列出所有外部用户 SharePoint Online
List all external users SharePoint Online
除了 powershell(CSOM 或 JSOM)之外,还有其他方法可以列出所有外部用户吗?
我想列出所有外部用户和 "their permissions".
我最后做了一个控制台应用程序,导出所有外部用户及其对网站集中所有网站、列表、文件和文件夹的权限。
它完成得很快,因此可以肯定地修改代码以更好地满足您的要求。
此解决方案导出一个包含内容的 .csv 文件。
只需从 "Program.class"
复制粘贴
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Security;
using Microsoft.SharePoint.Client;
using System.Net;
namespace ListExternalUsersCSOM
{
class Program
{
// Output to filesystem
private static string filePath = @"C:\Users\User\Desktop\output.csv";
// Builds the content to export to the csv file
private static StringBuilder csv = new StringBuilder();
// Groupcollection of all sitegrups and their members
// Only want one trip to the server for this
private static GroupCollection groups;
static void Main(string[] args)
{
// Sitecollection url, username and password of admin account
var webUri = new Uri("https://tenant.sharepoint.com/sites/intranet");
const string userName = "admin@tenant.com";
const string password = "Password";
var securePassword = new SecureString();
foreach (var c in password)
{
securePassword.AppendChar(c);
}
// Create credentials and context
var credentials = new SharePointOnlineCredentials(userName, securePassword);
var ctx = new Microsoft.SharePoint.Client.ClientContext(webUri);
ctx.Credentials = credentials;
// Get rootweb and the groups for the sitecollection
var rootWeb = ctx.Web;
groups = rootWeb.SiteGroups;
// Load groupcollection and load certain properties in every group right away
ctx.Load(groups, groups => groups.Include(g => g.Title, g => g.Users, g => g.Id));
// Load rootweb, subsites, lists, relative url, title, uniqueroleassingments
// Inlcude uniqueroleassingments and title in lists, spares us a trip to the server
ctx.Load(rootWeb, w => w.Webs, w => w.ServerRelativeUrl, w => w.Title, w => w.Lists.Include(l => l.HasUniqueRoleAssignments, l => l.Title), w => w.HasUniqueRoleAssignments);
ctx.ExecuteQuery();
// First we do these checks for rootweb only, then we recursively check all subsites...
// If uniquepermissions on web, look for external users
if (rootWeb.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsWeb(rootWeb);
}
foreach (var list in rootWeb.Lists)
{
if (list.Title != "MicroFeed" | list.Title != "Delningslänkar")
{
ListHasUniqueRoleAssignment(rootWeb, list, ctx);
}
}
foreach (var subWeb in rootWeb.Webs)
{
WebHasUniqueRoleAssignmentRecursive(subWeb, ctx);
}
System.IO.File.WriteAllText(filePath, csv.ToString(), Encoding.UTF8);
}
private static void WebHasUniqueRoleAssignmentRecursive(Web spWeb, ClientContext ctx)
{
ctx.Load(spWeb, w => w.Webs, w => w.ServerRelativeUrl, w => w.Title, w => w.Lists.Include(l => l.HasUniqueRoleAssignments, l => l.Title), w => w.HasUniqueRoleAssignments);
ctx.ExecuteQuery();
if (spWeb.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsWeb(spWeb);
}
foreach (var list in spWeb.Lists)
{
if (list.Title != "MicroFeed" | list.Title != "Delningslänkar")
{
ListHasUniqueRoleAssignment(spWeb, list, ctx);
}
}
foreach (var subWeb in spWeb.Webs)
{
WebHasUniqueRoleAssignmentRecursive(subWeb, ctx);
}
}
private static void ListHasUniqueRoleAssignment(Web spWeb, List list, ClientContext ctx)
{
var listsFolders = new List<Folder>();
var listsFiles = new List<File>();
var listsItems = new List<ListItem>();
CamlQuery query = CamlQuery.CreateAllItemsQuery();
ListItemCollection items = list.GetItems(query);
ctx.Load(items, icol => icol.Include(i => i.FileSystemObjectType, i => i.HasUniqueRoleAssignments, i => i.File, i => i.Folder, i => i.File.ListItemAllFields.HasUniqueRoleAssignments, i => i.Folder.ListItemAllFields.HasUniqueRoleAssignments));
ctx.ExecuteQuery();
listsItems.AddRange(items);
if (list.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsList(spWeb, list);
}
foreach (var listItem in listsItems)
{
if (listItem.FileSystemObjectType == FileSystemObjectType.File && listItem.HasUniqueRoleAssignments)
{
listsFiles.Add(listItem.File);
}
else if (listItem.FileSystemObjectType == FileSystemObjectType.Folder && listItem.HasUniqueRoleAssignments)
{
listsFolders.Add(listItem.Folder);
}
}
foreach (File file in listsFiles)
{
if (file.ListItemAllFields.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsFile(spWeb, file);
}
}
foreach (Folder folder in listsFolders)
{
if (folder.ListItemAllFields.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsFolder(spWeb, folder);
}
}
}
private static void getExternalUsersAndPermissionsWeb(Web spWeb)
{
var ctx = spWeb.Context;
var assignments = spWeb.RoleAssignments;
// Load roleassingment for web, include users and groups and their permissionslevels on this web
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
