Managing permissions on your user’s Onedrive for Business storage is a chore, there is no direct interface to do this in bulk, nor is the interface very easy to find. Plenty of articles explain how to do this for ONE user through the GUI, but few explain how to do this in bulk for several users at once.<\/p>\n
And when you’re migrating, for example, hundreds or thousands of homedirectories to Onedrive For Business, you’ll want to automate setting permissions on all these users in bulk.<\/p>\n
Fortunately, this can be scripted using Powershell, probably after you’ve bulk-provisioned your users<\/a> in Onedrive for Business.<\/p>\n Download the following script and configure it, the requirements for the script are in the script header.<\/p>\n ODFB_RA_v0.1<\/a><\/p>\n Sourcecode:<\/p>\n Managing permissions on your user’s Onedrive for Business storage is a chore, there is no direct interface to do this in bulk, nor is the interface very easy to find. Plenty of articles explain how to do this for ONE user through the GUI, but few explain how to do this in bulk for several … Continue reading Setting administrative permissions on all your Onedrive for Business accounts<\/span> ########\n#ODFB Rights Administration\n#Copyright: Free to use, please leave this header intact\n#Author: Jos Lieben (OGD)\n#Company: OGD (http:\/\/www.ogd.nl)\n#Script help: http:\/\/www.lieben.nu\n#Purpose: Give an administrator rights on all Onedrive for Business accounts\n########\n#Requirements:\n########\n<# Powershell 4 .NET 4.5 Sharepoint Online Management Shell (X64) http:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=35588 Sharepoint Server 2013 Client Components https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=42038 run \u201cSet-Executionpolicy Unrestricted\u201d in an elevated powershell window Windows 7+ or Windows Server 2008+ #>\n\n$o365login = \"admin@ogdemo1.onmicrosoft.com\" #Username of O365 Admin\n$o365pw = \"\" #Password of O365 Admin\n$logfile = ($env:APPDATA + \"\\ODFB_RA.log\")\t #Logfile in case of errors\n$spAdminURL = \"https:\/\/ogdemo1-admin.sharepoint.com\" #URL to your SP Admin site\n$spMyURL = \"https:\/\/ogdemo1-my.sharepoint.com\" #URL to your SP MySites\n\n\n#Start script\nac $logfile \"-----$(Get-Date) ODFB_RA v0.1 $($env:COMPUTERNAME) Session log-----`n\"\n\n#build Credential Object\n$secpasswd = ConvertTo-SecureString $o365pw -AsPlainText -Force\n$Credentials = New-Object System.Management.Automation.PSCredential ($o365login, $secpasswd)\n\n#Load sharepoint module\ntry{\n [System.Reflection.Assembly]::LoadWithPartialName(\"Microsoft.SharePoint.Client\") | Out-Null\n [System.Reflection.Assembly]::LoadWithPartialName(\"Microsoft.SharePoint.Client.Runtime\") | Out-Null\n [System.Reflection.Assembly]::LoadWithPartialName(\"Microsoft.SharePoint.Client.UserProfiles\") | Out-Null\n}catch{\n $errorstring = \"ERROR: Failed to load Sharepoint Libraries, exiting\"\n ac $logfile $errorstring\n Write-Host $errorstring\n Pause\n Exit\n}\n#load SPOnline module\n$env:PSModulePath += \";C:\\Program Files\\SharePoint Online Management Shell\\\"\ntry{\n Import-Module Microsoft.Online.SharePoint.PowerShell\n}catch{\n $errorstring = \"ERROR: Failed to load Sharepoint Online module, exiting\"\n ac $logfile $errorstring\n ac $logfile $error[0]\n Write-Host $errorstring\n Pause\n Exit\n}\n\n#Build sP credential object\n$creds = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($o365login,$secpasswd)\n\n#build proxy\n$proxyaddr = \"$spAdminURL\/_vti_bin\/UserProfileService.asmx?wsdl\"\n$UserProfileService= New-WebServiceProxy -Uri $proxyaddr -UseDefaultCredential False\n$UserProfileService.Credentials = $creds\n\n$strAuthCookie = $creds.GetAuthenticationCookie($spAdminURL)\n$uri = New-Object System.Uri($spAdminURL)\n$container = New-Object System.Net.CookieContainer\n$container.SetCookies($uri, $strAuthCookie)\n$UserProfileService.CookieContainer = $container\ntry{\n $UserProfileResult = $UserProfileService.GetUserProfileByIndex(-1)\n}catch{\n $errorstring = \"Critical error, unable to get profiles\"\n ac $logfile $errorstring\n ac $logfile $error[0]\n Write-Host $errorstring $error[0]\n Pause\n Exit\n}\n$NumProfiles = $UserProfileService.GetUserProfileCount()\n$i = 1\n$ProfileURLs = @()\n\nWrite-Host \"Begin discovery of $NumProfiles profiles\"\nWhile ($UserProfileResult.NextValue -ne -1) \n{\n Write-Host \"Checking profile $i of $NumProfiles\"\n $Prop = $UserProfileResult.UserProfile | Where-Object { $_.Name -eq \"PersonalSpace\" } \n $Url= $Prop.Values[0].Value\n if ($Url) {\n Write-Host \"Adding $Url to the list\"\n $ProfileURLs += $Url\n }\n $UserProfileResult = $UserProfileService.GetUserProfileByIndex($UserProfileResult.NextValue)\n $i++\n}\nWrite-Host \"Finished discovery of profiles\"\n\nWrite-Host \"Connecting to Sharepoint Online\"\ntry{\n Connect-SPOService -Url $spAdminURL -Credential $Credentials\n}catch{\n $errorstring = \"Critical error, unable to Connect to Sharepoint Online\"\n ac $logfile $errorstring\n ac $logfile $error[0]\n Write-Host $errorstring $error[0]\n Pause\n Exit\n}\n\nWrite-Host \"Start processing profiles\"\n\nforeach($profileURL in $ProfileURLs){\n $fullPath = \"$spMyURL$profileURL\".TrimEnd(\"\/\")\n Write-Host \"Processing $fullPath\"\n try{\n Set-SPOUser -Site $fullPath -LoginName $o365login -IsSiteCollectionAdmin $true\n Write-Host \"$o365login permissions added to $fullPath\"\n }catch{\n $errorstring = \"Failed adding $o365login permissions to $fullPath\"\n ac $logfile $errorstring\n ac $logfile $error[0]\n Write-Host $errorstring $error[0] \n }\n}\n\nac $logfile \"Script finished\"\nWrite-Host \"Job Finished\"\nPause\nExit\n\n<\/pre>\n","protected":false},"excerpt":{"rendered":"