PowerShell script cannot find user permissions given directly (can find if permissions given in a group)

PowerShell script cannot find user permissions given directly (can find if permissions given in a group) - Please help.

Hi there,

I need to find ALL SharePOint sites/subsites/locations where "Domain\john" has any level of access.

Following script works if the permissions were given to Domain\john via a group - but this does not work if the permissions were given directly to the user (i.e. user is NOT part of the group).

$weburl = "http://dev"
Get-SPUser -web $weburl -Limit All | ?{$_.UserLogin -eq "Domin\john"}  | select UserLogin, @{name="Url";expression={$_.ParentWeb.Url}}, @{name="Explicit given roles";expression={$_.Roles}}, @{name="Roles given via groups";expression={$_.Groups | %{$_.Roles}}},Groups | Out-String -Width 4096

Help will be appreciated.

Thank you.

Edited by frob 12 hours 19 minutes ago

February 27th, 2015 12:29am

I don't really understand your request. It sounds like you just want to know the permissions per-user

$weburl = "http://dev"
Get-SPUser -web $weburl -Limit All | ?{$_.UserLogin}  | select UserLogin, @{name="Url";expression={$_.ParentWeb.Url}}, @{name="Explicit given roles";expression={$_.Roles}}, @{name="Roles given via groups";expression={$_.Groups | %{$_.Roles}}},Groups | Out-String -Width 4096

This will just return all the users and their permissions.

Free Windows Admin Tool Kit Click here and download it now

February 27th, 2015 11:24am

Sorry I should clarify my question:

This script can find permissions given via a Group -
BUT
This script canNOT find the permissions if they are given directly to the user (where user is NOT part of any group).

Any way to fix this please?

Thanks,

February 27th, 2015 6:23pm

This topic is archived. No further replies will be accepted.