SharePoint (2003 thru Online): List of all user/group rights for a SharePoint Web Application

Thursday, October 22, 2015

List of all user/group rights for a SharePoint Web Application

The following T-SQL command will list all user/group rights defined for all site collection of web application -- Query to get all the users assigned to roles

SELECT DISTINCT
CASE WHEN PATINDEX('%\%', FullUrl) > 0 THEN LEFT(FullUrl, PATINDEX('%\%', FullUrl) -1) ELSE FullUrl END AS [Site],
Webs.Title,
Webs.FullUrl,
Perms.ScopeUrl,
UserInfo.tp_Login As Account,
CASE WHEN UserInfo.tp_DomainGroup>0 THEN NULL ELSE UserInfo.tp_Title END ASUsername,
CASE WHEN UserInfo.tp_DomainGroup>0 THEN UserInfo.tp_Login ELSE NULL END AS [ADGroup],
NULL AS [SharePoint Group],
Roles.Title AS RoleTitle,
Roles.PermMask
FROM
dbo.RoleAssignment
INNER JOIN dbo.UserInfo ON RoleAssignment.SiteId = UserInfo.tp_SiteID AND UserInfo.tp_ID= RoleAssignment.PrincipalId
INNER JOIN dbo.Perms ON Perms.SiteId = RoleAssignment.SiteId AND Perms.ScopeId =RoleAssignment.ScopeId
INNER JOIN dbo.Roles ON RoleAssignment.SiteId = Roles.SiteId AND RoleAssignment.RoleId= Roles.RoleId
INNER JOIN dbo.Webs ON Roles.SiteId = Webs.SiteId AND Roles.WebId = Webs.Id
WHERE
Roles.Type<>1 AND tp_Deleted=0
UNION -- Query to get all the SharePoint groups assigned to roles
SELECT DISTINCT
CASE WHEN PATINDEX('%\%', FullUrl) > 0 THEN LEFT(FullUrl, PATINDEX('%\%', FullUrl) -1) ELSE FullUrl END AS [Site],
Webs.Title,
Webs.FullUrl,
Perms.ScopeUrl,
UserInfo.tp_Login As Account,
CASE WHEN UserInfo.tp_DomainGroup>0 THEN NULL ELSE UserInfo.tp_Title END ASUsername,
CASE WHEN UserInfo.tp_DomainGroup>0 THEN UserInfo.tp_Login ELSE NULL END AS [ADGroup],
Groups.Title AS [SharePoint Group],
Roles.Title AS RoleTitle,
Roles.PermMask
FROM
dbo.RoleAssignment
INNER JOIN dbo.Roles ON RoleAssignment.SiteId = Roles.SiteId AND RoleAssignment.RoleId= Roles.RoleId
INNER JOIN dbo.Perms ON Perms.SiteId = RoleAssignment.SiteId AND Perms.ScopeId =RoleAssignment.ScopeId
INNER JOIN dbo.Webs ON Roles.SiteId = Webs.SiteId AND Roles.WebId = Webs.Id
INNER JOIN dbo.Groups ON RoleAssignment.SiteId = Groups.SiteId AND RoleAssignment.PrincipalId = Groups.ID
INNER JOIN dbo.GroupMembership ON GroupMembership.SiteId = Groups.SiteId AND GroupMembership.GroupId = Groups.ID
INNER JOIN dbo.UserInfo ON GroupMembership.SiteId = UserInfo.tp_SiteID AND GroupMembership.MemberId = UserInfo.tp_ID
WHERE
Roles.Type<>1 AND tp_Deleted=0

SharePoint (2003 thru Online)

Thursday, October 22, 2015

List of all user/group rights for a SharePoint Web Application

The following T-SQL command will list all user/group rights defined for all site collection of web application -- Query to get all the users assigned to roles

No comments:

Post a Comment