Permission Reminder Script

This script is posted as part of our MSPress Book that will be released in 2013.

You can use this script to send site owners the list of permissions in each site that they must validate every set number of days:

function SendEmail($emailTo, $body)
{
$emailFrom = "sharepoint@contoso.com"
$subject = "60-Day SharePoint Permissions Review"
$smtpServer = "smtp.contoso.com"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)

}

function GetPermissions($web)
{           
$permissions = new-object system.text.stringbuilder
[void]$permissions.appendline("Please review your site's, " + $web.url + ", permissions and remove anyone that no longer needs access")
[void]$permissions.appendline("")

[void]$permissions.appendline("Web Groups:")
[void]$permissions.appendline("")

            foreach($group in $web.groups)
            {

        if ($group.users.count -gt 0)
        {

[void]        $permissions.appendline("`tGroup Name: " + $group.name)
[void]        $permissions.appendline("`tGroup Owner: " + $group.Owner)
[void]        $permissions.appendline("`tGroup Members: ")

                foreach($user in $group.Users)
                {
[void]$permissions.appendline("`t`t" + $user.userlogin)
                }
        }

            }

[void]$permissions.appendline("")
[void]$permissions.appendline("Web Permissions:")
[void]$permissions.appendline("")
     

        foreach($ass in $web.roleassignments)
        {

[void]$permissions.appendline("`tUser/Group:" + $ass.member.tostring())

            foreach($def in $ass.roledefinitionbindings)
            {
[void]$permissions.appendline("`t`t" + $def.name)

            }
        }

[void]$permissions.appendline("")
[void]$permissions.appendline("Unique List Permissions:")
[void]$permissions.appendline("")
     
foreach($list in $web.lists)
{

if ($list.hasuniqueroleassignments)
{
[void]    $permissions.appendline("`tList (unique perms)" + $list.title)

        foreach($ass in $list.roleassignments)
        {

[void]$permissions.appendline("`tUser/Group:" + $ass.member.tostring())

            foreach($def in $ass.roledefinitionbindings)
            {
[void]$permissions.appendline("`t`t" + $def.name)

            }
        }
}
}

return $permissions

}

add-pssnapin microsoft.sharepoint.powershell
$webapps = get-spwebapplication

foreach($wa in $webapps)
{

    foreach($site in $wa.sites)
    {

        "Processing " + $site.url

if ($site.url.tolower().startswith("http://my.contoso.com"))
{
continue;
}

foreach($web in $site.allwebs)
{

"Processing " + $web.url

$date = $web.properties["PermissionReminderDate"]

if (!$date)
{
"Setting empty date"
$web.properties["PermissionReminderDate"] = [System.DateTime]::Now.toshortdatestring()
$web.properties.update()
$date = $web.properties["PermissionReminderDate"].tostring()
}

$remindDate = [System.DateTime]::Parse($date)
"Date is " + $reminddate

if ($remindDate -lt [System.DateTime]::Now)
{
"Sending permissions reminder to " + $web.author.userlogin + " for web " + $web.url

#generate the permissions info
$permissions = GetPermissions $web

SendEmail $web.author.email $permissions

$web.properties["PermissionReminderDate"] = [System.DateTime]::Now.adddays(60).toshortdatestring()
$web.properties.update()

}

#[system.console]::readline()

}
}
}

Enjoy!
CJG

The Most Interesting Guy in SharePoint

I have been pondering, what would the Dos Equis guy do in SharePoint land.  This led to the following….

 

  • When building a 2013 Farm, he only needs….one server…

 

  • When he builds a SharePoint App, he doesn't need a secret key…
  • His SharePoint Apps, get a 6 rating from CJG

  • His SharePoint Azure Hosted Apps can be run on-premise

 

  • His Hybrid farm doesn't need….ADFS….

 

  • His claims identity….makes no claims about him….. 

 

  • Microsoft instantly approves…his Apps….

 

  • His access tokens….don't expire….

 

  • He didn't need to look at Spence's post to setup Request Management….

 

  • His sandboxed solutions run with…full trust…

 

  • His SharePoint Groups…span site collections…. 

 

  • Every question he replied to on the MSDN forums….was marked as an answer…

 

  • When setting up authentication, he doesn't use setspn.exe….it just works…

 

  • His farm can have unlimited web applications…

 

  • Never once has he been asked an end user support question…..

 

  • His farm will never tell you "its working on it"….its just done….

 

  • He can delete terms from his MMS term store… 

 

  • His SharePoint Online instance has….a Central Administration…

 

  • His SharePoint newsfeed…posts to Yammer….

 

  • His configuration database…scales out… 

 

  •  His farm can store files…..over 2GB….

 

  • He can post as many hashtags as he wants….in his newsfeed….

 

  • All SharePoint Farms trust his farm…..

 

  • He can unwind a shredded storage file with one line of code….

 

  • His machine translation service application is….perfect….

 

  • His Office Web Apps server,  can edit PDFs in the browser…

 

  • His content databases….can store a petabyte of data….

 

 He is….the most interesting guy in SharePoint…"I don't always collaborate…but when I do…its with SharePoint and hot chicks"…..

 

 

 

If you think of more and post, let me know…I'll link over!
CJG

Shredded Storage Whitepaper and Testing Framework

So…I haven't posted anything in a while…notice?  Yeah, you probably did.  Multiple reasons including two MSPress books, clients, courseware…and…the crazy shredded storage whitepaper.  This thing is EPIC.  There have been a few blog posts, but NOTHING that has gone as deep as we have and DEFINITELY nothing that will provide you the source code to test on your own!  So in coordination with AvePoint, NetApp and some Microsoft folks, the white paper is in its final stretch and again…the source code for the tool and its use cases is about ready to go!   When it is final…it will be posted here:

http://shreddedstorage.codeplex.com

Stay tuned!  The excitement is only just building!

CJG