DeliverPoint Cmdlets
DeliverPoint operations can be performed also via Powershell.
The following commands are available:
Copy Permissions
Copy-FarmPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Copy-WebAppPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Copy-ManagedPathPermissions -Url <string> -Prefix <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Copy-SitePermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Copy-WebPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -IncludeSubWebs -SupportRollback <OnOffParameter> -ContextUser <string>
Copy-ListPermissions -Url <string> -ListTitle <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Copy-ItemPermissions -Url <string> -ListTitle <string> -ItemId <int> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
The parameters are described below:
- Url – is mandatory and specifies URL of the operation scope. For farm scope it contains URL of any web application of that farm. And for managed path scope it contains URL of any web application containing the managed path.
- From – is mandatory and specifies SP group/user, from which permissions must be copied. If FromGroup paramatere is specified, than value of From parameter is treated as SP group, otherwise as SP user.
- ToUsers – comma separated list of SP user login names, to which permissions must be copied. At least one parameter from ToUsers/ToGroups must be specified.
- ToGroups – comma separated list of SP group names, to which permissions must be copied. At least one parameter from ToUsers/ToGroups must be specified.
- IncludeAlerts – if present means, that SP alerts also must be coped.
- ExcludeLists – if present means, that unique lists of processed webs must be excluded from copying permissions.
- ExcludeItems – if present means, that unique items of processed lists must be excluded from copying permissions.
- IncludeSubWebs – used only for web scope and if present means, that unique sub webs of the web also be take part into copying of permissions.
- SupportRollback – can be None/On/Off (if not present, than None). Specifies whether created job will support or not support rollback (On – support, Off – not support, None – use default value specified from DP central administration settings).
- ContextUser – login name of user, in context of which copy permission must be performed (if not specified job will be executed in system account context).
- Prefix – used for specifying managed path prefix (used for managed path scope only and is mandatory)
- ListTitle – used for List/Item scopes only in cases when user wants to specify list by title (in that case Url parameter can be parent web URL).
- ItemId – used for item scopes only in cases when user wants to specify item by id (in that case Url parameter can be parent list URL of parent web URL if ListTitle parameter also has been specified).
Transfer Permissions
Transfer-FarmPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Transfer-WebAppPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Transfer-ManagedPathPermissions -Url <string> -Prefix <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Transfer-SitePermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Transfer-WebPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -IncludeSubWebs -SupportRollback <OnOffParameter> -ContextUser <string>
Transfer-ListPermissions -Url <string> -ListTitle <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Transfer-ItemPermissions -Url <string> -ListTitle <string> -ItemId <int> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Parameters are the same as the Copy group of commands listed above.
Replace Permissions
Replace-FarmPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Replace-WebAppPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Replace-ManagedPathPermissions -Url <string> -Prefix <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Replace-SitePermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Replace-WebPermissions -Url <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -IncludeSubWebs -SupportRollback <OnOffParameter> -ContextUser <string>
Replace-ListPermissions -Url <string> -ListTitle <string> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Replace-ItemPermissions -Url <string> -ListTitle <string> -ItemId <int> -From <string> -ToUsers <string> -ToGroups <string> -FromGroup -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Parameters are the same as the Copy group of commands listed above.
Delete Permissions
Delete-FarmPermissions -Url <string> -FromUsers <string> -FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Delete-WebAppPermissions -Url <string> -FromUsers <string> -FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Delete-ManagedPathPermissions -Url <string> -Prefix <string> -FromUsers <string> -FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Delete-SitePermissions -Url <string> -FromUsers <string> - FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Delete-WebPermissions -Url <string> -FromUsers <string> - FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -IncludeSubWebs -SupportRollback <OnOffParameter> -ContextUser <string>
Delete-ListPermissions -Url <string> -ListTitle <string> -FromUsers <string> -FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
Delete-ItemPermissions -Url <string> -ListTitle <string> -ItemId <int> -FromUsers <string> -FromGroups <string> -IncludeAlerts -ExcludeLists -ExcludeItems -SupportRollback <OnOffParameter> -ContextUser <string>
The parameters are described below:
- FromUsers – comma separated list of SP user login names, from which permissions must be deleted. At least one parameter from FromUsers/FromGroups must be specified.
- FromGroups – comma separated list of SP group names, from which permissions must be deleted. At least one parameter from FromUsers/FromGroups must be specified.
