SharePoint O365 Get All Users With Certain Role

Question

Is there a way to get all users who have "Full Control" permission at a site collection and subsite level and change their role to something else? PowerShell would be ideal but CSOM would be fine too if that's the only way to do it. I know I can get groups by role but I need a way to get explicitly added users.

I tried this older StackOverflow question: Get all the users based on a specific permission using CSOM in SharePoint 2013 but I keep getting a 403 forbidden error on the first ctx.ExecuteQuery(); for all sites even though I am a collection administrator. I also wonder if anyone had a PowerShell way to do it.

score 0 · Answer 1 · answered Mar 04 '16 at 21:50

0

You need the SharePoint Online Management shell to stand up a connection to O365 via Powershell.

Introduction to the SharePoint Online management shell

answered Mar 04 '16 at 21:50

InvoiceGuy

22
2
10

Thank you for this but I've already installed that. As I mentioned the original post, I can successfully change group roles just not get and\or set user roles. – StraighterSwing Mar 05 '16 at 02:37

score 0 · Accepted Answer · answered Mar 07 '16 at 02:50

According the error message, I suspect that the credential is missing in your code.

Please try the code below and let me know whether it works on your side.

    static void Main(string[] args)
    {
        var webUrl = "[your_site_url]";

        var userEmailAddress = "[your_email_address]";

        using (var context = new ClientContext(webUrl))
        {
            Console.WriteLine("input your password and click enter");

            context.Credentials = new SharePointOnlineCredentials(userEmailAddress, GetPasswordFromConsoleInput());
            context.Load(context.Web, w => w.Title);
            context.ExecuteQuery();

            Console.WriteLine("Your site title is: " + context.Web.Title);

            //Retrieve site users             
            var users = context.LoadQuery(context.Web.SiteUsers);

            context.ExecuteQuery();

            foreach(var user in users)
            {
                Console.WriteLine(user.Email);
            }
        }
    }

    private static SecureString GetPasswordFromConsoleInput()
    {
        ConsoleKeyInfo info;

        SecureString securePassword = new SecureString();
        do
        {
            info = Console.ReadKey(true);
            if (info.Key != ConsoleKey.Enter)
            {
                securePassword.AppendChar(info.KeyChar);
            }
        }
        while (info.Key != ConsoleKey.Enter);

        return securePassword;
    }
}

Thanks Jeffrey! I can't believe I missed that. – StraighterSwing Mar 07 '16 at 20:03 — StraighterSwing, Mar 07 '16 at 20:03

SharePoint O365 Get All Users With Certain Role

2 Answers2