Thursday, November 5, 2015

Using Powershell to extract users from Sharepoint

Before decommissioning a Sharepoint server, I needed a list of all users on the different team sites. Time for some Powershell magic!

On the Technet site I found a script that promised to do exactly what I needed:

This script enumerates SharePoint 2010 or 2013 permissions across the entire farm down to the site (SPWeb) level. It also recursively expands the membership of any AD group and lists the assignment role binding on the permission. The output is an XML format.

So I copied the script over, logged in on the Sharepoint server and opened up a Powershell command prompt. However when I tried to execute the script it failed with the following error message:

Exception has been thrown by the target of an invocation

+ CategoryInfo : NotSpecified: (:) [], TargetInvocationExcept

+ FullyQualifiedErrorId : System.Reflection.TargetInvocationException

So I opened up the script to find the root cause of the error and saw that it failed on the call to AllWebs:


On StackExchange I found some information telling me that the issue was probably related to security. The following solution was mentioned:

All permissions required:

  • Site Collection administrator on the SPSite (whether given through Central Admin or Site Settings)
  • PowerShell scripting admin: add-spshelladmin domain\username
  • PowerShell scripting admin on the content databases: get-spcontentdatabase | add-spshelladmin domain\username

And indeed, after adding the user, I was able to run the script successfully!

1 comment:

JaydenFox said...

I thought I would leave my first comment. I don’t know what to say except that I have enjoyed reading. Nice blog, I will keep visiting this blog very often.

software development in ludhiana