Reset Broken inheritance in SharePoint 2010 site collection

this PowerShell script allows for resetting broken inheritance within a site collection. It will run through all subsites, lists, document libraries, folders and individual items, check if permission inheritance is broken and reset the inheritance. 

 
 
 
 
 
4.9 Star
(7)
1,917 times
Add to favorites
SharePoint
5/14/2012
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Exception calling ResetRoleInheritance
    5 Posts | Last post March 11, 2015
    • I run the script and show me this error message:
      
      Exception calling "ResetRoleInheritance" with "0" argument(s): "There are uncom
      mitted changes on the SPWeb object, call SPWeb.Update() to commit the changes b
      efore calling this method."
      At C:\powershellfiles\Reset-BrokenInheritance.ps1:14 char:28
      +         $web.ResetRoleInheritance <<<< ()
          + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
          + FullyQualifiedErrorId : DotNetMethodException
      
      I hope you can talk me about this error. (I have Sharepoint Foundation.)
      
      Thanks.
    • I put $web.Update() before the sentences $web.ResetRoleInheritance() then seem it's working. But i'dont know what is the impact?
    • I have updated dirks script.  I have tried posting my updates but technet keeps telling me "unknown error" when I attempt to post, so lets try it one at a time:
      
      Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction:SilentlyContinue ;
      
      #$url = read-host "Enter URL"
      $url = "http://portal.test.bpa.gov/sandbox/vader"
      
      $SPSite = get-spsite $url
      
      function resetWebsPerms ($site)
      {
      	foreach ($web in $site.allwebs)
      	{
      		if ($web.IsRootWeb) {return} else {
      			if ($web.HasUniqueRoleAssignments) 
      			{ 
      				$web.update() ;
      				Write-Host "Resetting inheritance on WEB:" $web.Url   ;
      				$web.ResetRoleInheritance() ;
      				$web.Update() ;
      				$web.dispose()
      			}
      		}
      	}
      }
      
    • And part two : 
      ****************************
      
      
      function resetListPerms ($site)
      {
      	foreach ($web in $site.allwebs)
      	{
      		foreach ($list in $web.lists)
      		{
      			if ($list.title -eq "Site Collection Images" -or $list.title -eq "Style Library") {write-host "Skipping " $list.title ; return} 
      				else {
      				if ($list.HasUniqueRoleAssignments) 
      				{ 
      					Write-Host "Resetting inheritance on List:" $list.Title   ;
      					$list.ResetRoleInheritance() ;
      					$list.Update() ;
      					$web.update() ;
      					$web.dispose()
      				}
      			}
      		}
      	}
      }
      
      function resetListItemPerms ($site)
      {
      	foreach ($web in $site.allwebs)
      	{
      		foreach ($list in $web.lists)
      		{
      			foreach ($item in $list.items)
      			{
      				if ($item.HasUniqueRoleAssignments) 
      				{ 
      					Write-Host "Resetting inheritance on List Item:" $item.name   ;
      					$item.ResetRoleInheritance() ;
      					$item.Update() ;
      					$web.update() ;
      					$web.dispose()
      				}
      			}
      		}
      	}
      }
      
      function resetListFolderPerms ($site)
      {
      	foreach ($web in $site.allwebs)
      	{
      		foreach ($list in $web.lists)
      		{
      			if ($list.BaseType -eq "DocumentLibrary")
      			{
      				foreach ($folder in $list.folders)
      				{			
      					if ($folder.HasUniqueRoleAssignments) 
      					{ 
      						Write-Host "Resetting inheritance on folder:" $folder.Title   ;
      						$folder.ResetRoleInheritance() ;
      						$folder.Update() ;
      						$web.update() ;
      						$web.dispose()
      					}
      				}
      			}
      		}
      	}
      }
      
      resetListFolderPerms($SPSite)
      resetListItemPerms($SPSite)
      resetListPerms($SPSite)
      resetWebsPerms($SPSite)
      
      $spsite.dispose()
    • Helpful code
  • great script
    3 Posts | Last post March 11, 2015
    • Thanks Drik,
      
      What about the impact?
      If you can add a sub script to get all users and principles  who’ve broken permissions as a pre-check report, to see the impact before execute it , it will be helpful.
      
      Thanks again 
      
      Megren
      
    • thanks for the feedback. For your question, use my Find-BrokenInheritance.ps1 script that you can find at http://gallery.technet.microsoft.com/Find-Broken-Inhertitance-be991a85
      
    • Helped in a better way