Yesterday I worked with one of my colleagues on a PowerShell script to update/change access request on all the sites/webs inside a web application. The requirement was to check if access request is enabled or not on a site. If yes, then update the access request email address to a specific email address. The script checks all the webs and sites inside the mentioned web application and then updates the access request email. My colleague has also blogged about this and the post can be found here.
What is access request email?
Consider a user tries to access a SharePoint site and gets "Access Denied" message. If access request are enabled on the site collection or web, then they will get similar screen like below.
If the user clicks on the "Request access" link, an email is sent to the person (who is specified in the access request settings for the site). This person can then add the user and give appropriate permissions. This is useful, if the number of users is not known when setting up the SharePoint site.
Access requests can be enabled on site (or web if the web have unique permissions) by navigating to Site Settings -> Site Permissions. In the ribbon, an option to manage access request can be seen
Now, consider that there are hundreds and thousands of site and webs (with unique permissions) and you need to update the email address for access requests. This would be a very tedious and time consuming task. Below is a script which will allow to update the access request email address for all the sites and webs in a single web application at once. The scripts iterates through all the sites (and webs inside the site) and checks if there are unique permissions or not. If not, then the web is skipped (because the access request settings are being inherited from the parent site). If yes, then the email address is updated.
Replace the "URL of Web Application" with your web application url. e.g. http://sharepointserver
and replace "Specify access request email here" with the email address of the person who should manage the access requests.
What is access request email?
Consider a user tries to access a SharePoint site and gets "Access Denied" message. If access request are enabled on the site collection or web, then they will get similar screen like below.
Access requests can be enabled on site (or web if the web have unique permissions) by navigating to Site Settings -> Site Permissions. In the ribbon, an option to manage access request can be seen
In the next screen, you will see options to enable access requests and specify the email address.
Now, consider that there are hundreds and thousands of site and webs (with unique permissions) and you need to update the email address for access requests. This would be a very tedious and time consuming task. Below is a script which will allow to update the access request email address for all the sites and webs in a single web application at once. The scripts iterates through all the sites (and webs inside the site) and checks if there are unique permissions or not. If not, then the web is skipped (because the access request settings are being inherited from the parent site). If yes, then the email address is updated.
Replace the "URL of Web Application" with your web application url. e.g. http://sharepointserver
and replace "Specify access request email here" with the email address of the person who should manage the access requests.
Add-PSSnapin Microsoft.SharePoint.Powershell [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") $webapp =Get-SPWebApplication "URL of Web Application" foreach($site in $webapp.Sites) { foreach($web in $site.AllWebs) { if (!$web.HasUniquePerm) { Write-Host "Access Request Settings is inherted from parent." } elseif($web.RequestAccessEnabled) { $web.RequestAccessEmail ="Specify the access request email here" $web.Update() } else { Write-Host "Access Request Settings not enabled." } } }
Let me know if this helps or if there are any queries.
Thanks for the script!
ReplyDeleteWhat should I change if I just want to list all the email address for each site in the web application?
Instead of this :
Deleteelseif($web.RequestAccessEnabled)
{
$web.RequestAccessEmail ="Specify the access request email here"
$web.Update()
}
else
{
Write-Host "Access Request Settings not enabled."
}
just get the email address in a variable using:
$variable = $web.RequestAccessEmail
and output that in a array or append to a file.