Changing Site Owner and Secondary Owners in a SharePoint Farm

  • Article

Sometimes a user who is a site owner or secondary owner across many SharePoint sites leaves the company or changes roles. This person needs to be removed from the owner roles on these sites. This change can only be done in Central Admin or PowerShell so the normal end user would not be able to make this change. Below is the PowerShell code to do this. It is also attached as a file on this post. The script loops through every site collection in the farm. If it finds the user who is leaving as a owner or secondary owner, it will change it out with a user of your choice. There is also an option to run the script in audit mode. This will show you where the trouble user exists, but will not change anything. You will need top modify the variables in the settings section before running.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#----------------------------------SETTINGS----------------------------------#

#Original owner that you are looking to globally swap out (Domain\Account)
$originalOwner = "DOMAIN\account1"

#Change from the original owner above to this person(Domain\Account)
$ownerToChangeTo = "DOMAIN\account2"

#When auditMode is set to $true, changes will not actually be made, just displayed to screen ($true/$false)
$auditMode = $true

#----------------------------------SETTINGS----------------------------------#

$sites = Get-SPSite -Limit All
foreach($site in $sites)
{
    #Check primary owner
    if($site.Owner.LoginName -eq $originalOwner)
    {
        Write-Host ($site.URL)
        Write-Host ("-Owner: " + $site.Owner + "-MATCH")
        Write-Host ("-Secondary: " + $site.SecondaryContact)
        Write-Host ("-Changing primary owner from " + $originalOwner + " to " + $ownerToChangeTo)
        Write-Host ("")
       
        #Only process change if audit mode -eq $false
        if($auditMode -eq $false)
        {
            Set-SPSite -Identity $site -OwnerAlias $ownerToChangeTo
        }
    }
   

    #Check secondary owner
    if($site.SecondaryContact.LoginName -eq $originalOwner)
    {
        Write-Host ($site.URL)
        Write-Host ("-Owner: " + $site.Owner)
        Write-Host ("-Secondary: " + $site.SecondaryContact + "-MATCH")
        Write-Host ("-Changing secondary owner from " + $originalOwner + " to " + $ownerToChangeTo)
        Write-Host ("")
       
        #Only process change if audit mode -eq $false
        if($auditMode -eq $false)
        {
            Set-SPSite -Identity $site -SecondaryOwnerAlias $ownerToChangeTo
        }
    }
   
    $site.Dispose()
}

#If Audit mode was on, notify
if($auditMode -ne $false)
{
    Write-Host ("This script was ran in Audit Mode. No changes were made. Edit this file and set that variable to false and run again to actually make the changes.")
}