Solved

Add a group to a mailbox resource folder permission for calendar

Posted on 2011-09-07
11
2,348 Views
Last Modified: 2012-07-20
We are trying to create shared calendars for Exchange 2010 to be shared among departments and various personel.  We can created a mailbox resource called sharedservices and are we created a group called sharedservicescalendar.  Our goal is to allow any user in this group to be granted permissions to the calendar to add appointments but not delete them.  We do not want to launch a power shell command for every new user who needs the group.  We know the powershell comands

get-mailboxfolderpermission -identity sharedservices:\calendar
add-mailboxfolderpermission -identity sharedservices:\calendar -user UserA -AccessRights Contributor

will work for individual users.  When we replace the userA with sharedservicescalendar we get an error

The user "SharedServicesCalendar" was found in Active Directory but isn't valid to use for permissions. Try an SMTP address
 instead.
    + CategoryInfo          : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], InvalidInternalUserIdException
    + FullyQualifiedErrorId : 9DC52564,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission

It sees it in AD but in couldn't pull.  We let it sit overnight hoping it was a replication issue and no luck.  I am trying to figure out what we need to do to make this work and is it possible to switch -user to another switch that could allow the group to work.
0
Comment
Question by:Linktheman2003
11 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36495203
Easiest way is to create a public folder of type Calendar and give rights to users that way. Not using a mailbox. I always prefer to use the Public folders if it is a simple calendar and NOT a mailbox you are sharing.
0
 

Author Comment

by:Linktheman2003
ID: 36496939
The problem with that is we removed all public folders and removed the compatability from Exchange 2010 as microsoft themselves have gone away from public folders.

I figured it out.  You create all the mailboxes and group through exchange.  Then go to outlook and add a user mailbox.  Type the shared calendar mailbox and select calendar instead of inbox.  Select the calendar and choose properties and select the permissions tab.  All permissions seem to need to be set through outlook which is an odd and round about way of doing things but hey it worked.
0
 

Author Comment

by:Linktheman2003
ID: 36497123
Well I actually had an issue.  It worked great on the first mailbox but now on every other mailbox I try the same thing it won't let me set the calendar permission as visible.  If I select contributer it changes to custom and the visible box is greyed out.

I tried to review the account setting on the first object and find any changes I try and make to permission level instantly defaults to custom and removes visible from the allowed options.  Anyone have an idea

When I created the group in Exchange it created it as a Universal distibrubtion group.  Is this what I want?
0
 
LVL 2

Expert Comment

by:gravy-x
ID: 36563565
You might be better off creating room/equipment calendars for this purpose. They provide a bit more control over calendaring. You can even add the group or groups you want to be able to book this resource via the Resource In-Policy Requests tab.

http://technet.microsoft.com/en-us/library/bb124542.aspx
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 

Author Comment

by:Linktheman2003
ID: 36599024
We ended up creating room resource calanders.  ?The only issue we stumbled across is that in Exchange 2010 (at least ours), when we try and apply a permission level of like contributer, it sets all of the right options, but sets it to custom..  All users are marked "custom" instead of their properly level which we choose predefined levels mircosoft set up.
0
 

Author Comment

by:Linktheman2003
ID: 37171490
Another issue we have run accross while it does work, it seems certain users can not be added to group they were in.  As an example I was in litigation calendar group.  I removed the calendar from my mailbox and then tried to add it back in.  It won't let me.  It gives me an error. telling me the group doesn't exist.  I still have and can modify it on my other computer but don't dare remove myself there in case I can;t get back in.  I still have permissions to edit and modify because I checked.  This issue only seems to affect older users and not newer users.
0
 

Author Comment

by:Linktheman2003
ID: 37508556
still waiting on support
0
 
LVL 2

Accepted Solution

by:
amnhtech earned 500 total points
ID: 38034109
you need to make sure that your groups are mail enabled.  To do this you need to make sure that they are universal groups and then you can run the command enable-distributiongroup <groupname>

Once the distribution group is enabled you can run the command

add-mailboxfolderpermission <mailbox>:\calendar -user <distgroup> -accessrights "Contributor"
0

Featured Post

Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a trade show? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Find out what you should include to make the best professional email signature for your organization.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now