// Iterate trough all assingments
foreach (var roleAssingment in assignments)
{
// If a user loginname contains #ext# it is an external user, so print the user and the permission level
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Site \"{0}\": {1} har rättighet {2} ", spWeb.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
// If a group
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
// Go to groupcollection we got earlier, get the corresonding groups users
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
// Iterate trough users
foreach (var user in users)
{
// If a user loginname contains #ext# it is an external user, so print the user and the permission level
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Site \"{0}\": {1} har rättighet {2} ", spWeb.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
private static void getExternalUsersAndPermissionsList(Web spWeb, List list)
{
var ctx = spWeb.Context;
var assignments = list.RoleAssignments;
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
foreach (var roleAssingment in assignments)
{
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Lista \"{0}\": {1} har rättighet {2} ", list.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
foreach (var user in users)
{
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Lista \"{0}\": {1} har rättighet {2} ", list.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
private static void getExternalUsersAndPermissionsFile(Web spWeb, File item)
{
var ctx = spWeb.Context;
var assignments = item.ListItemAllFields.RoleAssignments;
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
foreach (var roleAssingment in assignments)
{
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Fil \"{0}\": {1} har rättighet {2} ", item.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
foreach (var user in users)
{
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Fil \"{0}\": {1} har rättighet {2} ", item.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
private static void getExternalUsersAndPermissionsFolder(Web spWeb, Folder folder)
{
var ctx = spWeb.Context;
var assignments = folder.ListItemAllFields.RoleAssignments;
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
foreach (var roleAssingment in assignments)
{
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Mapp\Dokumentgrupp \"{0}\": {1} har rättighet {2} ", folder.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
foreach (var user in users)
{
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Mapp\Dokumentgrupp \"{0}\": {1} har rättighet {2} ", folder.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
}
}
除了 powershell(CSOM 或 JSOM)之外,还有其他方法可以列出所有外部用户吗? 我想列出所有外部用户和 "their permissions".
我最后做了一个控制台应用程序,导出所有外部用户及其对网站集中所有网站、列表、文件和文件夹的权限。
它完成得很快,因此可以肯定地修改代码以更好地满足您的要求。
此解决方案导出一个包含内容的 .csv 文件。
只需从 "Program.class"
复制粘贴using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Security;
using Microsoft.SharePoint.Client;
using System.Net;
namespace ListExternalUsersCSOM
{
class Program
{
// Output to filesystem
private static string filePath = @"C:\Users\User\Desktop\output.csv";
// Builds the content to export to the csv file
private static StringBuilder csv = new StringBuilder();
// Groupcollection of all sitegrups and their members
// Only want one trip to the server for this
private static GroupCollection groups;
static void Main(string[] args)
{
// Sitecollection url, username and password of admin account
var webUri = new Uri("https://tenant.sharepoint.com/sites/intranet");
const string userName = "admin@tenant.com";
const string password = "Password";
var securePassword = new SecureString();
foreach (var c in password)
{
securePassword.AppendChar(c);
}
// Create credentials and context
var credentials = new SharePointOnlineCredentials(userName, securePassword);
var ctx = new Microsoft.SharePoint.Client.ClientContext(webUri);
ctx.Credentials = credentials;
// Get rootweb and the groups for the sitecollection
var rootWeb = ctx.Web;
groups = rootWeb.SiteGroups;
// Load groupcollection and load certain properties in every group right away
ctx.Load(groups, groups => groups.Include(g => g.Title, g => g.Users, g => g.Id));
// Load rootweb, subsites, lists, relative url, title, uniqueroleassingments
// Inlcude uniqueroleassingments and title in lists, spares us a trip to the server
ctx.Load(rootWeb, w => w.Webs, w => w.ServerRelativeUrl, w => w.Title, w => w.Lists.Include(l => l.HasUniqueRoleAssignments, l => l.Title), w => w.HasUniqueRoleAssignments);
ctx.ExecuteQuery();
// First we do these checks for rootweb only, then we recursively check all subsites...
