Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Add a group to a mailbox resource folder permission for calendar

Posted on 2011-09-07
11
Medium Priority
?
2,639 Views
Last Modified: 2012-07-20
We are trying to create shared calendars for Exchange 2010 to be shared among departments and various personel.  We can created a mailbox resource called sharedservices and are we created a group called sharedservicescalendar.  Our goal is to allow any user in this group to be granted permissions to the calendar to add appointments but not delete them.  We do not want to launch a power shell command for every new user who needs the group.  We know the powershell comands

get-mailboxfolderpermission -identity sharedservices:\calendar
add-mailboxfolderpermission -identity sharedservices:\calendar -user UserA -AccessRights Contributor

will work for individual users.  When we replace the userA with sharedservicescalendar we get an error

The user "SharedServicesCalendar" was found in Active Directory but isn't valid to use for permissions. Try an SMTP address
 instead.
    + CategoryInfo          : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], InvalidInternalUserIdException
    + FullyQualifiedErrorId : 9DC52564,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission

It sees it in AD but in couldn't pull.  We let it sit overnight hoping it was a replication issue and no luck.  I am trying to figure out what we need to do to make this work and is it possible to switch -user to another switch that could allow the group to work.
0
Comment
Question by:Linktheman2003
11 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36495203
Easiest way is to create a public folder of type Calendar and give rights to users that way. Not using a mailbox. I always prefer to use the Public folders if it is a simple calendar and NOT a mailbox you are sharing.
0
 

Author Comment

by:Linktheman2003
ID: 36496939
The problem with that is we removed all public folders and removed the compatability from Exchange 2010 as microsoft themselves have gone away from public folders.

I figured it out.  You create all the mailboxes and group through exchange.  Then go to outlook and add a user mailbox.  Type the shared calendar mailbox and select calendar instead of inbox.  Select the calendar and choose properties and select the permissions tab.  All permissions seem to need to be set through outlook which is an odd and round about way of doing things but hey it worked.
0
 

Author Comment

by:Linktheman2003
ID: 36497123
Well I actually had an issue.  It worked great on the first mailbox but now on every other mailbox I try the same thing it won't let me set the calendar permission as visible.  If I select contributer it changes to custom and the visible box is greyed out.

I tried to review the account setting on the first object and find any changes I try and make to permission level instantly defaults to custom and removes visible from the allowed options.  Anyone have an idea

When I created the group in Exchange it created it as a Universal distibrubtion group.  Is this what I want?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Expert Comment

by:gravy-x
ID: 36563565
You might be better off creating room/equipment calendars for this purpose. They provide a bit more control over calendaring. You can even add the group or groups you want to be able to book this resource via the Resource In-Policy Requests tab.

http://technet.microsoft.com/en-us/library/bb124542.aspx
0
 

Author Comment

by:Linktheman2003
ID: 36599024
We ended up creating room resource calanders.  ?The only issue we stumbled across is that in Exchange 2010 (at least ours), when we try and apply a permission level of like contributer, it sets all of the right options, but sets it to custom..  All users are marked "custom" instead of their properly level which we choose predefined levels mircosoft set up.
0
 

Author Comment

by:Linktheman2003
ID: 37171490
Another issue we have run accross while it does work, it seems certain users can not be added to group they were in.  As an example I was in litigation calendar group.  I removed the calendar from my mailbox and then tried to add it back in.  It won't let me.  It gives me an error. telling me the group doesn't exist.  I still have and can modify it on my other computer but don't dare remove myself there in case I can;t get back in.  I still have permissions to edit and modify because I checked.  This issue only seems to affect older users and not newer users.
0
 

Author Comment

by:Linktheman2003
ID: 37508556
still waiting on support
0
 
LVL 2

Accepted Solution

by:
amnhtech earned 1500 total points
ID: 38034109
you need to make sure that your groups are mail enabled.  To do this you need to make sure that they are universal groups and then you can run the command enable-distributiongroup <groupname>

Once the distribution group is enabled you can run the command

add-mailboxfolderpermission <mailbox>:\calendar -user <distgroup> -accessrights "Contributor"
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question