Create and Apply My Sites Role to My Sites Web Application

Topics: Feature Requests
Aug 11, 2014 at 2:40 PM
Edited Aug 11, 2014 at 2:40 PM
I read that you needed to apply special web policy permission to users to be able to self create their My Site. I wrote this custom function that creates the web application policy and grants manage webs, open, view, and browse to all users (everyone).
Function Create-PolicyRoleForMySites(){
# users need to have manage web permission to self create mysite

$webApplication = Get-SPWebApplication -Identity "http://mysites"

# add the new policy role
$policyRoles = $webApplication.PolicyRoles
#$policyRoles
$policyRole = $policyRoles.Add("MySitePolicy", "Permissions required for user to create mysites")
$policyRole.GrantRightsMask="Open, ViewPages, ManageSubwebs, BrowseUserInfo"

# add the user
$policyCollection = $webApplication.Policies
#$policyCollection
$policy = $policyCollection.Add("c:0(.s|true","Everyone")
#$policy

#bind the policyrole to the user
$policy.PolicyRoleBindings.Add($policyRole);
$webApplication.Update()

}
I am calling this after all the servers and services in the farm have been created:
Finally
    {
        # Only do this stuff if this was a local session and it succeeded, and if we aren't attempting a remote install;
        # Otherwise these sites may not be available or 'complete' yet
        If ((Confirm-LocalSession) -and !$aborted -and !($enableRemoteInstall))
        {
            #custom functions 
        Enable-ContinuousCrawls
            Create-PolicyRoleForMySites