SharePoint 2013 TIP: Export All Unique Permissions from Site Collection using PowerShell

Introduction

The best PowerShell script that I have found to date for inventorying a site collection's user and group permissions is one developed by Guru Karnik and published in this TechNet Wiki posting. It runs against one site collection at a time and conveniently outputs its results to a CSV file. The site collection URL and path to where to write the output file are entered from the command line. Output lists the following properties:

• SiteURL [Url to site collection or subweb] 
• SiteTitle [name of site collection or subweb] 
• ObjectType [site, list, document library] 
• ObjectUrl [relative to site collection URL] 
• ListTitle [NA if site or subweb] 
• MemberName [simple name of user or group] 
• MemberLoginName [claims-based name of user or simple group name] 
• MemberType [SPUser, SPGroup, SPGroupMember] 
• JobTitle [NA if SPUser or SPGroup, or blank if SPGroupMember] 
• Department 
• ParentGroup 
• GroupOwner [NA if type SPUser or not set, otherwise as set] 
• RoleDefinitionBindings [Full Control, Design, Read, Restricted Read, etc, etc]

Though this script was originally developed by Guru for SharePoint 2010, I have found it to successfully execute against SharePoint 2013.

Reference

• SharePoint 2010: Export All Unique Permissions from Site Collection using PowerShell
• SharePoint Permission Analyzer
• SharePoint 2013–Generating Unique Permissions Report
• SharePoint 2010 Permission Report: Check Access Rights for a Specific User
• Powershell get permission on SPSite/SPweb (and all list)