Jaa


Stupid SharePoint PowerShell Tricks, Part I

Q: I want to enable anonymous access for a Web Application through PowerShell!

A: Well, time was the Set-SPWebApplication cmdlet had a -AllowAnonymous switch that made this simple. We have documentation that even refers to the -AllowAnonymous switch. Unfortunately, sometime between Beta 2 and RTM, this switch was removed. Here's a little script that'll enable it for all zones in a web application.

$app = Get-SPWebApplication https://intranet/

$app.IisSettings.Keys | ForEach-Object { $ap = Get-SPAuthenticationProvider -WebApplication $app -Zone $_; $ap.AllowAnonymous = $true; Set-SPWebApplication -Identity $app -Zone $_ -AuthenticationProvider $ap; }

$app.IisSettings.Keys | ForEach-Object { ($app.IisSettings[$_]).AllowAnonymous = $true; $app.Update(); $app.ProvisionGlobally(); }

Bryan's Note [October 7th, 2011]: A puzzled reader noted that the object returned by Get-SPAuthenticationProvider does not contain an AllowAnonymous property; this is because the above script originally assumed that the web application was already configured for Windows Authentication, which meant that the call to Get-SPAuthenticationProvider would return an SPWindowsAuthenticationProvider which *does* posess an AllowAnonymous property. No matter, I've update the original script to enable anonymous access for a web application no matter what authentication selections have been made on the web application previously. The script for enabling anonymous access on site collections remains unchanged.

Q: But wait! Don't I need to turn Anonymous Access on for the site collections within the web application, too?

A: My, my, we pay attention, don't we. Yes, you do. Here's a fancy little one liner that will enable Anonymous Access for every site collection within a web application.

( Get-SPWebApplication https://intranet | Get-SPSite | Get-SPWeb | Where {$_ -ne $null -and $_.HasUniqueRoleAssignments -eq $true } ) | ForEach-Object { $_.AnonymousState = [Microsoft.SharePoint.SPWeb+WebAnonymousState]::On; $_.Update(); }

Comments

  • Anonymous
    October 06, 2011
    This does not work. a SPAuthenticationProvider does not have the property AllowAnonymous.[brporter: This works fine, the script assumes that your web application is already configured for Windows Authentication; in such a configuration, Get-SPAuthenticationProvider returns an instance of SPWindowsAuthenticationProvider (an SPAuthenticationProvider subclass) which does in fact posess an AllowAnonymous property.]