Press enter to see results or esc to cancel.

Check User Footprint on your SharePoint 2013 On-Premise Farm

I have encountered a few instances where a user has asked me to mimic his permissions corresponding to another user. In such scenarios it is really difficult to check the user’s footprint on all site collections in the farm. I have written a script that is placed here: TechNet Download. This script checks any user’s permissions on all sites in the farm (You need to mention the web applications to iterate explicitly in the code). Here are a few features:

    • It generates the output in the form of csv (sample attached)
    • It also mentions if the user is getting permissions from “Everyone” or “NT Authority\Authenticated Users”
    • It checks
      • Explicit Site permissions (Ignores the ones inheriting permissions)
      • Permissions assigned through SP Groups
      • Explicit List permissions (Ignores Hidden lists and those inheriting permissions)

Note: It does not check item-level permissions and does not check membership for domain groups

Usage: Just open the powershell file, go to the bottom, and add your web application urls to the $theArray variable. There are two way to use it:

  • .\CheckUser.ps1 -UserName “domain\username”
  • .\CheckUser.ps1 -UserName “domain\username” -IncludeEveryone (This includes places where the permissions have been assigned using either the “Everyone” group or the “NT Authority\Authentiated Users” group)
Comments

Leave a Comment