- Other parameters are the same as the Copy group of commands listed above.
Grant Permissions
Grant-FarmPermissions -Url <string> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
Grant-WebAppPermissions -Url <string> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
Grant-ManagedPathPermissions -Url <string> -Prefix <string> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
Grant-SitePermissions -Url <string> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
Grant-WebPermissions -Url <string> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessSubWebs -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
Grant-ListPermissions -Url <string> -ListTitle <string> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
Grant-ItemPermissions -Url <string> -ListTitle <string> -ItemId <int> -ToUsers <string> -ToGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -GrantDuration <int> -SupportRollback <OnOffParameter> -ContextUser <string>
The parameters are described below:
- ToUsers – comma separated list of SP user login names, to which permissions must be granted. At least one parameter from ToUsers/ToGroups must be specified.
- ToGroups – comma separated list of SP group names, to which permissions must be granted. At least one parameter from ToUsers/ToGroups must be specified.
- Permissions – comma separated of permission level, which must be granted to users/groups specified by parameters ToUsers/ToGroups.
- Groups – comma separated list of SP group names, to which users specified by parameter ToUsers must be added.
- ProcessSubWebs – if present means, that unique sub webs of web also must be processed.
- ProcessLists – if present means, that unique lists of processed lists also must be processed.
- ProcessItems – if present means, that unique items of processed lists also must be processed.
- GrantDuration – contains duration in minutes after which granted permissions will be automatically revoked. If not specified (or negative) than no automatic revoke will be done.
- Other parameters are the same as the Copy group of commands listed above.
Revoke Permissions
Revoke-FarmPermissions -Url <string> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
Revoke-WebAppPermissions -Url <string> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
Revoke-ManagedPathPermissions -Url <string> -Prefix <string> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
Revoke-SitePermissions -Url <string> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
Revoke-WebPermissions -Url <string> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessSubWebs -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
Revoke-ListPermissions -Url <string> -ListTitle <string> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
Revoke-ItemPermissions -Url <string> -ListTitle <string> -ItemId <int> -FromUsers <string> -FromGroups <string> -Permissions <string> -Groups <string> -ProcessLists -ProcessItems -SupportRollback <OnOffParameter> -ContextUser <string>
The parameters are described below:
- FromUsers – comma separated list of SP user login names, from which permissions must be revoked. At least one parameter from FromUsers/FromGroups must be specified.
- FromGroups – comma separated list of SP group names, from which permissions must be revoked. At least one parameter from FromUsers/FromGroups must be specified.
- Permissions – comma separated of permission level, which must be revoked from users/groups specified by parameters FromUsers/FromGroups.
- Groups – comma separated list of SP group names, from which users specified by parameter ToUsers must be removed.
- ProcessSubWebs – if present means, that unique sub webs of web also must be processed.
- ProcessLists – if present means, that unique lists of processed lists also must be processed.
- ProcessItems – if present means, that unique items of processed lists also must be processed.
- GrantDuration – contains duration in minutes after which granted permissions will be automatically revoked. If not specified (or negative) than no automatic revoke will be done.
- Other parameters are the same as the Copy group of commands listed above.
Dead Account Removal
Delete-FarmDeadAccounts -Url <string> -DeadAccounts <string> -ContextUser <string> -AllowDisabled <OnOffParameter>
Delete-ManagedPathDeadAccounts -Url <string> -Prefix <Url> -DeadAccounts <string> -ContextUser <string> -AllowDisabled <OnOffParameter>
Delete-WebAppDeadAccounts -Url <string> -DeadAccounts <string> -ContextUser <string> -AllowDisabled <OnOffParameter>
Delete-SiteDeadAccounts -Url <string> -DeadAccounts <string> -ContextUser <string> -AllowDisabled <OnOffParameter>
The parameters are described below:
- DeadAccounts – comma separated list of dead account names to be deleted. If not specified or empty, than all dead accounts going to be deleted.
- AllowDisabled – On or Off (If not specified than Off). Specifies whether disabled dead accounts also must be deleted or not (dead accounts are of two types: first type users appear because of not existence of appropriate users in AD and second type users appear because of disabling appropriate user in AD).
- Other parameters are the same as the Copy group of commands listed above.
