Export (0) Print
Expand All
Expand Minimize

Grant-SPObjectSecurity

Published: July 16, 2012

Applies to:  SharePoint Foundation 2013 | SharePoint Server 2013 Enterprise 

Adds a new security principal to an SPObjectSecurity object.

Grant-SPObjectSecurity [-Identity] <SPObjectSecurity> [-Principal] <SPClaim> [-Rights] <String[]> [-AssignmentCollection <SPAssignmentCollection>] [-Replace <SwitchParameter>]

Parameters

Parameter Required Type Description

Identity

Required

Microsoft.SharePoint.Administration.AccessControl.SPObjectSecurity

Specifies the SPObjectSecurity object to which the new security principal is added. You can use the Get-SPServiceApplicationSecurity cmdlet to get a SPObjectSecurity object .

Principal

Required

Microsoft.SharePoint.Administration.Claims.SPClaim

Specifies the principal to whom the rights apply.

The type must a valid name a principal; for example, Full Control.

Rights

Required

System.String[]

Specifies the rights granted to the principal.

The type must a valid array of strings that represents the rights granted to the principal.

AssignmentCollection

Optional

Microsoft.SharePoint.PowerShell.SPAssignmentCollection

Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.

When the Global parameter is used, all objects are contained in the global store. If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.

Replace

Optional

System.Management.Automation.SwitchParameter

Replaces the existing rights on the SPObjectSecurity object with the new rights specified. If this parameter is not specified, the new rights are added to the existing rights.

Detailed Description

The Grant-SPObjectSecurity cmdlet adds a new security principal, such as a user, to a SPObjectSecurity object. An SPObjectSecurity object is a common object that is used to represent the security access control list (ACL) of SharePoint administrative objects, in particular, service applications.

Input Types

Return Types

------------------EXAMPLE------------------

$security = Get-SPServiceApplicationSecurity $serviceApp –AdminGrant-SPObjectSecurity $security $principal "Full Control"Set-SPServiceApplicationSecurity $serviceApp –Admin $security

This example retrieves the SPObjectSecurity object corresponding to the administrator ACL on a service application, and adds a new user principal to that ACL. The new user is an administrator for the service application $serviceApp.

Change History

Date Description

July 16, 2012

Initial publication

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft