Join Log in
Score:1
Ivan Carlos avatar Server

Unable to create a script that list shared link for SharePoint that I am not owner or member

mx flag
Ivan Carlos

I am looking for a script that lists all shared links for one (or all) SharePoint sites, got one that you can specify the site, put your credentials and it generates a CSV report. Works fine, but I need to give myself permissions on this site to get it.

Please, how can I edit this script to list shared links of one or all sites as admin?

I already tried to connect using Connect-PnPOnline and reclaring -TenantAdminUrl, -PnPManagementShell, and giving to my credential global permission using Register-PnPManagementShellAccess without success

This is the script used:

# Parameters
$SiteUrl = "https://xxx.sharepoint.com/sites/xxx"
$ReportOutput = "$env:USERPROFILE\Downloads\sharedlinksandpermission.csv"
$ListName = "Documents"
    
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Interactive
$Ctx = Get-PnPContext
$Results = @()
$global:counter = 0
 
#Get all list items in batches
$ListItems = Get-PnPListItem -List $ListName -PageSize 2000
$ItemCount = $ListItems.Count
   
#Iterate through each list item
ForEach($Item in $ListItems)
{
    Write-Progress -PercentComplete ($global:Counter / ($ItemCount) * 100) -Activity "Getting Shared Links from '$($Item.FieldValues["FileRef"])'" -Status "Processing Items $global:Counter to $($ItemCount)";
 
    #Check if the Item has unique permissions
    $HasUniquePermissions = Get-PnPProperty -ClientObject $Item -Property "HasUniqueRoleAssignments"
    If($HasUniquePermissions)
    {
        #Get Users and Assigned permissions
        $RoleAssignments = Get-PnPProperty -ClientObject $Item -Property RoleAssignments
        ForEach($RoleAssignment in $RoleAssignments)
        {
            $Members = Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member
            #Get list of users
            $Users = Get-PnPProperty -ClientObject ($RoleAssignment.Member) -Property Users -ErrorAction SilentlyContinue
            #Get Access type
            $AccessType = $RoleAssignment.RoleDefinitionBindings.Name
            If ($RoleAssignment.Member.Title -like "SharingLinks*")
            {
                If ($Users -ne $null)
                {
                    ForEach ($User in $Users)
                    {
                        #Collect the data
                        $Results += New-Object PSObject -property $([ordered]@{
                        Name  = $Item.FieldValues["FileLeafRef"]           
                        RelativeURL = $Item.FieldValues["FileRef"]
                        FileType = $Item.FieldValues["File_x0020_Type"]
                        UserName = $user.Title
                        UserAccount  = $User.LoginName
                        Email  =  $User.Email
                        Access = $AccessType
                        })
                    }
                        
                }
            }       
        }
    }      
    $global:counter++
}
$Results | Export-CSV $ReportOutput -NoTypeInformation
Write-host -f Green "Sharing Links Report Generated Successfully!"

If possible, I would like to undershand what can I change to have this working because I have other 2 scripts with same issue that also uses Get-PnPListItem, Get-PnPProperty

Thanks a lot and regards

307
1 + 0
Score:0
Saxtheowl avatar Server
by flag
Saxtheowl

You gonna need to use the SharePoint Online Management Shell if you dont have it just install with this command: Install-Module -Name Microsoft.Online.SharePoint.PowerShell

Then here is your modified script to use it:

# Parameters
$TenantUrl = "https://xxx-admin.sharepoint.com"
$ReportOutput = "$env:USERPROFILE\Downloads\sharedlinksandpermission.csv"
$ListName = "Documents"

#Connect to SharePoint Online Management Shell
$UserCredential = Get-Credential
Connect-SPOService -Url $TenantUrl -Credential $UserCredential

# Get all site collections
$SiteCollections = Get-SPOSite

$Results = @()

ForEach ($Site in $SiteCollections) {
    # Connect to PnP Online for the site
    Connect-PnPOnline -Url $Site.Url -Credentials $UserCredential
    $Ctx = Get-PnPContext

    #Get all list items in batches
    $ListItems = Get-PnPListItem -List $ListName -PageSize 2000
    $ItemCount = $ListItems.Count
    $global:counter = 0

    #Iterate through each list item
    ForEach ($Item in $ListItems) {
        Write-Progress -PercentComplete ($global:Counter / ($ItemCount) * 100) -Activity "Getting Shared Links from '$($Item.FieldValues["FileRef"])'" -Status "Processing Items $global:Counter to $($ItemCount)";

        #Check if the Item has unique permissions
        $HasUniquePermissions = Get-PnPProperty -ClientObject $Item -Property "HasUniqueRoleAssignments"
        If ($HasUniquePermissions) {
            #Get Users and Assigned permissions
            $RoleAssignments = Get-PnPProperty -ClientObject $Item -Property RoleAssignments
            ForEach ($RoleAssignment in $RoleAssignments) {
                $Members = Get-PnPProperty -ClientObject $RoleAssignment -Property RoleDefinitionBindings, Member
                #Get list of users
                $Users = Get-PnPProperty -ClientObject ($RoleAssignment.Member) -Property Users -ErrorAction SilentlyContinue
                #Get Access type
                $AccessType = $RoleAssignment.RoleDefinitionBindings.Name
                If ($RoleAssignment.Member.Title -like "SharingLinks*") {
                    If ($Users -ne $null) {
                        ForEach ($User in $Users) {
                            #Collect the data
                            $Results += New-Object PSObject -property $([ordered]@{
                                Name  = $Item.FieldValues["FileLeafRef"]
                                RelativeURL = $Item.FieldValues["FileRef"]
                                FileType = $Item.FieldValues["File_x0020_Type"]
                                UserName = $user.Title
                                UserAccount  = $User.LoginName
                                Email  =  $User.Email
                                Access = $AccessType
                            })
                        }
                    }
                }
            }
        }
        $global:counter++
    }
}

$Results | Export-CSV $ReportOutput -NoTypeInformation
Write-hos

t -f Green "Sharing Links Report Generated Successfully!"
+ 1
Ivan Carlos avatar
mx flag
Ivan Carlos
I could not use that, the tenant uses modern auth, so Get-Credential does not work on it :/ I tried to connect directly to Connect-SPOService -Url $TenantUrl and works fine to list the sites, but I still not able to get permission on each site just using Connect-PnPOnline -Url $Site.Url without the Get-Credential
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.