Pages

7 Oct 2016

Add super user and super reader via PowerShell


Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

####SET ACCOUNT NAMES (Replace Domain and UserName)
#SUPER USER ACCOUNT – Use your own Account (NB: NOT A SHAREPOINT ADMIN)
$sOrigUser= "domain\SP_SuperUser"
$sUserName = "SP_SuperUser"

#SUPER READER ACCOUNT – Use your own Account (NB: NOT A SHAREPOINT ADMIN)
$sOrigRead = "domain\SP_SuperRead"
$sReadName = "SP_SuperRead"

$apps = get-spwebapplication 
foreach ($app in $apps) {
   #DISPLAY THE URL IT IS BUSY WITH
   $app.Url
   if ($app.UseClaimsAuthentication -eq $true)
   {
    # IF CLAIMS THEN SET THE IDENTIFIER
    $sUser = "I:0#.w|" + $sOrigUser
    $sRead = "I:0#.w|" + $sOrigRead
   }
   else
   {
   # CLASSIC AUTH USED
     $sUser = $sOrigUser
     $sRead = $sOrigRead
   }
   
   # ADD THE SUPER USER ACC – FULL CONTROL (Required for writing the Cache)
   $policy = $app.Policies.Add($sUser, $sUserName)
   $policyRole = $app.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullControl) 
   $policy.PolicyRoleBindings.Add($policyRole)

   $app.Properties["portalsuperuseraccount"] = $sUser
   $app.Update()

   # ADD THE SUPER READER ACC – READ ONLY
   $policy = $app.Policies.Add($sRead, $sReadName)
   $policyRole = $app.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullRead) 
   $policy.PolicyRoleBindings.Add($policyRole)

   $app.Properties["portalsuperreaderaccount"] = $sRead
   $app.Update()
 }

No comments:

Post a Comment