Solved

Add a group to a mailbox resource folder permission for calendar

Posted on 2011-09-07
11
2,438 Views
Last Modified: 2012-07-20
We are trying to create shared calendars for Exchange 2010 to be shared among departments and various personel.  We can created a mailbox resource called sharedservices and are we created a group called sharedservicescalendar.  Our goal is to allow any user in this group to be granted permissions to the calendar to add appointments but not delete them.  We do not want to launch a power shell command for every new user who needs the group.  We know the powershell comands

get-mailboxfolderpermission -identity sharedservices:\calendar
add-mailboxfolderpermission -identity sharedservices:\calendar -user UserA -AccessRights Contributor

will work for individual users.  When we replace the userA with sharedservicescalendar we get an error

The user "SharedServicesCalendar" was found in Active Directory but isn't valid to use for permissions. Try an SMTP address
 instead.
    + CategoryInfo          : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], InvalidInternalUserIdException
    + FullyQualifiedErrorId : 9DC52564,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission

It sees it in AD but in couldn't pull.  We let it sit overnight hoping it was a replication issue and no luck.  I am trying to figure out what we need to do to make this work and is it possible to switch -user to another switch that could allow the group to work.
0
Comment
Question by:Linktheman2003
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36495203
Easiest way is to create a public folder of type Calendar and give rights to users that way. Not using a mailbox. I always prefer to use the Public folders if it is a simple calendar and NOT a mailbox you are sharing.
0
 

Author Comment

by:Linktheman2003
ID: 36496939
The problem with that is we removed all public folders and removed the compatability from Exchange 2010 as microsoft themselves have gone away from public folders.

I figured it out.  You create all the mailboxes and group through exchange.  Then go to outlook and add a user mailbox.  Type the shared calendar mailbox and select calendar instead of inbox.  Select the calendar and choose properties and select the permissions tab.  All permissions seem to need to be set through outlook which is an odd and round about way of doing things but hey it worked.
0
 

Author Comment

by:Linktheman2003
ID: 36497123
Well I actually had an issue.  It worked great on the first mailbox but now on every other mailbox I try the same thing it won't let me set the calendar permission as visible.  If I select contributer it changes to custom and the visible box is greyed out.

I tried to review the account setting on the first object and find any changes I try and make to permission level instantly defaults to custom and removes visible from the allowed options.  Anyone have an idea

When I created the group in Exchange it created it as a Universal distibrubtion group.  Is this what I want?
0
Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

 
LVL 2

Expert Comment

by:gravy-x
ID: 36563565
You might be better off creating room/equipment calendars for this purpose. They provide a bit more control over calendaring. You can even add the group or groups you want to be able to book this resource via the Resource In-Policy Requests tab.

http://technet.microsoft.com/en-us/library/bb124542.aspx
0
 

Author Comment

by:Linktheman2003
ID: 36599024
We ended up creating room resource calanders.  ?The only issue we stumbled across is that in Exchange 2010 (at least ours), when we try and apply a permission level of like contributer, it sets all of the right options, but sets it to custom..  All users are marked "custom" instead of their properly level which we choose predefined levels mircosoft set up.
0
 

Author Comment

by:Linktheman2003
ID: 37171490
Another issue we have run accross while it does work, it seems certain users can not be added to group they were in.  As an example I was in litigation calendar group.  I removed the calendar from my mailbox and then tried to add it back in.  It won't let me.  It gives me an error. telling me the group doesn't exist.  I still have and can modify it on my other computer but don't dare remove myself there in case I can;t get back in.  I still have permissions to edit and modify because I checked.  This issue only seems to affect older users and not newer users.
0
 

Author Comment

by:Linktheman2003
ID: 37508556
still waiting on support
0
 
LVL 2

Accepted Solution

by:
amnhtech earned 500 total points
ID: 38034109
you need to make sure that your groups are mail enabled.  To do this you need to make sure that they are universal groups and then you can run the command enable-distributiongroup <groupname>

Once the distribution group is enabled you can run the command

add-mailboxfolderpermission <mailbox>:\calendar -user <distgroup> -accessrights "Contributor"
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Configuring NAT in ASA ver. 9.1 4 43
HomeGroup Issues 3 35
Exchange 2010 server sending duplicate emails. 15 43
Access PS SQLSERVER from powershell 1 25
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

736 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question