Solved

PowerShell/Exchange - Access to Shared mailbox but without allowing mail deletion

Posted on 2013-05-20
2
641 Views
Last Modified: 2013-05-20
Dear Experts,

Could you please advise is there some method to set for a user who has access to Shared mailbox, that would be able to read mails only without deletion?

In PowerShell the syntax for giving access to a shared mailbox is the follow one, but this does not contain some read only kind of possibility:
Add-MailboxPermission "TestMailbox" -User IT\R.Smith -AccessRights fullaccess -InheritanceType all

I am aware of another syntax too:
Add-MailboxPermission -Identity "TestMailbox" -User IT\R.Smith -AccessRights ReadPermission
but this is some other permission related as tested and sure still allows the mail deletion, inspite of sounding to some read kind of permission

thanks,
0
Comment
Question by:csehz
2 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39180853
The only reliable way I know of is to do it in the mailbox itself.
Therefore you will take away the Full Mailbox Access, then add permissions to the top of the tree and the sub folders. If you grant the permission to a group, then it will be easy to add and remove permissions in the future.

http://exchange.sembee.info/outlook/sharing-non-default-folders.asp

If you need to grant permissions to a tree, then use exfolders to help propagate the permissions down the tree.

You can also add the permissions with EMS using add-mailboxfolderpermissions, but that still will not do the full tree.

Simon.
0
 
LVL 1

Author Closing Comment

by:csehz
ID: 39180982
Thanks it has been tested now, it works exactly as you wrote
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question