Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Add a group to a mailbox resource folder permission for calendar

Posted on 2011-09-07
11
Medium Priority
?
2,710 Views
Last Modified: 2012-07-20
We are trying to create shared calendars for Exchange 2010 to be shared among departments and various personel.  We can created a mailbox resource called sharedservices and are we created a group called sharedservicescalendar.  Our goal is to allow any user in this group to be granted permissions to the calendar to add appointments but not delete them.  We do not want to launch a power shell command for every new user who needs the group.  We know the powershell comands

get-mailboxfolderpermission -identity sharedservices:\calendar
add-mailboxfolderpermission -identity sharedservices:\calendar -user UserA -AccessRights Contributor

will work for individual users.  When we replace the userA with sharedservicescalendar we get an error

The user "SharedServicesCalendar" was found in Active Directory but isn't valid to use for permissions. Try an SMTP address
 instead.
    + CategoryInfo          : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], InvalidInternalUserIdException
    + FullyQualifiedErrorId : 9DC52564,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission

It sees it in AD but in couldn't pull.  We let it sit overnight hoping it was a replication issue and no luck.  I am trying to figure out what we need to do to make this work and is it possible to switch -user to another switch that could allow the group to work.
0
Comment
Question by:Linktheman2003
8 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36495203
Easiest way is to create a public folder of type Calendar and give rights to users that way. Not using a mailbox. I always prefer to use the Public folders if it is a simple calendar and NOT a mailbox you are sharing.
0
 

Author Comment

by:Linktheman2003
ID: 36496939
The problem with that is we removed all public folders and removed the compatability from Exchange 2010 as microsoft themselves have gone away from public folders.

I figured it out.  You create all the mailboxes and group through exchange.  Then go to outlook and add a user mailbox.  Type the shared calendar mailbox and select calendar instead of inbox.  Select the calendar and choose properties and select the permissions tab.  All permissions seem to need to be set through outlook which is an odd and round about way of doing things but hey it worked.
0
 

Author Comment

by:Linktheman2003
ID: 36497123
Well I actually had an issue.  It worked great on the first mailbox but now on every other mailbox I try the same thing it won't let me set the calendar permission as visible.  If I select contributer it changes to custom and the visible box is greyed out.

I tried to review the account setting on the first object and find any changes I try and make to permission level instantly defaults to custom and removes visible from the allowed options.  Anyone have an idea

When I created the group in Exchange it created it as a Universal distibrubtion group.  Is this what I want?
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LVL 2

Expert Comment

by:gravy-x
ID: 36563565
You might be better off creating room/equipment calendars for this purpose. They provide a bit more control over calendaring. You can even add the group or groups you want to be able to book this resource via the Resource In-Policy Requests tab.

http://technet.microsoft.com/en-us/library/bb124542.aspx
0
 

Author Comment

by:Linktheman2003
ID: 36599024
We ended up creating room resource calanders.  ?The only issue we stumbled across is that in Exchange 2010 (at least ours), when we try and apply a permission level of like contributer, it sets all of the right options, but sets it to custom..  All users are marked "custom" instead of their properly level which we choose predefined levels mircosoft set up.
0
 

Author Comment

by:Linktheman2003
ID: 37171490
Another issue we have run accross while it does work, it seems certain users can not be added to group they were in.  As an example I was in litigation calendar group.  I removed the calendar from my mailbox and then tried to add it back in.  It won't let me.  It gives me an error. telling me the group doesn't exist.  I still have and can modify it on my other computer but don't dare remove myself there in case I can;t get back in.  I still have permissions to edit and modify because I checked.  This issue only seems to affect older users and not newer users.
0
 

Author Comment

by:Linktheman2003
ID: 37508556
still waiting on support
0
 
LVL 2

Accepted Solution

by:
amnhtech earned 1500 total points
ID: 38034109
you need to make sure that your groups are mail enabled.  To do this you need to make sure that they are universal groups and then you can run the command enable-distributiongroup <groupname>

Once the distribution group is enabled you can run the command

add-mailboxfolderpermission <mailbox>:\calendar -user <distgroup> -accessrights "Contributor"
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
Microsoft Jet database engine errors can crop up out of nowhere to disrupt the working of the Exchange server. Decoding why a particular error occurs goes a long way in determining the right solution for it.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question