.Title
                                UserAccount  = $User.LoginName
                                Email  =  $User.Email
                                Access = $AccessType
                            })
                        }
                    }
                }
            }
        }
        $global:counter++
    }
}

$Results | Export-CSV $ReportOutput -NoTypeInformation
Write-hos

t -f Green "Sharing Links Report Generated Successfully!"
Saxtheowl
  • 1,112
  • 5
  • 8
  • I could not use that, the tenant uses modern auth, so Get-Credential does not work on it :/ I tried to connect directly to Connect-SPOService -Url $TenantUrl and works fine to list the sites, but I still not able to get permission on each site just using Connect-PnPOnline -Url $Site.Url without the Get-Credential – Ivan Carlos Mar 27 '23 at 22:51