Sharepoint Powershell设置具有唯一权限但使用现有所有者组的新站点
目前遇到了一些障碍,我不知道我是否在谷歌上搜索正确的东西,以获得正确的结果来帮助我 情况。。。。 1) 在sharepoint中,通过GUI,我可以在设置网站时使用唯一权限。 2) 然后,您将看到一个页面,显示组的3种可能性(阅读、贡献和所有者)。 3) 在这些可能性中,您可以选择使用现有组或创建新组 我正在寻找的设置是使用现有组作为所有者,并创建2个新组作为贡献和阅读。在powershell中如何执行此操作Sharepoint Powershell设置具有唯一权限但使用现有所有者组的新站点,sharepoint,powershell,sharepoint-2010,Sharepoint,Powershell,Sharepoint 2010,目前遇到了一些障碍,我不知道我是否在谷歌上搜索正确的东西,以获得正确的结果来帮助我 情况。。。。 1) 在sharepoint中,通过GUI,我可以在设置网站时使用唯一权限。 2) 然后,您将看到一个页面,显示组的3种可能性(阅读、贡献和所有者)。 3) 在这些可能性中,您可以选择使用现有组或创建新组 我正在寻找的设置是使用现有组作为所有者,并创建2个新组作为贡献和阅读。在powershell中如何执行此操作 我考虑过的另一种方法是不破坏权限,删除除所有者组之外的所有组,创建2个新组,分配它们C
我考虑过的另一种方法是不破坏权限,删除除所有者组之外的所有组,创建2个新组,分配它们CONTBUTE,阅读并将它们添加到站点 是否要创建自定义权限级别或自定义组,但要为其提供一个现有权限级别?对于前者,最简单的方法是在GUI中创建自定义权限级别,方法是复制并修改现有的“贡献”和“读取”组,然后在PowerShell脚本中将这些组分配给您的组 以下是在站点上设置自定义权限所需的代码
# Function to create role assignment variable for SharePoint group
#-----------------------------------------------------------------
Function CreateGroupRoleAssignment {
Param(
[parameter(Mandatory = $true)]
[string]
$RaName,
[parameter(Mandatory = $true)]
[string]
$GroupName
)
# Delete role assignment variable if it already exists
if(Test-Path "variable:global:$RaName") {
Write-Host "-- Removing existing Role Assignment variable: $RaName"
Remove-Variable -Name $RaName -Scope Global
}
# Create role assignment object variable in the global scope (to persist outside of the function)
Write-Host "-- Creating Role Assignment variable for SharePoint group: $GroupName"
New-Variable -Name $RaName -Value ([Microsoft.SharePoint.SPRoleAssignment] $RootWeb.SiteGroups[$GroupName]) -Scope Global
} # End Function CreateGroupRoleAssignment
# Script body
#------------
# Get your site
$Web = Get-SPWeb http://yoursiteurl
# Stop your site from inheriting permissions
$Web.BreakRoleInheritance($false)
# Create Role Definitions from the "Permission Levels" in your site
# Pick from the list in http://yoursiteurl/_layouts/role.aspx
$FullControlRD = $Web.RoleDefinitions | Where {$_.Name -eq "Full Control"}
$ContributeRD = $Web.RoleDefinitions | Where {$_.Name -eq "Contribute"}
$ReadRD = $Web.RoleDefinitions | Where {$_.Name -eq "Read"}
# Call function to create role assignments from your SharePoint site groups
# SharePoint groups inc. built-in Your Site Owners/Members/Visitors plus any you create
# See list of groups in http://yoursiteurl/_layouts/user.aspx
CreateRoleAssignment -RAName "OwnersRA" -GroupName "Your Site Owners"
CreateRoleAssignment -RAName "Group1RA" -GroupName "Your Custom Group 1"
CreateRoleAssignment -RAName "GRoup2RA" -GroupName "Your Custom Group 2"
# Bind the role definition to the role assignment to assign the desired permission level to each group
$OwnersRA.RoleDefinitionBindings.Add($FullControlRD)
$Group1RA.RoleDefinitionBindings.Add($ContributeRD)
$Group2RA.RoleDefinitionBindings.Add($ReadRD)
# Add the role assignment with the custom permission to your site
$Web.RoleAssignments.Add($OwnersRA)
$Web.RoleAssignments.Add($Group1RA)
$Web.RoleAssignments.Add($Group2RA)
我设法找到了解决办法 我创建了这个站点,所以所有的组都被继承了 断绝继承权 一旦被打破,我就遍历所有的组,删除所有不包含所有者的组。这意味着,当您在根级别站点的所有者组中放置成员时,所有者组仍会更新 然后我创建了一个成员和读者组
$businessUnitWeb = New-SPweb -Url "My Site" -Name "Test" -UseParentTopNav
$businessUnitWeb.BreakRoleInheritance($true)
$groupsToRemove = $businessUnitWeb.Groups| WHERE-OBJECT{$_.Name -ne "XXXXXXXXX Portal Owners"} | $businessUnitWeb.Groups.Remove($_)
$groupsToRemove | FOREACH-OBJECT{$businessUnitWeb.Groups.Remove($_)}
$usersToRemove = $businessUnitWeb.Users| WHERE-OBJECT{$_.Name -ne "XXXXXXXXXX Portal Owners"}
$usersToRemove | FOREACH-OBJECT{$businessUnitWeb.Users.Remove($_)}
}
$businessUnitWeb.SiteGroups.Add("$businessUnitWeb Read", $businessUnitWeb.Site.Owner, $businessUnitWeb.Site.Owner, "The read group for $businessUnitWeb")
$newGroup = $businessUnitWeb.SiteGroups["$businessUnitWeb Read"]
$newGroupAssign = New-Object Microsoft.SharePoint.SPRoleAssignment($newGroup)
$newGroupAssign.RoleDefinitionBindings.Add($businessUnitWeb.RoleDefinitions.GetByType("Reader"))
$businessUnitWeb.RoleAssignments.Add($newGroupAssign)
$businessUnitWeb.update()
$businessUnitWeb.SiteGroups.Add("$businessUnitWeb Contributor", $businessUnitWeb.Site.Owner, $businessUnitWeb.Site.Owner, "The Contributor group for $businessUnitWeb")
$newGroup = $businessUnitWeb.SiteGroups["$businessUnitWeb Contributor"]
$newGroupAssign = New-Object Microsoft.SharePoint.SPRoleAssignment($newGroup)
$newGroupAssign.RoleDefinitionBindings.Add($businessUnitWeb.RoleDefinitions.GetByType("Contributor"))
$businessUnitWeb.RoleAssignments.Add($newGroupAssign)
$businessUnitWeb.update()
Write-Host "Creating $businessAreaURL..... "
$businessUnitWeb.ApplyWebTemplate(Template stuuf")
如果有一些拼写错误,我必须从代码中删除公司领带