**update 21/01/2019 – having read the comments and testing myself there may have been a change in the way Get-PnPListItem retrieves data from when the script was published so we need to carry out a CAML Query to get the list item, I have updated the script to reflect this

I came across a scenario where I was given a CSV file with names and email addresses and asked to create a large number of folders, each folder had to have a specific name and be uniquely permissioned to different users based off the CSV. I knew this task would take too long to carry out manually so I decided to do this with PowerShell.

After some researching I had it narrowed down to 2 options, use this script from the Technet gallery or use the PnP module and create my own. I am not the biggest fan of doing things with CSOM in PowerShell, when I have a choice I would lean towards using PnP Powershell, it’s cleaner and easier to write/modify and understand in my opinion.

Lets get started – 

We want to :

  1. Create a folder
  2. Set unique permission on the newly created folder 

First thing is to ensure you have PnP PowerShell installed, you can do that here if you have not already. If you need to ensure you have PnP installed just run this command – 

Get-Command -Module *PnP*

Second, we need to make sure we have a CSV file with the following headers and the relevant information, the name will be the folder name the EmailAddress will be the user that will have access to the folder

There are 4 variables in the script we have to fill in

  1. The site URL that your list/library is on
  2. The name of the list or library the folders will be created in
  3. The level of access you want to give to the user to the folder (read, contribute etc)
  4. The path to the CSV file 

Once you have filled out the variables correctly you can run the script

$siteurl = "https://yourtenant.sharepoint.com/sites/sitename"                
$listname = "Library/list name"          
$access = "full control" 
$Folders = Import-Csv "link to your CSV file"    

 #----------START OF SCRIPT DO NOT MODIFY----------#
 connect-PnPOnline –Url $siteurl –Credentials (Get-Credential)
 foreach ( $entry in $Folders )

$foldername = $entry.name
$emailaddress = $entry.EmailAddress

#Create Folder
Add-PnPFolder -Name $foldername -Folder $listname 

#get folder properites from list
$listItem = Get-PnPListItem -List $listname -Query "<View><Query><Where><Eq><FieldRef Name='Title'/><Value Type='Text'>$foldername</Value></Eq></Where></Query></View>"

Write-Host "setting folder up for $foldername"

#set permissions on the folder
Set-PnPListItemPermission -List $listname -Identity $listItem -User $emailaddress -AddRole $access -ClearExisting


 #----------END OF SCRIPT DO NOT MODIFY----------#

One thing to note is after the folders have been created your account will also have full control to the folder.

if you do not want this to happen just add this line below the other Set-PnPListItemPermission on the script (remember to change YOURACCOUNT to your account email that you are running the script with)

set-PnPListItemPermission -List $listname -Identity $listItem -User YOURACCOUNT -RemoveRole 'Full Control'


About the author 

Jamie Bray

Office 365 Collaboration Specialist at Parliamentary Digital Service