Change files and folder permissions on OneDrive for Business with Powershell

  • Artykuł

A couple of weeks ago, a customer, asked me about the possibility to create a Service Request with System Center Service Manager that, in early stages, can dynamically and automatically create documents to share, to be completed and finally be signed digitally by different people in different areas. It wasn't a big challenge until I try to change permissions to files on OneDrive to grant access only for Reviewers for that activity, and remove permissions for everyone not directly involved in the review activity.

 

img1

 

So I create this powershell script able to invoke the OneDrive for Business API and change permissions: it works like a charms :)

1) Download the SharePoint Online Management Shell from here and install it

2) Download the connectTo-Onedrive script

3) Open it and modify the variables with your data

 

img22

(yes, I've to improve the password area in order to hide data... if you have suggestions about it, write me a comment, I'll be glad to update the script

4) Execute the script manually... and then integrate it with Orchestrator or SMA!

 

img4

 

img3

Enjoy and as usual, if you have any comment or suggestion, feel free to ask me in comments

have a good lazy day! :)

Comments

  • Anonymous
    April 13, 2016
    Hi, thanks for sharing this great script!
    • Anonymous
      April 13, 2016
      you're very welcome :)
  • Anonymous
    April 13, 2016
    is it possible to use it for a large number or files?
    • Anonymous
      April 13, 2016
      of course, you have to modify the script in order to make 1 authentication and then recursively call the method to change permission, for every file in your directory
  • Anonymous
    June 13, 2016
    Hi,I tested sending to external mails to accounts without passport and these guys didn't receive the e-mail.After to do the passport registration the account received the e-mail.Did you get this problem ?
  • Anonymous
    November 25, 2016
    This is a great piece of code, and works for what I'm trying to achieve if I'm targetting individual users with a specific email address. My end goal is to analyse the 'Shared with Everyone' folder and remove the 'Everyone' permissions so the folder is secured. Is there a way to reference the 'Everyone' permissions so that this script will remove group permissions?Thanks & keep up the awesome work :)