Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to share outlook calendar to users in specific OU

Posted on 2011-09-30
10
Medium Priority
?
1,469 Views
Last Modified: 2012-05-12
I have an Exchange server 2010 and users running Outlook 2007. And I have 2 different OU, one for administrative users and external users. All users in the administrative OU should be able to see each others calendar, while all external users need to get permission to view calendars. How can I setup this on the Exchange server?

I've been using ExFolders to give permission to everyone, could I just set this permission to be on the administrative OU?
0
Comment
Question by:Mr Woober
10 Comments
 

Expert Comment

by:phunkodelic
ID: 36891500
I don't believe you can do this though group policy.  Each user will have to do it on there own by doing the following:

1. Login into Outlook 2007
2. Change to folder view.
3. Right click on the calandar and choose "Share Calendar" and follow the prompts.
4. To give the user additionall permssions Right click on calendar again, go to properties, and then  to Permissions Tab and adjust as needed.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36891518
No you can not use OU's to set calendar permissions. You would need to script this in powershell is about the only way I can think of.
0
 
LVL 7

Expert Comment

by:ComputerBeast
ID: 36891525
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 36891580
That does not allow you to share with the OU.  The whole point I would imagine is to make the process automated and simple without the END USER being involved.

10 more mins and I'll have the script for you.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36891751
Great, thanks alot :)
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36891975
Phew!

Ok i have used the Quest commandlets on a few lines as i find them easier. But this works fine for me in my lab exchange setup

Do you have a test lab? If not create a test OU with a few users in.

Its not pretty but will do a "Poshed up" version later

You could schedule this to run one a day or however often you like so that if you move some into an OU it updates them
# EE ID: 27373731

#Load Exchange Server 2010 Management Shell if not loaded. You may delete/comment out this step if you are running the script from the Exchange Management Shell
if (-not (Get-PSSnapin | Where-Object {$_.Name -like "Microsoft.Exchange.Management.PowerShell.E2010"})){
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
}
#Load Quest Activeroles Management Shell if not loaded.
if (-not (Get-PSSnapin | Where-Object {$_.Name -like "Quest.Activeroles.admanagement"})){
Add-PSSnapin Quest.Activeroles.admanagement
}

#Variables
$SearchRoot = "OU=ME-Systemtest,OU=STAFF,OU=ERH,DC=MyDomain,DC=COM" # Set to the OU you are running on

$AccessRights = "LimitedDetails" # See http://technet.microsoft.com/en-us/library/ff522363.aspx

$Users = Get-QADUser -SearchRoot $SearchRoot #Get all users in the OU

foreach ($user in $Users )
{
	$mailbox = Get-Mailbox $user.logonname
	$calendar = (($mailbox.SamAccountName)+ ":\" + (Get-MailboxFolderStatistics -Identity $mailbox.SamAccountName -FolderScope Calendar | Select-Object -First 1).Name)
    Set-MailboxFolderPermission -User "Default" -AccessRights "None" -Identity $calendar # Deny deafult user access
	foreach ($otherUser in $Users)
	{
	    if ( $user -ne $otheruser )
		{
			$Error.Clear 
			$ErrorActionPreference = "silentlycontinue"
			Set-MailboxFolderPermission -User "$otherUser" -AccessRights $AccessRights -Identity $calendar
			if (!$?)
				{
				add-MailboxFolderPermission -User "$otherUser" -AccessRights $AccessRights -Identity $calendar
				if (!$?)
					{
					$Error
					}
				$Error.Clear 
				}
		}
	}
}

Open in new window

0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36891988
Ps
ignore all the $error bits, i'll tidy for a published version later.

HTH
0
 
LVL 37

Accepted Solution

by:
Neil Russell earned 2000 total points
ID: 36892570
Heres a better version, commented and without the Quest cammandlets.

 
#-----------------------------------------------------
#-	EE ID: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_27373731.html  
#-	How to share outlook calendar to users in specific OU
#-	Add calendar permissions on every user in the OU to every other user in the OU
#-	Deny default user
#-	(C) Neil Russell - feel free to use
#-----------------------------------------------------

#Load Exchange Server 2010 Management Shell if not loaded. You may delete/comment out this step if you are running the script from the Exchange Management Shell
if (-not (Get-PSSnapin | Where-Object {$_.Name -like "Microsoft.Exchange.Management.PowerShell.E2010"})){
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
}

#Variables
$SearchRoot = "OU=ME-Systemtest,OU=STAFF,OU=ERH,DC=xshis,DC=nhs,DC=uk" # Set to the OU you are running on
$AccessRights = "LimitedDetails" # See http://technet.microsoft.com/en-us/library/ff522363.aspx 

#-----------------------------------------------------
# Read all mail enabled users from the $SearchRoot OU
#-----------------------------------------------------
$Users = Get-Mailbox -OrganizationalUnit $SearchRoot


foreach ($mailbox in $Users )
{
#-	Get the Calendar for this Mailbox
	$calendar = (($mailbox.SamAccountName)+ ":\" + (Get-MailboxFolderStatistics -Identity $mailbox.SamAccountName -FolderScope Calendar | Select-Object -First 1).Name)

#-	Set the Default user to have NONE permission on the Calendar
	Set-MailboxFolderPermission -User "Default" -AccessRights "None" -Identity $calendar

#-	Iterate through all the mailboxes
	foreach ($otherUser in $Users)
	{

#-	Dont do anything to users OWN mailbox
		if ( ($mailbox).SamAccountName -ne ($otheruser).SamAccountName  )
		{
		Write-Host $calendar " -- Permissions for :"  ($otheruser).SamAccountName
			$Error.Clear 
			$ErrorActionPreference = "silentlycontinue"

#-	See if we can set rights on an already existing relationship for the calendar
			Set-MailboxFolderPermission -User "$otherUser" -AccessRights $AccessRights -Identity $calendar

#-	If an error occured due to no rights already existing then ADD those rights
			if (!$?)
				{
#-	Add a new rights relationship on the calendar for $OtherUser
				$Error.Clear 
				add-MailboxFolderPermission -User "$otherUser" -AccessRights $AccessRights -Identity $calendar
				if (!$?)
					{
#-	Something went wrong, need to add handler for this
					Write-Host "Couldnt set or add calendar permissions for user $otheruser on $Calendar"
					$Error.Clear 
					
					}
				}
		}
	}
}

Open in new window


Let me know how you get on?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36902359
Thanks alot, great work! I will test this today :)
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 36902400
What a great script, thanks alot! Great work mate :)
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month11 days, 18 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question