One scenario I’ve had comes from archiving a legacy document library in SharePoint Online with item level permissions and then the need to make that specific library read-only.
There’s a number of way that you could approach this, but the ask was to keep everything as is, with the exception of the access, which would be restricted down from individual permissions at item level to a sub-group of people with read access to everything in the library.
Step one was as simple as changing the primary permissions at document library level to what was required.
Step two was a PowerShell script that would loop through all items and default everything back to inheriting access.
For this example I’m using PnP.PowerShell 2.12.0 and PowerShell 7 executed through Visual Studio Code. You will also need site collection administrator access on the site itself.
Import-Module PnP.PowerShell
#Connect to site.
#Replace with your site url, connection client ID for PnP, and library name
$siteUrl = "https://yoursite.sharepoint.com/sites/thesite"
$clientID = "yourclientIDGUID"
$libraryName = "LibraryName"
Connect-PnPOnline -Url $siteUrl -Interactive -ClientId $clientID
#Get all items. The PageSize parameter allows you to work with libraries over the list view threshold by limiting batch size
$items = Get-PnPListItem -List $libraryName -PageSize 1000
#Loop through the items and change permissions
foreach ($item in $items)
{
Set-PnPListItemPermission -List $libraryName -Identity $item.Id -InheritPermissions
}
