Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 838
  • Last Modified:

powershell add permissions to an exchange department

hi all following this
http://blogs.msdn.com/b/pepeedu/archive/2010/09/08/exchange-2010-adding-mailbox-calendar-permissions-using-powershell.aspx

i just changed CustomAttribute1 to Department and it tesll me

"Invoke-Command : Cannot bind parameter 'Filter' to the target. Exception setting "Filter": ""Department" is not a recog
nized filterable property. For a complete list of filterable properties see the command help.
"(Department -eq "Work Programme")" at position 2."

anyone know how i can apply permissons to a department?
0
awilderbeast
Asked:
awilderbeast
  • 8
  • 6
  • 3
  • +2
1 Solution
 
Gerald26Commented:
http://technet.microsoft.com/en-us/library/bb738155(EXCHG.80).aspx

This topic lists the filterable properties for the -Filter parameter in Exchange Server 2007/2010
0
 
gaurav05Commented:
Hi,

did you provide the following permission to mailbox

Organization Management

Recipient Management

Help Desk
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Gerald26Commented:
oops, working link :
http://technet.microsoft.com/en-us/library/bb738155(EXCHG.80).aspx

Department attribute only works with

Get-Contact

Get-Recipient

Get-User
0
 
RadweldCommented:
Make sure your command is as follows

 
Get-mailbox -Filter {(Department -eq "Work Program")}

Open in new window


I've only corrected the first part of the command, up to the first pipe. The error looks like there are too many quotes
0
 
LesterClaytonCommented:
Please show us the line you're using.

Department is not an attribute on objects returned by Get-Mailbox, which is why you're getting the failure.

You may need to nest an Get-ADUser Command combined with a Get-Mailbox command to get it to filter users which have Departments set.
0
 
awilderbeastAuthor Commented:
ahh i see, i also tried doing it the same way i do dynamic distrbutions that failed too, heres my attempts (the first which i now know wont work as i cant filter by department


Get-mailbox -Filter {(Department -eq "Work Programme")} |  ForEach-Object {Add-MailboxFolderPermission $_":\Calendar" -User "User@domain" -AccessRights Reviewer}

Get-mailbox -RecipientFilter {(Department -eq "Work Programme")} | ForEach-Object {Add-MailboxFolderPermission $_":\Calendar" -User "User@domain" -AccessRights Reviewer}

Open in new window

0
 
RadweldCommented:
Ahh, I just realised that your trying to use the department attribute, this wont work as Department is only available to filter when using

Get-Contact
Get-Recipient
Get-User

Your going to have to amend it which is why the example in the blog was talking about using customattribute1
0
 
awilderbeastAuthor Commented:
how do i ammed to make the above work via dept?
0
 
LesterClaytonCommented:
Try this or something similar:

Import-Module ActiveDirectory
ForEach-Object (Get-AdUsers -Filter {(Department -eq "Work Programme")}) {
	Get-mailbox -Identity $_.Name | ForEach-Object {Add-MailboxFolderPermission $_":\Calendar" -User "User@domain" -AccessRights Reviewer}
}

Open in new window

0
 
LesterClaytonCommented:
Sorry I had a typo.

Get-AdUsers should be Get-AdUser
0
 
LesterClaytonCommented:
I've modified the script a bit, this seems more robust:

Import-Module ActiveDirectory
$users = Get-AdUser -Filter {(Department -eq "Work Programme")}
foreach ($user in $users) { 
	Get-mailbox -Identity $user.name | Add-MailboxFolderPermission $_":\Calendar" -User "User@domain" -AccessRights Reviewer
	}

Open in new window

0
 
awilderbeastAuthor Commented:
it wont run, keeps just giving me the double >>

for future ref what does it mean when its doing this and how can i break out of it?
i tried exit and ctrl + C

Thanks

VERBOSE: Connected to AXWELL.domain.local.
[PS] C:\Windows\system32>Import-Module ActiveDirectory
[PS] C:\Windows\system32>$users = Get-AdUser -Filter {(Department -eq "Work Programme")}
[PS] C:\Windows\system32>foreach ($user in $users) { Get-mailbox -Identity $user.name | Add-MailboxFolderPermission $_":
\Calendar" -User User@domain.local"  -AccessRights Reviewer }
>>
>>
>>
>>

Open in new window

0
 
LesterClaytonCommented:
>> means it's waiting for more input.  Just hit enter :)

You can save the text I've given you to a .ps1 file and run it from the powershell like so:

.\script.ps1

Open in new window


0
 
Gerald26Commented:
you forgot a quote

-User User@domain.local"  
0
 
awilderbeastAuthor Commented:
ahh i see,

i hit enter and it just gives more >> how many times before i can break out of the >> ?

got another error now

The input object cannot be bound to any parameters for the command either because the command does not take pipeline in
put or the input and its properties do not match any of the parameters that take pipeline input.
    + CategoryInfo          : InvalidArgument: (User Name:PSObject) [Add-MailboxFolderPermission], ParameterB
   indingException
    + FullyQualifiedErrorId : InputObjectNotBound,Add-MailboxFolderPermission
0
 
LesterClaytonCommented:
Can you please show us the whole code you're using now.
0
 
awilderbeastAuthor Commented:
excatly what you put above... (obivously user is replaced with an actual user)
Import-Module ActiveDirectory
$users = Get-AdUser -Filter {(Department -eq "Work Programme")}
foreach ($user in $users) { Get-mailbox -Identity $user.name | Add-MailboxFolderPermission $_":\Calendar" -User "user@domain.local"  -AccessRights Reviewer }

Open in new window

0
 
LesterClaytonCommented:
Let's try this:

Import-Module ActiveDirectory
$users = Get-AdUser -Filter {(Department -eq "Work Programme")}
foreach ($user in $users) { Add-MailboxFolderPermission -Identity ($user.UserPrincipalName + ":\Calendar") -User "user@domain.local"  -AccessRights Reviewer }

Open in new window


I take it you are replacing user@domain.local with something a bit more meaningful :)

0
 
LesterClaytonCommented:
I should point out that you cannot pipe to Add-MailboxFolderPermission, so Get-Mailbox is not required at all :)  I've tested my last snippet of code.
0
 
awilderbeastAuthor Commented:
Thanks a bunch :)
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 8
  • 6
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now