Show / Hide Table of Contents

    Set-PnPListItemPermission

    SYNOPSIS

    Sets list item permissions. Use Get-PnPRoleDefinition to retrieve all available roles you can add or remove using this cmdlet. Use Get-PnPGroup to retrieve all groups available that you can add or remove using this cmdlet when using the -group parameter.

    SYNTAX

    User (Default)

    Set-PnPListItemPermission [-List] <ListPipeBind> -Identity <ListItemPipeBind> -User <String>
     [-AddRole <String>] [-RemoveRole <String>] [-ClearExisting] [-SystemUpdate] 
     [-Connection <PnPConnection>] [<CommonParameters>]
    

    Group

    Set-PnPListItemPermission [-List] <ListPipeBind> -Identity <ListItemPipeBind> -Group <GroupPipeBind>
     [-AddRole <String>] [-RemoveRole <String>] [-ClearExisting] [-SystemUpdate] 
     [-Connection <PnPConnection>] [<CommonParameters>]
    

    Inherit

    Set-PnPListItemPermission [-List] <ListPipeBind> -Identity <ListItemPipeBind> [-InheritPermissions]
     [-SystemUpdate] [-Connection <PnPConnection>] [<CommonParameters>]
    

    DESCRIPTION

    Allows to modify list item permissions.

    EXAMPLES

    EXAMPLE 1

    Set-PnPListItemPermission -List 'Documents' -Identity 1 -User 'user@contoso.com' -AddRole 'Contribute'
    

    Adds the 'Contribute' permission to the user 'user@contoso.com' for listitem with id 1 in the list 'Documents'

    EXAMPLE 2

    Set-PnPListItemPermission -List 'Documents' -Identity 1 -User 'user@contoso.com' -RemoveRole 'Contribute'
    

    Removes the 'Contribute' permission to the user 'user@contoso.com' for listitem with id 1 in the list 'Documents'

    EXAMPLE 3

    Set-PnPListItemPermission -List 'Documents' -Identity 1 -User 'user@contoso.com' -AddRole 'Contribute' -ClearExisting
    

    Adds the 'Contribute' permission to the user 'user@contoso.com' for listitem with id 1 in the list 'Documents' and removes all other permissions

    EXAMPLE 4

    Set-PnPListItemPermission -List 'Documents' -Identity 1 -InheritPermissions
    

    Resets permissions for listitem with id 1 to inherit permissions from the list 'Documents'

    EXAMPLE 5

    Set-PnPListItemPermission -List 'Documents' -Identity 1 -AddRole 'Read' -RemoveRole 'Contribute' -Group "Site collection Visitors"
    

    Adds the 'Read' permission to the group of Site collection Visitors while removing the 'Contribute' permissions

    PARAMETERS

    -AddRole

    The role that must be assigned to the group or user

    Type: RoleDefinitionPipeBind
    Parameter Sets: User, Group
    
    Required: False
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -ClearExisting

    Clear all existing permissions

    Type: SwitchParameter
    Parameter Sets: User, Group
    
    Required: False
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -Connection

    Optional connection to be used by the cmdlet. Retrieve the value for this parameter by either specifying -ReturnConnection on Connect-PnPOnline or by executing Get-PnPConnection.

    Type: PnPConnection
    Parameter Sets: (All)
    
    Required: False
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -Group

    A group object, an ID or a name of a group.

    Type: GroupPipeBind
    Parameter Sets: Group
    
    Required: True
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -Identity

    The ID of the listitem, or actual ListItem object

    Type: ListItemPipeBind
    Parameter Sets: (All)
    
    Required: True
    Position: Named
    Default value: None
    Accept pipeline input: True (ByValue)
    Accept wildcard characters: False
    

    -InheritPermissions

    Inherit permissions from the list, removing unique permissions

    Type: SwitchParameter
    Parameter Sets: Inherit
    
    Required: False
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -List

    The ID, Title or Url of the list.

    Type: ListPipeBind
    Parameter Sets: (All)
    
    Required: True
    Position: 0
    Default value: None
    Accept pipeline input: True (ByValue)
    Accept wildcard characters: False
    

    -RemoveRole

    The role that must be removed from the group or user

    Type: RoleDefinitionPipeBind
    Parameter Sets: User, Group
    
    Required: False
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -SystemUpdate

    Update the item permissions without creating a new version or triggering MS Flow.

    Type: SwitchParameter
    Parameter Sets: (All)
    
    Required: False
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    -User

    A valid login name of a user (e.g. john@doe.com).

    Type: String
    Parameter Sets: User
    
    Required: True
    Position: Named
    Default value: None
    Accept pipeline input: False
    Accept wildcard characters: False
    

    RELATED LINKS

    Microsoft 365 Patterns and Practices

    Back to top Generated by DocFX spacer