SharePoint Saturday Boston
June 13, 2015
USING POWERSHELL TO
IMPROVE SHAREPOINT
MANAGEMENT
Mitch Darrow, Senior Consultant
berrydunn.com | GAIN CONTROL
BerryDunn Overview
•
Public accounting and
management/IT consulting firm
•
Founded in 1974, the firm now
has over 250 personnel and 36
principals
•
$50 million in annual revenue
Legend
Office Locations
Satellite Office Locations
•
For the last four years, BerryDunn was designated as an
INSIDE Public Accounting (IPA) “Top 100 Firm,” and was
also named as a “Fastest-Growing” firm.
•
Named “Best CPA Firm for Women” by the American
Society of Women Accountants and the American Woman’s
Society of Certified Public Accountants.
2
INDEPENDENCE AND OBJECTIVITY
We do not sell or develop hardware or software.
We do not partner with software developers
or solution providers.
Independence allows our team to provide objective IT
consulting services and to offer recommendations that
represent only the client’s best interests.
3
MITCH DARROW
SENIOR CONSULTANT
GOVERNMENT CONSULTING GROUP
Over 25 years of IT experience in global manufacturing companies.
Specializing in:
• Windows Architecture
• Security Best Practices
• Databases
• SharePoint
• Exchange
• Programming ( C#, PowerShell)
Representative clients
• Colorado DHS
• Washington State Auditors Office
• West Virginia Bureau of Medical Services
4
MITCH DARROW
About me
Husband and father of three
Live in the Portland, Maine area
Avid Kayaker, hopefully soon to be a
Maine guide
Bike commuter
Volunteer
IT Geek
5
GAP YEAR
ADVOCATE
All three of my kids have had an
adventure before starting
University. Ask me about it after
the presentation, if you are
interested!
6
WHAT ARE THE CHALLENGES?
Important information is everywhere
• Central Administration
• Site Collection
• Sites
• SQL Management Studio
How do we get the information into the hands of those who need it?
Helpdesk
IT On Call
Managers
Business Users
7
POWERSHELL CAN HELP!
Read information from almost anywhere in SharePoint
Read information from SQL Server
Read data from Active Directory
Write all this data into a SharePoint Site
Create Ops dashboard
Management dashboard
All using the same toolkit!
8
SOME PREREQUISITES
User context running the script needs permissions:
Add-SPShellAdmin
Adds user to:
•
SharePoint_Shell_Access Role
•
WSS_ADMIN_WPG group on the local computer
Add-SPShellAdmin -UserName CONTOSO\User1 -database 4251d855-3c15-4501-8dd1-98f960359fa6
Additional information:
https://technet.microsoft.com/en-us/library/ff607596.aspx
9
BEFORE WE BEGIN
Please don’t develop and/or test in Production!
If you don’t understand what a script is doing, you probably shouldn’t be running it!
PowerShell allows you to structure logic in dramatically different ways. All are
correct, but they are not all equal.
Don’t assume that one structure is better than another. If performance is important,
measure it with measure-command{}.
Error handling (Try/Catch) is always a best practice. I acknowledge this is absent
from my sample code.
10
THE BASICS:
Add the snap in to PowerShell
Add-PSSnapIn Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
Create an array of all the web application objects:
$webApps = Get-SPWebApplication http://intranet.contoso.com
foreach($webApp in $webApps) {
}
11
THE BASICS CONTINUED:
Looping through all the site collections in the web application:
foreach($site in $webApp.Sites){
}
Looping through all of the sites in each site collection:
foreach($web in $site.AllWebs) {
}
12
SO, WHAT KINDS OF
INFORMATION CAN WE COLLECT?
Inventory the names and URLs of all sites in the farm
Inventory Crawl information for the farm
Last status & Duration
Number of items crawled
Get all Role Assignments and Permission levels
Expand SharePoint groups
Expand AD groups
13
SO, WHAT KINDS OF
INFORMATION CAN WE COLLECT?
