Solved

Add a group to a mailbox resource folder permission for calendar

Posted on 2011-09-07
11
2,322 Views
Last Modified: 2012-07-20
We are trying to create shared calendars for Exchange 2010 to be shared among departments and various personel.  We can created a mailbox resource called sharedservices and are we created a group called sharedservicescalendar.  Our goal is to allow any user in this group to be granted permissions to the calendar to add appointments but not delete them.  We do not want to launch a power shell command for every new user who needs the group.  We know the powershell comands

get-mailboxfolderpermission -identity sharedservices:\calendar
add-mailboxfolderpermission -identity sharedservices:\calendar -user UserA -AccessRights Contributor

will work for individual users.  When we replace the userA with sharedservicescalendar we get an error

The user "SharedServicesCalendar" was found in Active Directory but isn't valid to use for permissions. Try an SMTP address
 instead.
    + CategoryInfo          : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], InvalidInternalUserIdException
    + FullyQualifiedErrorId : 9DC52564,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission

It sees it in AD but in couldn't pull.  We let it sit overnight hoping it was a replication issue and no luck.  I am trying to figure out what we need to do to make this work and is it possible to switch -user to another switch that could allow the group to work.
0
Comment
Question by:Linktheman2003
11 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36495203
Easiest way is to create a public folder of type Calendar and give rights to users that way. Not using a mailbox. I always prefer to use the Public folders if it is a simple calendar and NOT a mailbox you are sharing.
0
 

Author Comment

by:Linktheman2003
ID: 36496939
The problem with that is we removed all public folders and removed the compatability from Exchange 2010 as microsoft themselves have gone away from public folders.

I figured it out.  You create all the mailboxes and group through exchange.  Then go to outlook and add a user mailbox.  Type the shared calendar mailbox and select calendar instead of inbox.  Select the calendar and choose properties and select the permissions tab.  All permissions seem to need to be set through outlook which is an odd and round about way of doing things but hey it worked.
0
 

Author Comment

by:Linktheman2003
ID: 36497123
Well I actually had an issue.  It worked great on the first mailbox but now on every other mailbox I try the same thing it won't let me set the calendar permission as visible.  If I select contributer it changes to custom and the visible box is greyed out.

I tried to review the account setting on the first object and find any changes I try and make to permission level instantly defaults to custom and removes visible from the allowed options.  Anyone have an idea

When I created the group in Exchange it created it as a Universal distibrubtion group.  Is this what I want?
0
 
LVL 2

Expert Comment

by:gravy-x
ID: 36563565
You might be better off creating room/equipment calendars for this purpose. They provide a bit more control over calendaring. You can even add the group or groups you want to be able to book this resource via the Resource In-Policy Requests tab.

http://technet.microsoft.com/en-us/library/bb124542.aspx
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:Linktheman2003
ID: 36599024
We ended up creating room resource calanders.  ?The only issue we stumbled across is that in Exchange 2010 (at least ours), when we try and apply a permission level of like contributer, it sets all of the right options, but sets it to custom..  All users are marked "custom" instead of their properly level which we choose predefined levels mircosoft set up.
0
 

Author Comment

by:Linktheman2003
ID: 37171490
Another issue we have run accross while it does work, it seems certain users can not be added to group they were in.  As an example I was in litigation calendar group.  I removed the calendar from my mailbox and then tried to add it back in.  It won't let me.  It gives me an error. telling me the group doesn't exist.  I still have and can modify it on my other computer but don't dare remove myself there in case I can;t get back in.  I still have permissions to edit and modify because I checked.  This issue only seems to affect older users and not newer users.
0
 

Author Comment

by:Linktheman2003
ID: 37508556
still waiting on support
0
 
LVL 2

Accepted Solution

by:
amnhtech earned 500 total points
ID: 38034109
you need to make sure that your groups are mail enabled.  To do this you need to make sure that they are universal groups and then you can run the command enable-distributiongroup <groupname>

Once the distribution group is enabled you can run the command

add-mailboxfolderpermission <mailbox>:\calendar -user <distgroup> -accessrights "Contributor"
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now