Delete all unique permissions in a site collection

A little console application that restores inherited permissions for all the items, documents, lists, libraries and sites in a site collection. It is equivalent of the button "Delete Unique Permissions" in the Permission Settings for a document/library or a site.

5 Star
532 times
Add to favorites
Office 365
E-mail Twitter Digg Facebook
  • System lists
    4 Posts | Last post September 26, 2019
    • Hello Arleta,
      I ran your program in a test environment and it works like a charm. Thank you for such a neat tool.
      I did encounter one problem though. The program also restores inheritance on some 'system' lists in the root site. Those have inheritance disabled by default and it seems preferable to keep it that way.
      Some examples from the log created by your application:
      /sites/Inheritance Test/IWConvertedForms/Forms/AllItems.aspx
      /sites/Inheritance Test/_catalogs/users/detail.aspx
      /sites/Inheritance Test/Lists/ContentTypeSyncLog/AllItems.aspx
      -- AB922B82-8406-4E49-B17B-9057BDF09503
      /sites/Inheritance Test/Lists/TaxonomyHiddenList/AllItems.aspx
      I'm not a coder myself (I really can't even interpret the source you uploaded...) so I would like to ask if you could create exceptions for these default items to make sure their inheritance is not 'restored'. That would make this little program perfect. As it is now, I can't safely use it on the root site of a site collection.
    • You are right, Leij. Thank for testing before using. The program makes no exceptions, it's just a sample of functionality.
      I can create a Powershell script that will omit the permissions in the lists above. Is it, however, the full list of lists or just samples?
      I am also in the middle of preparing an .app solution with few more options - maybe it would be more suitable for you. I am hoping to release Alpha version next week and I will update the post with the link.
    • Hi Arleta,
      First of all, thank you for your reply.
      As for your questions, it isn't the entire log, just the entries of which i was pretty sure they were of the 'system' category. Here's the full log:
      Unique permissions deleted in:
      -- Map 1
      -- Document3
      -- Document1
      /sites/Inheritance Test/bieb2root/Forms/AllItems.aspx
      /sites/Inheritance Test/IWConvertedForms/Forms/AllItems.aspx
      /sites/Inheritance Test/_catalogs/users/detail.aspx
      /sites/Inheritance Test/Lists/ContentTypeSyncLog/AllItems.aspx
      -- AB922B82-8406-4E49-B17B-9057BDF09503
      /sites/Inheritance Test/Lists/TaxonomyHiddenList/AllItems.aspx
      -- Sub1
      -- AB922B82-8406-4E49-B17B-9057BDF09503 Test/subsite2
      Aside from the obvious legitimate items I labeled map, doc, sub etc. and the entries stated in my previous post there are multiple entries that look something like a GUID. I checked what those were and they seem to be system created entries in the Microfeed list. These were the only things turning up when appending it to the SharePoint URL or after doing a site search. The string of characters of the Microfeed entries matched exactly.
      I have to say i do not suspect re-enabling the inheritance on those entries will cause anything to break, seeing they have NO entries in the ACL by default (i also observed this on a site of a customer of mine). I can't be sure though. I can imagine it might create some conflict with a company's policies regarding security, so there's that.
      A script omitting the system 'lists' would be much appreciated, but if you are working on an executable that's nearly finished and will do the same things, I'd rather wait on that.
      FYI I ran this app on Windows 10 and it worked like a charm, so I guess you can add that to your 'tested on' table on the description page.
    • Thank you, updated :)
  • Possible to remove 5000 item limit?
    2 Posts | Last post July 07, 2015
    • Is it possible to remove the 5000 item limit? What is the impact?
    • Thanks for the question, Josh.
      Unfortunately the 5000 item limit does not come from a limit I set in the script, but from the view threshold that is inherent to all SharePoint Online lists. 
      There may be a way around this, but bear in mind that above the 5000 view limit the list may misbehave.