Clone Permissions
Clone-WebPermissions -SourceUrl <string> -TargetUrls <string> -CloneGroups -CloneRoleDefinitions -SupportRollback -ContextUser <string>
Clone-ListPermissions -SourceUrl <string> -TargetUrls <string> -CloneGroups -CloneRoleDefinitions -SupportRollback -ContextUser <string>
Clone-ItemPermissions -SourceUrl <string> -TargetUrls <string> -CloneGroups -CloneRoleDefinitions -SupportRollback -ContextUser <string>
The parameters are described below:
- SourceUrl – is Url of source scope.
- TargetUrls – is comma separated list of target scope Urls.
- CloneGroups – if present means, that missing SP groups will also be cloned to the target web(s).
- CloneRoleDefinitions – if present means, that missing role definitions will also be cloned to the target web(s).
- Other parameters are the same as the Copy group of commands listed above.
Exclude Web Applications
Get-DPWebAppExclusions
* Shows all excluded web application from SharePoint crawl.
Add-DPWebAppExclusions -WebAppUrl <string> -Id <string>
* Excludes specified web application from SharePoint crawl.
Remove-DPWebAppExclusions -WebAppUrl <string> -Id <string>
* Removes specified web application from SharePoint crawl exclusion list.
The parameters are described below:
- WebAppUrl – Url of provided web application (if it provided by Url).
- ID – Id of provided web application (if it provided by id).
Checking the DeliverPoint Versions
Get-DPVersion
Displaying Job Information
Get-DPJobs -JobId <int> -ContextUser <string>
The parameters are described below:
- JobId – specified id of the DP job, information about which must be shown. If not specified, than list of all DP jobs will be shown.
- ContextUser – login name of user, in context of which DP jobs must be retrieved (i.e. only jobs accessible by provided user will be shown). If not specified, than all jobs are treated to be accessible.
Modifying Settings
Set-DPCommonSettings -RenderUrlsInExportedDiscoverPermissions <OnOffParemeter>
The parameters are described below:
- RenderUrlsInExportedDiscoverPermissions – On/Off or None. On values means, that Urls must be rendered in discover permissions report. Off value, means that Urls must not be rendered in discover permissions report. Missing or None value means, that appropriate setting will not be changed.
Setting DeliverPoint Jobs
Set-DPJobsSettings -ForceBreakScopePermissions <OnOffParameter> -ReplacePermissionsOperation <OnOffParameter> -JobsSupportRollbackByDefault <OnOffParameter>
The parameters are described below:
- ForceBreakScopePermissions – On/Off or None. On value means turning on ability of forcing breaking scope permissions (when needed) during execution of DP jobs. Off value means turning off the mentioned ability. None or missing value means not modifying the mentioned ability.
- ReplacePermissionsOperation – On/Off or None. On value means showing replace permissions operation related commands in DeliverPoint UI. Off value means hiding replace permissions operation related commands from DeliverPoint UI. None or missing value means not modifying the mentioned visibility.
- JobsSupportRollbackByDefault – On/Off or None. On value means, that by default (i.e. when user hasn’t specified it explicitly) DP jobs must support rollback. Off value means, that by default DP jobs must not support rollback. None or missing value means, that mentioned default behavior will not be modified.
Powershell commands for crawling specific AD groups
This command specifies an entire list of AD groups to crawl
Set-ADGroupsToCrawl LISTOFGROUPS
OR
Set-ADGroupsToCrawl -Groups LISTOFGROUPS
LISTOFGROUPS is a comma separated list of AD group names (in form of domain\group)
This command adds a new group to current list of groups to crawl
Add-ADGroupsToCrawl GROUPNAME
OR
Add-ADGroupsToCrawl -Group GROUPNAME
GROUPNAME is the name of the AD group (in form of domain\group)
This command removes a group from current list of groups to crawl
Remove-ADGroupsToCrawl GROUPNAME
OR
Remove-ADGroupsToCrawl -Group GROUPNAME
GROUPNAME is the name of the AD group (in form of domain\group)
This command returns the current list of groups to crawl
Get-ADGroupsToCrawl
Powershell commands for separating the title/name columns for items in discover permissions report
Set-DPCommonSettings -SeparateItemNameAndTitleInDiscoverPermissions On
To turn off that ability, Off must be specified instead of On
Set-DPCommonSettings -SeparateItemNameAndTitleInDiscoverPermissions Off
Go to top of section →
Post your comment on this topic.