SharePoint Shell Admin Access

SharePoint Shell Admin Access

To execute a command in the SharePoint 2010 Management Shell, the user should open the Management Shell on a SharePoint 2010 server. To execute commands, the user must have the necessary privileges to the SharePoint object model and to the SharePoint databases. When you are working with SharePoint objects, connections to the database are generally created with the permissions of the current user. 

In order to use Windows PowerShell for SharePoint , a user must be a member of the SharePoint_Shell_Access role on the configuration database and a member of the WSS_ADMIN_WPG local group on the computer where SharePoint is installed. 

You can use SPShellAdmin for configuring a user’s privileges and security. Here’s how. 

To run this cmdlet to add a user to the SharePoint_Shell_Access role, you must have membership in the securityadmin fixed server role on the SQL Server instance, membership in the db_owner fixed database role on all affected databases, and local administrative permission on the local computer.

1. To list Shell administrators
Get-SPShellAdmin 

2. To add a user as a Shell administrator
Add-SPShellAdmin -UserName <user name> -Database <database name> 

Note

- If you specify only the user, the user is added to the role for the farm configuration database.

- If you use the database parameter, the user is added to the role on the farm configuration database, the Central Administration content database, and the specified database. Using the database parameter is the preferred method because most of the administrative operations require access to the Central Administration content database.

$db = Get-SPContentDatabase -Site http://sharepointsiteurl/

Add-SPShellAdmin -UserName "domain\user name" -Database $db

3. To remove a user from Shell Admin
Remove-SPShellAdmin -UserName <user name> -Database <database name>