sharepoint - mapping/migrating sharepoint users
问题描述
I am currently working on a sharepoint migration on a test environment, and have now come to the point where I would like to map/migrate my existing Ad groups and users from SP 2010 to SP 2013. Now when researching this I find alot of vague information but nothing very solid concerning this matter. How would I best go about this.
Let's say I have following users in a csv file representing the users on the SP 2010 environment:
c:0!.s|windows
i:0#.w|domainhere\administrator i:0#.w|domainhere\apservice
i:0#.w|domainhere\koen
NT AUTHORITY\LOCAL SERVICE
SHAREPOINT\system
Domainhere\APService
Should I write a powershell script somehing which resembles the following
$csv = Import-CSV ".\sites-default.csv"
$web = Get-SPWeb = "https://mymachine.mydomain"
foreach($row in $csv)
{
#You could do this to format your account name if not already in the csv
$username = "Domain\" + $row.key
$web.EnsureUser($username)
$group = $web.SiteGroups |?{$_.name -eq "GROUPNAME"}
Set-SPUser -identity $username -web $web.url -group $group
}
Or are they better ways to do this kind of matter?
解决方案
I have some code that works in C# using CSOM. It reads the permissions from all lists (document libraries also are lists) and the site level and writes them to an excel.
Then it reads the permissions from Excel and puts them on the new SharePoint.
The Excel uses using OfficeOpenXml;
The model
public class PermissionsToExcel
{
public string ListTitle { get; set; }
public string Gebruikersnaam { get; set; }
public string Rechten { get; set; }
public string ListUrl { get; set; }
public bool HasUniqueRoleAssignments { get; set; }
}
The code that gets the groups and their permissions from each list:
List<PermissionsToExcel> permissionsToExcelList = new List<PermissionsToExcel>();
using (ClientContext ctx = new ClientContext(@"http://yoursharepointurl.com/"))
{
Web web = ctx.Web;
ctx.Load(web, w => w.HasUniqueRoleAssignments, w => w.Url);
ctx.Load(web.RoleAssignments);
ctx.Load(web.Lists);
ctx.Load(web.Lists, lists => lists.Include(list => list.Title, list => list.DefaultViewUrl, list => list.RoleAssignments, list => list.RoleAssignments.Groups, list => list.HasUniqueRoleAssignments));
ctx.ExecuteQuery();
//Get permissions on site level
foreach (RoleAssignment webRA in web.RoleAssignments)
{
ctx.Load(webRA.Member);
ctx.Load(webRA.RoleDefinitionBindings);
ctx.ExecuteQuery();
foreach (RoleDefinition definition in webRA.RoleDefinitionBindings)
{
ctx.Load(definition);
ctx.ExecuteQuery();
permissionsToExcelList.Add(new PermissionsToExcel() { ListTitle = "", Gebruikersnaam = webRA.Member.LoginName, Rechten = definition.Name, ListUrl = web.Url, HasUniqueRoleAssignments = web.HasUniqueRoleAssignments });
}
}
//Write down each group per list and their permissions
foreach (List list in web.Lists)
{
string listUrl = list.Context.Url + list.GetWebRelativeUrl();
foreach (RoleAssignment listRA in list.RoleAssignments)
{
ctx.Load(listRA.Member);
ctx.Load(listRA.RoleDefinitionBindings);
ctx.ExecuteQuery();
foreach (RoleDefinition definition in listRA.RoleDefinitionBindings)
{
ctx.Load(definition);
ctx.ExecuteQuery();
permissionsToExcelList.Add(new PermissionsToExcel() { ListTitle = list.Title, Gebruikersnaam = listRA.Member.LoginName, Rechten = definition.Name, ListUrl = listUrl, HasUniqueRoleAssignments = list.HasUniqueRoleAssignments });
}
}
}
}
Write the permissions to Excel using EPPlus
ExcelPackage excel = new ExcelPackage();
var workSheet = excel.Workbook.Worksheets.Add("Permissions");
workSheet.Cells[1, 1].LoadFromCollection(permissionsList, true);
using (var memoryStream = new MemoryStream())
{
Response.ContentType = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
Response.AddHeader("content-disposition", "attachment; filename=Permissions.xlsx");
excel.SaveAs(memoryStream);
memoryStream.WriteTo(Response.OutputStream);
Response.Flush();
Response.End();
}
Read the permissions from Excel
List<PermissionsToExcel> permissionslist = new List<PermissionsToExcel>();
FileInfo existingFile = new FileInfo(@"C:\path\Permissions.xlsx");
using (ExcelPackage package = new ExcelPackage(existingFile))
{
//Get the first worksheet in the workbook
ExcelWorksheet excelWorksheet = package.Workbook.Worksheets["Permissions"];
int colCount = excelWorksheet.Dimension.End.Column; //get Column Count
int rowCount = excelWorksheet.Dimension.End.Row; //get row count
for (int row = 2; row <= rowCount; row++)//Rij 1 is de titel rij, beginnen bij rij 2
{
PermissionsToExcel permission = new PermissionsToExcel
{
ListTitle = excelWorksheet.Cells[row, 1].Value.ToString().Trim(),
Gebruikersnaam = excelWorksheet.Cells[row, 2].Value.ToString().Trim(),
Rechten = excelWorksheet.Cells[row, 3].Value.ToString().Trim(),
ListUrl = excelWorksheet.Cells[row, 4].Value.ToString().Trim(),
HasUniqueRoleAssignments = excelWorksheet.Cells[row, 5].Value.ToString().Trim().ToBoolean()
};
permissionslist.Add(permission);
}
return permissionslist;
}
Put the permissions onto a new site (which has the same library setup as the old one!!