Get content database associated with site collection
database growth settings
database sizes
backup mode
full/differential/log backup statuses
Inventory list versioning settings
Site size
Site last updated
14
USERS AND PERMISSIONS OVERVIEW
SharePoint Site Permissions can be messy
Role Assignments can be
SharePoint Groups
AD Groups
User Objects
SharePoint Groups can contain users or AD groups
AD groups can contain users and other groups
15
USERS AND PERMISSIONS
Check if the site has unique permissions of inherits:
if($web.HasUniqueRoleAssignments -eq $false) { }
If permissions are unique:
foreach($assignment in $web.RoleAssignments){ }
Check if the member string is empty or not:
if(-not [string]::IsNullOrEmpty($assignment.Member.Xml)) { }
Check if the xml starts with a group tag:
if($assignment.Member.XML.StartsWith('<Group') -eq "True") { }
16
USERS AND PERMISSIONS 2
Check if the xml starts with a group tag:
if($assignment.Member.XML.StartsWith('<Group') -eq "True") { }
Get the members of the SharePoint group:
foreach($SPGroupMember in $assignment.Member.Users) { }
Check to see if the IsDomainGroup property for the member is true:
if($SPGroupMember.IsDomainGroup) { }
17
WRITING DATA TO SHAREPOINT
#Get the SPWeb object and save it to a variable
$web = Get-SPWeb $webURL
#Get the List object to retrieve the "Demo List"
$list = $web.Lists[$listName]
#Create a new item
$newItem = $list.Items.Add()
18
WRITING DATA TO SHAREPOINT 2
Add data to this list item
$newItem["SiteURL"] = $SiteURL
$newItem["InheritsPerms"] = $InheritsPerms
$newItem["SPGroup"] = $SPGroup
$newItem["ADGroup"] = $ADGroup
$newItem["ADUserGroupMembers"] = $ADUserGroupMembers
$newItem["PermLevel"] = $PermLevel
$newItem["ADUser"] = $ADuser
Update the object so it gets saved to the list
$newItem.Update()
19
LETS LOOK AT THE SCRIPT
SP_SiteandLibraryInventoryTemplate.ps1
Basic script that will iterate through all sites, just add actions.
SP_SiteandLibrarySecurityInventory.ps1
This script will also catalog any Library that has unique permission assignments
Utilizes the constructions highlighted
This is one way to structure the code, there are others.
20
THE RESULTS
21
SITE MAP
We can easily get these data points for every site:
• Site Name via the Name property
• URL
• Parent Site Collection
This is not very useful in an environment where you have a lot
of project sites.
22
SITE MAP 2
We add a list and populate it with data at creation:
• Project Sponsor
• Project Manager
• Client
• Executive Summary
Combining this data using powershell into a single list creates
a dynamic and functional site map that the helpdesk,
management and employees can leverage.
This may not fit all use cases.
23
A DIFFERENT USE CASE
Find where a particular lives on web part on pages in
your site
Maybe it is one of the “Fab 40”, maybe just a feature
that you think may no longer be needed.
•
Use the structure to iterate through all your sites
•
Look for ASPX pages
•
Read the data into an object (check textstream)
•
Check for the web part GUID
•
Write information to a custom object for any site and page that has the web part.