// If uniquepermissions on web, look for external users
if (rootWeb.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsWeb(rootWeb);
}
foreach (var list in rootWeb.Lists)
{
if (list.Title != "MicroFeed" | list.Title != "Delningslänkar")
{
ListHasUniqueRoleAssignment(rootWeb, list, ctx);
}
}
foreach (var subWeb in rootWeb.Webs)
{
WebHasUniqueRoleAssignmentRecursive(subWeb, ctx);
}
System.IO.File.WriteAllText(filePath, csv.ToString(), Encoding.UTF8);
}
private static void WebHasUniqueRoleAssignmentRecursive(Web spWeb, ClientContext ctx)
{
ctx.Load(spWeb, w => w.Webs, w => w.ServerRelativeUrl, w => w.Title, w => w.Lists.Include(l => l.HasUniqueRoleAssignments, l => l.Title), w => w.HasUniqueRoleAssignments);
ctx.ExecuteQuery();
if (spWeb.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsWeb(spWeb);
}
foreach (var list in spWeb.Lists)
{
if (list.Title != "MicroFeed" | list.Title != "Delningslänkar")
{
ListHasUniqueRoleAssignment(spWeb, list, ctx);
}
}
foreach (var subWeb in spWeb.Webs)
{
WebHasUniqueRoleAssignmentRecursive(subWeb, ctx);
}
}
private static void ListHasUniqueRoleAssignment(Web spWeb, List list, ClientContext ctx)
{
var listsFolders = new List<Folder>();
var listsFiles = new List<File>();
var listsItems = new List<ListItem>();
CamlQuery query = CamlQuery.CreateAllItemsQuery();
ListItemCollection items = list.GetItems(query);
ctx.Load(items, icol => icol.Include(i => i.FileSystemObjectType, i => i.HasUniqueRoleAssignments, i => i.File, i => i.Folder, i => i.File.ListItemAllFields.HasUniqueRoleAssignments, i => i.Folder.ListItemAllFields.HasUniqueRoleAssignments));
ctx.ExecuteQuery();
listsItems.AddRange(items);
if (list.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsList(spWeb, list);
}
foreach (var listItem in listsItems)
{
if (listItem.FileSystemObjectType == FileSystemObjectType.File && listItem.HasUniqueRoleAssignments)
{
listsFiles.Add(listItem.File);
}
else if (listItem.FileSystemObjectType == FileSystemObjectType.Folder && listItem.HasUniqueRoleAssignments)
{
listsFolders.Add(listItem.Folder);
}
}
foreach (File file in listsFiles)
{
if (file.ListItemAllFields.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsFile(spWeb, file);
}
}
foreach (Folder folder in listsFolders)
{
if (folder.ListItemAllFields.HasUniqueRoleAssignments)
{
getExternalUsersAndPermissionsFolder(spWeb, folder);
}
}
}
private static void getExternalUsersAndPermissionsWeb(Web spWeb)
{
var ctx = spWeb.Context;
var assignments = spWeb.RoleAssignments;
// Load roleassingment for web, include users and groups and their permissionslevels on this web
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
// Iterate trough all assingments
foreach (var roleAssingment in assignments)
{
// If a user loginname contains #ext# it is an external user, so print the user and the permission level
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Site \"{0}\": {1} har rättighet {2} ", spWeb.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
// If a group
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
// Go to groupcollection we got earlier, get the corresonding groups users
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
// Iterate trough users
foreach (var user in users)
{
// If a user loginname contains #ext# it is an external user, so print the user and the permission level
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Site \"{0}\": {1} har rättighet {2} ", spWeb.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
private static void getExternalUsersAndPermissionsList(Web spWeb, List list)
{
var ctx = spWeb.Context;
var assignments = list.RoleAssignments;
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
foreach (var roleAssingment in assignments)
{
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Lista \"{0}\": {1} har rättighet {2} ", list.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
foreach (var user in users)
{
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Lista \"{0}\": {1} har rättighet {2} ", list.Title, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
private static void getExternalUsersAndPermissionsFile(Web spWeb, File item)
{
var ctx = spWeb.Context;
var assignments = item.ListItemAllFields.RoleAssignments;
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
foreach (var roleAssingment in assignments)
{
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Fil \"{0}\": {1} har rättighet {2} ", item.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
foreach (var user in users)
{
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Fil \"{0}\": {1} har rättighet {2} ", item.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
private static void getExternalUsersAndPermissionsFolder(Web spWeb, Folder folder)
{
var ctx = spWeb.Context;
var assignments = folder.ListItemAllFields.RoleAssignments;
ctx.Load(assignments, assignment => assignment.Include(role => role.Member, role => role.RoleDefinitionBindings));
ctx.ExecuteQuery();
foreach (var roleAssingment in assignments)
{
if (roleAssingment.Member.LoginName.ToString().Contains("#ext") & roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.User))
{
var output = String.Format("Mapp\Dokumentgrupp \"{0}\": {1} har rättighet {2} ", folder.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output);
csv.AppendLine(output);
}
else if (roleAssingment.Member.PrincipalType.Equals(Microsoft.SharePoint.Client.Utilities.PrincipalType.SharePointGroup))
{
var users = groups.Where(g => g.Title == roleAssingment.Member.Title).First().Users;
foreach (var user in users)
{
if (user.LoginName.ToString().Contains("#ext#"))
{
var output2 = String.Format("Mapp\Dokumentgrupp \"{0}\": {1} har rättighet {2} ", folder.Name, roleAssingment.Member.Title, roleAssingment.RoleDefinitionBindings.First().Name);
Console.WriteLine(output2);
csv.AppendLine(output2);
}
}
}
}
}
}
}