Say you have a ton of subwebs in a sitecollection. Each web have unique permissions and unique groups.

You would like to update alle membergroups to have Contribute permissions, instead of Edit permissions. If you need to update all ownergroups or visitorgroups, just change the script accordingly.

You do it like this:

#Get the URL of your SiteCollection
$site = Get-SPSite https://intranet.domain.com/path/site

#Go through each site
foreach ($web in $site.AllWebs)
{
# Get the Member group of the current site
$group = $web.Groups | Where {$_.Name -Like 'Member*'}
echo $group.Name
$ra = $group.ParentWeb.RoleAssignments.GetAssignmentByPrincipal($group)

# Define the permissionlevel you wish to remove
$rd = $group.ParentWeb.RoleDefinitions["Contribute"]
$ra.RoleDefinitionBindings.Add($rd)

# Define the permissionlevel you wish to add
$rd = $group.ParentWeb.RoleDefinitions["Edit"]
$ra.RoleDefinitionBindings.Remove($rd)

$ra.Update()
$group.Update()
$web.Dispose()
}

Source: http://sharepoint.stackexchange.com/questions/70071/need-to-remove-permission-level-from-a-sharepoint-group-using-powershell


Leave a Reply

Your email address will not be published. Required fields are marked *