using (ClientContext ctx = new ClientContext(@"http://newSharePointSiteUrl.com/"))
{
Web web = ctx.Web;
ctx.Load(web.Lists);
ctx.Load(web.RoleDefinitions);
ctx.ExecuteQuery();
//Ophalen rollen
RoleDefinition roleTypeOwner = ctx.Web.RoleDefinitions.GetByType(RoleType.Administrator);
RoleDefinition roleTypeEditor = ctx.Web.RoleDefinitions.GetByType(RoleType.Editor);
RoleDefinition roleTypeVisitor = ctx.Web.RoleDefinitions.GetByType(RoleType.Reader);
//RoleDefinition roleTypeNone = ctx.Web.RoleDefinitions.GetByType(RoleType.None);//Werkt niet
ctx.ExecuteQuery();
//Get groups
ctx.Load(ctx.Web.SiteGroups);
ctx.Load(ctx.Web.SiteUsers);
ctx.ExecuteQuery();
foreach (PermissionsToExcel pte in permissionslist)
{
if (pte.ListTitle == "")//If listtitle is empty, it's the site permissions
{
//Get site
User user = ctx.Web.SiteUsers.GetByLoginName(pte.Gebruikersnaam);
ctx.Load(user);
ctx.ExecuteQuery();
//Check if the site had unique permissions
if (pte.HasUniqueRoleAssignments)//Site had unique permissions, break inheritance and take away the old groups
{
RoleDefinitionBindingCollection rdbc = new RoleDefinitionBindingCollection(ctx);
switch (pte.Rechten)
{
case "Read":
rdbc.Add(roleTypeVisitor);
break;
case "Edit":
rdbc.Add(roleTypeEditor);
break;
case "Full Control":
rdbc.Add(roleTypeOwner);
break;
default:
break;
}
web.BreakRoleInheritance(false, true);
web.RoleAssignments.Add(user, rdbc);
}
else//Site had no unique permissions, inherit from above
{
//TODO: do we want that?
}
}
else if (web.ListExists(pte.ListTitle))//Go over all lists
{
//Get List
List list = web.Lists.First(t => t.Title == pte.ListTitle);
//var group = ctx.Web.SiteGroups.GetByName(pte.Gebruikersnaam);
//ctx.Load(Group);
//ctx.ExecuteQuery();
User user = ctx.Web.SiteUsers.GetByLoginName(pte.Gebruikersnaam);
ctx.Load(user);
ctx.ExecuteQuery();
//Check if list had unique permissions
if (pte.HasUniqueRoleAssignments)//List had unique permissions, stop inheritance and put back groups with their permissions
{
RoleDefinitionBindingCollection rdbc = new RoleDefinitionBindingCollection(ctx);
switch (pte.Rechten)
{
case "Read":
rdbc.Add(roleTypeVisitor);
break;
case "Edit":
rdbc.Add(roleTypeEditor);
break;
case "Full Control":
rdbc.Add(roleTypeOwner);
break;
default:
break;
}
list.BreakRoleInheritance(false, true);
//list.RoleAssignments.Add(Group, rdbc);
list.RoleAssignments.Add(user, rdbc);
}
else //List had no unique permissions, inherit from above
{
list.ResetRoleInheritance();
}
}
else
{
Debug.WriteLine("LIST NOT FOUND: PROBLEM");
}
}
}
推荐阅读
- pdf - PDF 版本 1.x 指的是什么?
- vb.net - VB.Net 更改 ListBox 上的高亮颜色
- angular - 如何使用 Keycloack 和 Angular 在同一浏览器中保持会话?
- c# - 使用 Action C# 将一个函数调用到另一个函数中
- python - Pandas read_csv 在第一个换行符处结束读取
- xml - 获取 XSLT 中元素的数量
- javascript - 单击元素但在元素内部的东西上启动事件
- python - python中的实例方法和@classmethod和@staticmethod有什么区别?
- sql - 如何在SSRS中获得2次之间的差异
- python - 如何快速迭代不同长度的多个列表