SharePoint Online: Get Site Owners list from all Sites

I have been asked to get list of all explicit user accounts  and group with site owner permissions for all sites. I wrote a script using Get-SPOSite, Get-SPOUsers and Get-SPOGroup commands.

To make it easier I wrote the script requires the mandatory parameter of Office 365 Tenant name. The script will create a CSV file on the script working (current) directory.

Instructions:

• Install SharePoint Online Management Shell (Download it from https://www.microsoft.com/en-us/download/details.aspx?id=35588)
• Copy or Create the script to the desired location (e.g., C:\Scripts).
• Open PowerShell and change the working directory to the location where script is located
• Run the script with parameter TenantName
• When asked provide the SharePoint Administrator credentials

e.g.,  if the sharepoint admin URL is https://contoso-admin.sharepoint.com, then the tenant name is contoso.

.\SiteOwnersList.ps1 -TenantName contoso

Download the script from HERE.

You may also copy/paste the script in PowerShell ISE and save as SiteOwnersList.ps1.

<#
***    Script Name: SiteOwnersList.ps1
***    Purpose: List all SharePoint Online sites and it’s Owners from the site permissions list (Users and Groups) and create the report to a CSV file.
***             The generated CSV file stored at PowerShell script running location (local directory)
***    Parameters: <TenantName> – provide your SharePoint Online (Office 365) Tenant Name (usually your domain name)
***
***    Written By: Anand, the awesome, Venkatachalapathy
***
#>

param (  [Parameter(Mandatory=$True)]
[string]$TenantName )

#Form a SharePoint Admin URl
$AdminURL = “https://$tenantName” + “-admin.sharepoint.com”

#Add SharePoint PowerShell Snap-in and Importing the SharePoint Online module
Add-PSSnapin microsoft.sharepoint.powershell -ErrorAction SilentlyContinue
Import-Module ‘C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell’ -DisableNameChecking

#Connect to SharePoint Online
Connect-SPOService -Url $AdminURL -Credential (Get-Credential)

#Headers for the data
“Site URL`tOwner`tUsers`tGroup`tGroup Members” | Out-File -FilePath .\SharePointSiteOwners.csv

#Get all Sites (Root sites only)
$sites = Get-SPOSite -Limit All

#Process all sites
foreach($site in $sites)
{
$siteURL = $site.Url
$siteOwner = $site.Owner

    Write-Host $siteURL -ForegroundColor Cyan
Write-Host $siteOwner -ForegroundColor Cyan

#Get all users with Site Owner permissions
$siteAdmins = Get-SPOUser -Site $siteURL -Limit All | select LoginName,IsSiteAdmin | ? { $_.ISSiteAdmin }

    #Collect all site owners (user accounts) to a variable $siteUsers
$siteUsers = “”
foreach($siteAdmin in $siteAdmins) { $siteUsers += $siteAdmin.LoginName + ” , ” }

    Write-Host $siteUsers -ForegroundColor Cyan

#Get all Groups from the site permissions
$sitegroups = Get-SPOSiteGroup -Site $siteURL

#Get Group info and members that have site owners permissions
foreach ($sitegroup in $sitegroups)
{
$i = 0
foreach($role in $sitegroup.Roles)
{
if ( $role.Contains(“Site Owner”) -or $role.Contains(“Full Control”) )
{
$i = $i + 1
Write-Host $sitegroup.Title -ForegroundColor “Yellow”
Write-Host $sitegroup.Users -ForegroundColor “Blue”

                if ($i -gt 1)
{
“`t`t`t” + $sitegroup.Title + “`t” + $sitegroup.Users | Out-File -FilePath .\SharePointSiteOwners.csv -Append
}
else
{
“$siteURL`t$siteOwner`t$siteUsers`t” + $sitegroup.Title + “`t” + $sitegroup.Users | Out-File -FilePath .\SharePointSiteOwners.csv -Append
}
}
}
}
}

<#
***                                                                            The END
#>