Add/Remove Secondary Site Collection Admin to all OneDrive for Business users

Featured image

There are many situations in which we need to Add / Remove Secondary Site Collection Admin or Secondary Site Collection Owner in SharePoint to gain access to users documents stored in their OneDrive for Business when the users are terminated or when students gets graduated in schools. In such a situation Admin needs to add Secondary Site Collection admin or Secondary Site Collection Owner to many users. So when the user is marked for deletion the secondary Admin / Owner will be granted with the permissions to access that OneDrive. Adding them one by one is really complicated in such scenarios and PowerShell is the helping hand in such situations as always.

In this blog, we shall check how to Add Secondary Site Collection Admin for all OD4B Users and to Remove Secondary Site Collection Admin for all OD4B Users.

Prerequisites:

Add Secondary Site Collection Admin for all OD4B Users:

Using the below Powershell script you can add the secondary site collection admin for all OD$B users.

In the script, replace the AdminURL and SecondaryAdmin with correct values.

Function Add-OnedriveSecondaryAdmin($AdminURL,$SecondaryAdmin)
{
    #connect Spo service.
    Connect-SPOService -Url $AdminURL
    #Get all Onedrive URL's.
    $OneDriveURLs = Get-SPOSite -IncludePersonalSite $true -Limit All -Filter "Url -like '-my.sharepoint.com/personal/'"
    foreach($OneDriveURL in $OneDriveURLs)
    {
        #Add Secondary administrator to Onedrive Site.
        Set-SPOUser -Site $OneDriveURL.URL -LoginName $SecondaryAdmin -IsSiteCollectionAdmin $True -ErrorAction SilentlyContinue
        Write-Host "Added secondary admin to the site $($OneDriveURL.URL)" 
    }
}
Add-OnedriveSecondaryAdmin -SecondaryAdmin "Admin@Tenantname.onmicrosoft.com" -AdminURL "https://Tenantname-admin.sharepoint.com"
                    

Remove Secondary Site Collection Admin for all OD4B Users:

To remove the secondary site collection admin, in the above script, just change the Set-SPOUser cmdlet’s parameter “IsSiteCollectionAdmin” value to $false.