We are in the middle of a conversion to Exchange 2013 Standard from 2007. With the new calendar features in OWA and some other training goals for our staff, we would like them to use their calendars and their associates calendars. The majority of our staff's ONLY interaction is via OWA. I'm trying to automate sharing of the calendar with everybody in a location for them (the associates who have needed this in the past, I have done manually in Outlook for them).
In trying to automate this task, I'm attempting to use Add-MailboxFolderPermission
and it works great for one user. It does not appear to accept a group (either security or distribution) as input to the -User parameter.
[PS] C:\>Add-MailboxFolderPermission -Identity SusieS@lmplay.com:\Calendar -AccessRights ReadItems -User SalesAssociates-Store4@lmplay.com
[PS] C:\>Add-MailboxFolderPermission -Identity SusieS@lmplay.com:\Calendar -AccessRights ReadItems -User "LMPLAY\SalesAssociates-Store4"
[PS] C:\>Add-MailboxFolderPermission -Identity SusieS@lmplay.com:\Calendar -AccessRights ReadItems -User "lmplay.com\SalesAssociates-Store4"
In all cases I get output:
The user "SalesAssociates-Store4@lmplay.com" is either not valid SMTP address, or there is no matching information.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], InvalidExternalUserIdException
+ FullyQualifiedErrorId : C35EE919,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
Note, I'm still working on this in my test environment and have created both universal distribution groups and universal security groups to test with which mimic the names of my production groups. The difference is the domain is lmplay.com vs my real one.
I have tried a few different versions based on both EE searches and general internet and find some scripts to do this one time.
We regularly have people move between locations, onboard, offboard, etc fairly frequently. Sharing via group membership is key; an iterative or piped script which looks at group membership or OU membership and iterates and makes changes on every mailbox while that would work, it not ideal and not easily supportable.
Therefore, do I have a syntax issue above that I'm doing this wrong, or is the -user parameter of Add-MailboxFolderPermission cmdlet not going to support a group at all.