Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
####SET ACCOUNT NAMES (Replace Domain and UserName)
#SUPER USER ACCOUNT – Use your own Account (NB: NOT A SHAREPOINT ADMIN)
$sOrigUser= "domain\SP_SuperUser"
$sUserName = "SP_SuperUser"
#SUPER READER ACCOUNT – Use your own Account (NB: NOT A SHAREPOINT ADMIN)
$sOrigRead = "domain\SP_SuperRead"
$sReadName = "SP_SuperRead"
$apps = get-spwebapplication
foreach ($app in $apps) {
#DISPLAY THE URL IT IS BUSY WITH
$app.Url
if ($app.UseClaimsAuthentication -eq $true)
{
# IF CLAIMS THEN SET THE IDENTIFIER
$sUser = "I:0#.w|" + $sOrigUser
$sRead = "I:0#.w|" + $sOrigRead
}
else
{
# CLASSIC AUTH USED
$sUser = $sOrigUser
$sRead = $sOrigRead
}
# ADD THE SUPER USER ACC – FULL CONTROL (Required for writing the Cache)
$policy = $app.Policies.Add($sUser, $sUserName)
$policyRole = $app.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullControl)
$policy.PolicyRoleBindings.Add($policyRole)
$app.Properties["portalsuperuseraccount"] = $sUser
$app.Update()
# ADD THE SUPER READER ACC – READ ONLY
$policy = $app.Policies.Add($sRead, $sReadName)
$policyRole = $app.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullRead)
$policy.PolicyRoleBindings.Add($policyRole)
$app.Properties["portalsuperreaderaccount"] = $sRead
$app.Update()
}
Pages
▼
No comments:
Post a Comment