24
VERSIONING SETTINGS
Function GetVersioningSettings{
foreach ($web in (Get-SPSite -Limit All | Get-SPWeb -Limit All)){
foreach ($list in ($web.Lists | ? {$_ -is [Microsoft.SharePoint.SPDocumentLibrary]})){
$Moderation = $list.EnableModeration
$VersioningEnabled= $list.EnableVersioning
$MajorVersionEnabled = $list.EnableMinorVersions
$MajorMinorVersionLimit = $list.MajorWithMinorVersionsLimit
$MajorVersionLimit = $list.MajorVersionLimit
$RequireCheckout = $list.ForceCheckout
$DraftVisibility = $list.DraftVersionVisibility
} #end for each list
$web.Dispose();
} #end for each web
} #end function
25
SITE SIZE
[long]$WebSize = BD-CalculateFolderSize($Web.RootFolder)
foreach($RecycleBinItem in $Web.RecycleBin){
$WebSize += $RecycleBinItem.Size
}
$Size = [Math]::Round($WebSize/1MB, 2)
26
SITE SIZE 2
Function BD-CalculateFolderSize($Folder){
[long]$FolderSize = 0
foreach ($File in $Folder.Files){
#Get File Size
$FolderSize += $file.TotalLength;
#Get the Versions Size
foreach ($FileVersion in $File.Versions){
$FolderSize += $FileVersion.Size
}#end foreach version
}#end foreach file
foreach ($SubFolder in $Folder.SubFolders){
$FolderSize += CalculateFolderSize $SubFolder
}#end foreach subfolder
return $FolderSize
} #end function
27
CONTENT DATABASES
Identify the content databases for a web application:
$ContentDatabases = $webapp.ContentDatabases
Connect to SQL server:
$srv = new-object ('Microsoft.SqlServer.Management.Smo.Server')
$dbinfo = $srv.databases
$selectfields =
@("DatabaseName","Parent","CreateDate","dboLogin","CompatibilityLevel","Encrypti
onEnabled","IsAccessible","ID","Owner","RecoveryModel","LastBackupDate","LastDiff
erentialBackupDate","LastLogBackupDate", "Status", "PrimaryFilePath")
28
CONTENT DATABASES 2
$props = New-Object -TypeName PSCustomObject -Property @{
DatabaseName = $db.Name
Parent = $db.Parent
CreateDate = $db.CreateDate
dboLogin = $db.dboLogin
CompatibilityLevel = $db.CompatibilityLevel
EncryptionEnabled = $db.EncryptionEnabled
ID = $db.ID
Owner = $db.Owner
RecoveryModel = $db.RecoveryModel
LastBackupDate = $db.LastBackupDate
LastDifferentialBackupDate = $db.LastDifferentialBackupDate
LastLogBackupDate = $db.LastLogBackupDate
} | Select-Object $selectfields
$log += $props
} # end foreach db
29
CRAWL INFORMATION
$sources = Get-SPEnterpriseSearchServiceApplication | Get-SPEnterpriseSearchCrawlContentSource
$array = @()
$obj = $null
Foreach($i in $sources) {
if($i.fullcrawlschedule) {
$obj = new-object Psobject -prop @{
Source = $i.Name
Status = $i.crawlstatus
Started = $i.crawlstarted
Completed = $i.crawlcompleted
Schedule = ($i | select -expand fullcrawlschedule).description
}
$array += $obj
}
30
WHAT IS NEXT
Load Data into a SharePoint site
Build dashboards with different views of the data for different audiences
• Helpdesk
• On Call
• Management
31
SOME SUGGESTIONS FOR BEST PRACTICES
Make repeating code into functions
•
Use a prefix to readily identify
•
I prefix all of my functions with BD-
Use parameters for input values rather than hard coding variables.
Get stuff for free: Use Advanced functions
•
Put this line of code as the first none commented line: [cmdletbinding()]
•
This gives you a verbose switch which executes write-verbose
•
This gives you write-debug as well
Here is a good reference: http://blogs.technet.com/b/heyscriptingguy/archive/2014/05/30/powershell-bestpractices-advanced-functions.aspx
32
RESOURCES
Here are some resources that I rely upon:
Use the get-member command to discover properties of an object. Here is a good
resource: https://technet.microsoft.com/en-us/library/ee176854.aspx
MSDN is the best resource, but it can be hard to find/read. Here is a good starting
point: http://blogs.msdn.com/b/powershell/
One of the best resources is http://powershell.org. This organization is constantly
posting great information. I suggest that you follow them on twitter @PSHOrg.
Follow Don Jones, who is also part of PowerShell.org @ConcentratedDon
The Scripting Guys blog about all things script related, but a large percentage are
powershell related. http://blogs.technet.com/b/heyscriptingguy/
33
FINAL THOUGHTS
The samples will be available for download at the SPSBOS Site.
I don’t have all the answers, so:
•
If you improve a script, share it with me!
•
If a script triggers a cool idea, share it with me!
One final note, if you use one of these scripts in production please replace my
contact details with yours! I will gladly answer questions, but I really don’t have the
capacity to support another production environment.
34
35
SPS Boston 2015 is made possible
by our Sponsors
Thanks for Attending!
How you can reach me:
• Email: mitchell.darrow@gmail.com
• Twitter: @mitchdarrow
• Linkedin: https://www.linkedin.com/pub/mitch-darrow/13/268/8b7
37